Binarycse Blog

A mass SQL injection attack that initially compromised 28,000 Websites has spiraled out of control. At the last count, more than a million sites have been compromised, with no end in sight.

Security firm Websense has been tracking the “LizaMoon” attack since it started March 29. The company’s malware researchers dubbed the attack LizaMoon after the first domain that victims were redirected to. At the redirected site, users saw a warning dialog that they had been infected with malware and a link to download a fake antivirus.

The users are shown a number of threats supposedly on their computer, but the fake AV, Windows Stability Center, won’t remove them until the user pays up, in a “very traditional rogue AV scam,” wrote Patrik Runald, the Websense researcher who has been following the attack over the past few days.

The list of redirect URLs has ballooned in the days since, as Websense updated its list March 31 with 20 additional sites, making this one of the biggest mass-injection attacks ever.

More than 500,000 URLs have been injected with LizaMoon, according to Runald. If all the domains used in the attack are considered, eWEEK found about 2.9 million results on Google Search that have been compromised.

“Google Search results aren’t always great indicators of how prevalent or widespread an attack is as it counts each unique URL, not domain or site,” Runald said. It is safe to consider hundreds of thousands of domains have been hit, he said.

Websense researchers are still trying to figure out how the SQL injection attack is happening. Somehow, legitimate Websites have been compromised in a way that one line of code has been embedded on the site. That code is a simple redirect, and executes when the user loads the page. The bulk of the action happens on the redirected page, where a script containing Javascript code kicks off the fake AV scam.

Commenters asked Websense why researchers were so convinced it was a SQL injection on multiple Websites and not a mass cross-site-scripting attack. The researchers said they’d been contacted by people who have seen the code in their Microsoft SQL Server 2003 and 2005 databases. The vulnerabilities weren’t within the database software, but “most likely in the Web systems used by these sites, such as outdated CMS and blog systems,” Runald said.

Considering the large number of sites infected, users all around the world are affected, with victims in the United Kingdom, Kuwait, India, Australia, Turkey, Brazil, Israel, Mexico, Taiwan and Chile, among others, according to figures from Websense Threatseeker Network. The bulk of the victims, at 47 percent, appear to be from the United States.

The domains used in this attack, including the redirect URLs and the server where the malware is hosted, are all associated with one of four IP addresses, according to Dancho Danchev, an independent security expert. While the 20 or so domains being used as the redirect URL rotate between two IP addresses, Danchev has identified more than 120 India-based or Cocos Island-based domains all pointing to one malware host server, and 50 India-based domains going to another.

The domains have all been registered using automatically registered accounts at Gmail, Danchev said. The first domain on the list was registered as far back as October 2010, and new domains have been added since LizaMoon exploded, according to Runald.

First, the good news: Users are hit with the Windows Stability Center scam only once, so visiting the site repeatedly doesn’t repeat the attack.

The bad news: Not many antivirus programs seem to be able to detect the Windows Stability Center. VirusTotal is a service that checks malware samples against 43 major antivirus products to see which products can detect it. As of April 1, only 17 out of the 43 tested block Windows Stability Scanner. At least, security companies are moving on this threat: It was only 13 out of 43 March 31.

A relentless torrent of news has poured from Google over the last week. On Monday the firm announced a phone, made in partnership with Samsung, that it hopes will rival Apple’s iPhone; next it announced the release of its own operating system, which it hopes will in due course come to rival Windows, the software that forms the basis of most computers on the planet. Today it is back in its heartland of search, revealing the most and least looked for words and phrases online, from people to aspirations.
What is telling however is not Google’s ability to capture a year in review. Of course people were searching “I love football” and “I hate football” in a World Cup year, and of course David Cameron was another top term after the Conservatives formed a Government. But what’s much more interesting is how these results show that Google is now a part of the furniture. People type in “I feel lonely” or “I love dance”.
More and more people are entering those Google searches into Google’s own browser, Chrome, too. This week the company announced that 120 million people are using the stripped down browser that has set a trend that others such as Microsoft’s Internet Explorer have also followed. This time last year, just 40 million people were using Chrome, so the growth is extraordinary. Just as Google took over from incumbents such as Yahoo with web search, it could yet discover a similar trajectory for the browser, because switching is comparatively easy.
Far more challenging than that, however, is Google’s new ambition: Chrome OS is an operating system, which means it would form the basis of everything your computer does. Unsurprisingly for Google, it’s aimed at people who work mostly online. Speed, including booting up in seconds, security and simplicity are the key features.
Indeed, it’s because of the growth of the internet, itself catalysed by Google, that Chrome has come about. More and more applications are now web-based: so email, word processing, music and presentations all happen online. Google’s new phone, for instance, includes a feature called “listen to”. So say “Listen to Kylie Minogue” and it will go to the web, find what tracks you can access and start playing them. This is very different from previous models where users who wanted to listen to music needed to download specific songs, install programmes to play it and organise their libraries. Now, on the phone or in a browser very “thin” software is required, because the web does all the work. It’s a long way from just a few years ago when, say, installing Microsoft Office meant using countless floppy disks.
Brian Rakowski, Google’s director of product development, says, “We launched Chrome because many of us were spending all day in the browser and the browsers weren’t quite up to the task. We wanted them to be simpler, speedier and more secure. Now we’re seeing that a lot of people who are just living in the browser don’t need all the other features in an operating system.”

