Immunet Blog

You are exploring the Wild West – at every turn there are grisly town hangings, gunfire ambushes, and reckless gambling sprees. All of this is just part of a day’s work. What actually stops you in your tracks is, when you’re suddenly warned that you have a dangerous virus – a computer virus, that is.

Hackers recently exploited the popular Wild West-themed computer game Red Dead Redemption with scareware. While scareware seems strangely appropriately for a game that thrives on danger, this malware was not part of the amusement. In fact, this is the latest in a string of video games to become prey for malicious software.  

While games being infected with malware is nothing new, the problem is gamers are sometimes reluctant to install antivirus software on their PCs for fear of slowing down their machines and hampering their gaming experience. But as gaming grows from a niche activity to an all-out national pastime, gaming malware could proliferate rapidly unless we step up and protect ourselves. Already we’ve seen popular social games, like Zynga, have become targets of malware and phishing scams.

And here’s the good news. Being protected doesn’t mean turning your computer into a brick anymore. That’s the outmoded desktop-approach to antivirus. Immunet Protect’s cloud-based protection installs less than 10 megs on your PC --- the lightest in the industry. All detection will happen virtually in the cloud, not on your desktop -- so your gaming experience won’t be weighed down. For those who are already protected, Immunet will give you an added layer of essential protection , still without slowing down your PC.

As we’ve mentioned here before, we’re launching a stellar new product next week that takes cloud AV protection to the next level. Stay tuned for more details. And in the meantime, be a friend to Immunet, and promote our new website (also coming next week) with a free Immunet Badge.



This week, Facebook users were struck with a clickjacking worm that deceives users into “liking” sites to spread the virus. Clickjacking, similar to phishing, either tricks users into giving away sensitive information or works by hackers taking control of a computer when a user clicks on what seems like a harmless site. Here’s how the Facebook clickjacking worked, as reported in InformationWeek:

Clickjacking -- also known as likejacking -- works by spamming Facebook users with such content as "LOL this girl gets owned after a police officer reads her status message” and “the prom dress that got this girl suspended from school."

Click on the link, and a user will go to a seemingly blank page that says “click here to continue.” But thanks to “an invisible iFrame,” said [Graham Cluley, senior technology consultant at Sophos, on the company’s blog], clicking anywhere on the page actually republishes the attack content and link on the Facebook user’s status page, “in a similar fashion to the ‘Fbhole’ worm we saw earlier this month.” Fbhole likewise spread via Facebook status messages.

Other recent examples of this type of attack include, the “Distracting Beach Babes.”   If you’re struck, the key is to remove all the "likes and interests" from your profile. Then, delete the page from your newsfeed, most likely to be found in the ‘Recent Activity’ section of the profile but you may have scroll down for a bit. Then, get yourself protected to keep it from happening again. Your best bet is a product, like Immunet Protect, that is designed specifically to target malware on social networks, in particular Facebook. And if you haven’t yet been hit, download AV protection now as a preventative measure.

There’s really no reason not to take this simple step. It’s free to download Immunet Protect, it’s lightweight and won’t slow down your computer, and it provides essential security for your PC.

The US-CERT warned yesterday of potential PC threats via fraudulent search engine results returning malicious links to phishing and malware websites. It’s hard not to follow this unfortunate event as the drama continues to unfold, so make sure your antivirus is up to date as you follow news links and browse content through social network sites.

If you and your community are using ours (Immunet Protect), you’re covered, since we’re cloud-based there isn’t a delay in pushing updated definitions to your PC (it’s always up-to-date).

Beyond a good antivirus program, US-CERT is encouraging people to take the following steps to protect themselves:

• Do not follow unsolicited web links or attachments in email messages.
• Review the Federal Trade Commission's Charity Checklist.
• Verify the legitimacy of the email by contacting the organization directly through a trusted contact number. Trusted contact information can be found on the Better Business Bureau National Charity Report Index.
• Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
• Refer to the Avoiding Social Engineering and Phishing Attacks document for more information on social engineering attacks.

SANS, Security Bloggers Network and the other usual suspects are doing a good job of spreading the word, so hopefully this doesn’t turn into a large outbreak.