Chrome OS is essentially a free software,” says Sundar Pichai, vice-president for product management at Google, and one of the two leaders of a team that developed the new software.

An operating system makes up for roughly a fifth, and in many cases a fourth, of a PC’s cost. For this reason, experts expect a fall in computer prices in 2011 because the Google OS is free. For example, a Rs 22,000 PC shipped from an original equipment maker costs as much because it comes with an operating system priced at nearly Rs 4,000. Likewise, a Microsoft Windows 7 Home Basic version costing Rs 5,690 and the Windows 7 Ultimate at Rs 11,190 add to PC prices.

“Google Chrome is bound to bring down PC costs, given that it will be open source and will not have associated licensing fees,” says Pankaj Arora, Managing Director of Protiviti Consulting.
The price factor apart, users of the Chrome OS computers can also look forward to other benefits. For starters, they do not have to install software. Rather, the PCs rely on applications delivered over the internet, making it easy for users to access files and applications from any machine.

Chrome ideal for people on the move

Chrome PCs also start up quickly, taking users to a browser within 10 seconds after booting. “The Chrome is ideal for an increasing number of people who need to access or record information in their daily work, but are seldom at a desk with a PC and ethernet connection,” says tech consultancy Ovum. Though aimed at netbooks, the lightweight Chrome can support desktops and laptops as well because it runs on both X86 (Intel Pentium, Atom family) as well as the ARM chip systems. Besides Google features such as Docs for spreadsheets, presentations and word processors as well as Reader for PDF documents, users can hook up with common accessories such as calculator and tabs for Facebook, YouTube and built-in security features via a browser.

Computer hackers have sent two of the world’s biggest credit card companies into meltdown in revenge for cutting off payments to the WikiLeaks website.
The attack was launched by a shadowy international group called ‘Anonymous’ which said MasterCard and Visa had been targeted for freezing the account of the whistleblowing site.The devastating blow to the credit card giants came on one of the busiest online shopping days of the year.Hackers also targeted online payment system PayPal, Amazon and a Swiss bank over the WikiLeaks row.Yesterday, a six-hour stoppage on the Mastercard secure code system is thought to have affected hundreds of thousands of shoppers worldwide and highlights how vulnerable the world’s computer systems are to attack.
Last night Visa website was also taken down for a period after it came under attack.It is thought just a few dozen ‘hacktivists’ launched the electronic onslaught, which was taken up by other supporters.The ‘distributed denial of service’ (DDoS) attack involved around 2,000 computers bombarding the website’s host computers with requests for information, causing them to crash.
WikiLeaks has been publishing classified U.S. diplomatic cables, to the fury of Washington authorities.
They have lobbied to cut off all support for the website which they are desperate to shut down.
Yesterday a spokesman for Anonymous, calling himself ‘Coldblood’, a 22-year-old computer programmer based in London, said: ‘Websites that are bowing down to government pressure have become targets.
‘As an organisation we have always taken a strong stance on censorship and freedom of expression on the internet and come out against those who seek to destroy it by any means.
‘We feel that WikiLeaks has become more than just about leaking of documents, it has become a war ground, the people versus the government.
‘The idea is not to wipe them off but to give the companies a wake-up call.’While a group of “hacktivists” targeted MasterCard and Visa – part of “Operation Payback,” they called it – anonymous assailants have also in recent days attacked PayPal, which severed relations with WikiLeaks citing violations of its terms of service.

Web sites for Swedish prosecutors and a Swedish lawyer have also been hit, as has the banking arm of the Swiss postal service, which said it had frozen Assange’s account, and even the Web site of former Alaska governor Sarah Palin.

WikiLeaks’ seeming invulnerability is seen by experts as a demonstration of the power of new Web-based media to take on not only governments but also the traditional news media.

News Corp. exec hinted during an earnings call that a drastic cost-cutting action of sorts may occur.A large round (or two) of layoffs is one possibility. A sale or even shutdown of MySpace doesn’t seem to be out of the question, either. News Corp. COO Chase Carey made the situation sound quite serious.

As reported by the AFP, News Corp. COO Chase Carey told investors late yesterday, “We’ve been clear that Myspace has been a problem.”
Then Carey continued, “The current losses are not acceptable or sustainable. Our current management did not create these losses but they know we have to address them.”

Finally, in terms of setting a timeframe for whatever move News Corp. will make, the COO hinted, “I think it is something we look to judge in quarters, not in years.”

It’s hard to imagine MySpace could just go dark; to people of a certain age, it feels like the site’s been around forever, and it still has lots more users than many other networks. At the same time, MySpace has clearly lost the numbers game to Facebook, and the site’s reputation/image has had better day

Microsoft has developed a tool called the T-Drive which it claims can provide better navigation than Google Maps or Mapquest. For making this tool Microsoft took help from Taxi Drivers who not only know the routes but also know how to get there faster.

Microsoft Research Asia (MRA) designed the T-Drive for which they analyzed the data collected by the GPS unit attached in 33,000 cabs in Beijing. From the GPS data Microsoft were able to identify the routes taken by the cab drivers to avoid traffic signals and jams.

According to Yu Zheng, lead researcher, MRA most of the mapping tools available today make use of the length of the road and the speed, based on which the software determines the time it will take to arrive at the destination. But T-Drive is completely different it can identify faster routers and even shortcuts.

Test results have shown that T-Drive are 20% faster and can save 5 minutes of your time for every 30 minutes you travel.

However the T-Drive navigation is available only for Beijing and so far does not include real time data. This would mean that if there is an accident on a particular route the system will not know about it.

According to MRA they will soon incorporate the real time data which will make the system more efficient. With a lot of cabs running around, they automatically become the best source for real time data.

Motorola Inc.’s (MOT) Motorola Mobility Inc. subsidiary said it sued Microsoft Corp. (MSFT) on Wednesday for patent infringement, just one day after Microsoft filed its second suit against Motorola in as many months.

The mobile phone handset maker said Motorola Mobility filed suits with the U.S. District Courts for the Southern District of Florida and the Western District of Wisconsin, alleging infringement of 16 patents by a variety of Microsoft products, including the Redmond, Wash.-based company’s PC and server software, its Windows mobile software and its Xbox game-console products.

The Schaumburg, Ill.-based firm is “bringing this action against Microsoft in order to halt its infringement of key Motorola patents,” said Kirk Dailey, an intellectual property executive at Motorola Mobility. “Motorola has invested billions of dollars in R&D to create a deep and broad intellectual property portfolio and we will continue to do what is necessary to protect our proprietary technology.”

Horacio Gutierrez, Microsoft’s deputy general counsel of intellectual property and licensing, said Microsoft is still reviewing Motorola’s filing. But, he added, “We remain confident in our position and will continue to move forward with the complaints we initiated against Motorola in the U.S. District Court for the Western District of Washington and with the International Trade Commission (ITC).”

On Tuesday, Microsoft sued Motorola in U.S. District Court for the Western District of Washington, claiming that Motorola has sought unreasonable and discriminatory royalties for its technology. The software behemoth alleged that Motorola breached commitments made to standards organizations for “reasonable and non-discriminatory terms and conditions” in patent licenses for various wireless and video-coding technologies, such as Microsoft uses in Xbox.

In response, Motorola said it had worked with Microsoft to reach a licensing agreement for its technology, but “unfortunately, despite a fair offer from Motorola, Microsoft was unwilling to enter into a licensing agreement.”

The suit followed another in October, when Microsoft claimed that Motorola infringed on nine Microsoft patents in handsets powered by Google Inc.’s (GOOG) Android software.

The suits come amid a rash of intellectual-property legal battles involving many high-tech giants. In July, for example, NTP Inc. filed patent-infringement suits against Apple Inc. (AAPL), Google, Microsoft, Motorola, HTC Corp. (HTCXF, 2498.TW) and LG Electronics Inc. (066570.SE) over the wireless delivery of email to mobile phones.

Then in August, Oracle Corp. (ORCL) sued Google over its use of Java software in its Android software. And in October, Apple sued Motorola, alleging the company’s smartphone lineup infringes on the iPhone maker’s intellectual property. This followed an earlier suit Apple waged against HTC, which like Motorola, makes Android phones.

Microsoft shares fell 1% in after-hours trading to $26.66, while Motorola shares rose 0.4% after hours to $8.23.

Google Inc. is launching a salvo against Facebook Inc., saying it will no longer allow the social network to grab information about Google users’ social and professional contacts in Gmail, Google’s email service.

Google has always allowed Google users to transfer data, including their contacts, to other websites. Until now, new Facebook users could find out whether their contacts on Gmail also had Facebook accounts, simply by typing in their Gmail user name and password as part of the Facebook signup process.That Google policy has helped Facebook grow because it helped new users instantly create a network of friends on the site. Unlike Google, Facebook doesn’t allow its users to export their contacts data to other websites.

With Google becoming more and more interested in social networking and internally developing a competitor to Facebook, people familiar with the matter have said, it has called on Facebook to provide more access to user information.

Google Chief Executive Eric Schmidt recently said Google hoped to get access to Facebook users’ contact lists so that people can expand their social network on Google, though he added there were alternatives if Facebook didn’t comply.

Facebook hasn’t, leading Google to change its position this week. Google no longer allows Facebook to help users automatically export their Google contacts data as long Facebook continues to block Google from gaining the same access to Facebook contacts data with users’ permission.

A Google spokesman said in a statement that its policy change reflects “the fact that users often aren’t aware that once they have imported their contacts into sites like Facebook they are effectively trapped.

“We hope that reciprocity will be an important step towards creating a world of true data liberation—and that this move will encourage other websites to allow users to automate the export of their contacts as well,” the spokesman continued.

Google users can always export their contacts from Gmail and other Google services to their computers in a machine-readable format, the spokesman said. Once they have done that, they can then import those contacts to Facebook.

Google’s move, reported earlier by TechCrunch, can be seen as largely symbolic. It comes six years after Facebook’s launch and the social networking site now has more than 500 million users, many of whom previously exported their Gmail contacts lists to Facebook.

John Hopkins University researchers said the find could lead to drugs for post-traumatic stress disorder. “When a traumatic event

occurs, it creates a fearful memory that can last a lifetime and have a debilitating effect on a person’s life,” the Daily Mail quoted Dr Richard L Huganir as saying.
“Our finding describing these molecular and cellular mechanisms involved in that process raises the possibility of manipulating those mechanisms with drugs to enhance behavioural therapy for such conditions as post-traumatic stress disorder,” he added.

Huganir and Roger Clem focused on the nerve circuits in the amygdala, the part of the brain known to underly so-called fear conditioning in people and animals. They observed that certain cells in the amygdala conducted more current after the mouse was exposed to a loud, sudden tone.

They found temporary increases in the amount of particular proteins within a few hours of fear conditioning; these proteins are uniquely unstable and can be removed from nerve cells.

“The idea was to remove these proteins and weaken the connections in the brain created by the trauma, thereby erasing the memory itself,” Huganir said.

Huganir suggested that drugs designed to control and enhance the removal of calcium-permeable AMPARs might be used to improve memory erasure.

“This may sound like science fiction, the ability to selectively erase memories. But this may one day be applicable for the treatment of debilitating fearful memories in people, such as post-traumatic stress syndrome associated with war, rape or other traumatic events.”

Information based on a graphic created by David McCandless, a British journalist and graphic designer who specializes in streamlining data into visual packages, shows a distinct break up cycle throughout the year. With the help of colleague Lee Byron, McCandless combed through the words of 10,000 different Facebook status updates for the phrases “break up” and “broken up” to determine a pattern.
With the holiday season approaching, if your relationship is on the rocks, you might want to look out. Whether it’s because of an aversion to coughing up the cash come Dec. 25, or due to a desire to party in Cancun on spring break, McCandless found that the two biggest spikes in break ups happen in the two weeks leading up to Christmas and in early March, right around spring break. However, he found that Christmas Day was the day your lover is least likely to give you the boot. There was also a surge in failed relationships right after Valentine’s Day. Over the summer, the number of break ups stabilize, with the safest time for relationships falling between the end of July to October, according to the data.
Additionally, McCandless’ data shows that a lot of lovers might have a case of the Mondays. He said there’s a “mini-peak” on that day each week.
The information was first presented by McCandless at a TED conference in Oxford, England this summer.

DO NOT open any email with an attachment called:
BLACK MUSLIM IN THE WHITE HOUSE, regardless of who sent it to you. It
is a virus that opens an Olympics torch that burns the whole hard disk
C of your computer. This virus comes from a known person who you have
in your list.

Request: Please forward this message to everyone you know. Avoid
opening any email with attachments, may it be from known contact. If
you receive a message called BLACK MUSLIM IN THE WHITE HOUSE even if
sent by a friend, do not open, and shut down your machine immediately.
CNN has announced that it is a deadliest virus. This new virus has
been discovered recently it has been classified by Microsoft as the
virus most destructive ever.

This virus was discovered yesterday afternoon by McAfee. There is no
repair yet for this kind of virus. This virus simply destroys the
Zero Sector of the hard disk.