FixMeStick: USB device for removing malware

FixMeStick has launched the first ever, consumer-ready USB device for removing viruses from infected PCs.



The principles of the FixMeStick are not new to security IT professionals: multiple anti-virus engines increase the number of detectable viruses, and clean external scanning devices prevent viruses from hiding or from interfering with their removal. But, for the first time, FixMeStick has built these principles into a ready-to-go USB device.

"This is about enabling everyone to rid their machines of malware," says co-founder Marty Algire. "And it will help people continue to enjoy their computers and the Internet."

The FixMeStick costs $49.99 for an unlimited number of uses on three PCs per year. Renewals can be purchased for $24.99 annually.

The FixMeStick is powered by three of the biggest names in anti-virus software: Kaspersky Lab, Sophos, and GFI.

"This collaboration will allow organizations and their users to significantly minimize the impact of a malware infection," stresses Michael Rogers, Vice President, Global Alliances & OEM at Sophos.

IE 9.0.6 Now Available, Fixes Security Flaws

I remember just a few years ago when Internet Explorer was the laughing stock of the browser community. It lacked the functionality that other browsers had while lacking even basic security functions. It's what led to the impression that IE was a virus haven, but Microsoft has made great strides in making IE a more attractive and secure browser. The new update today only reaffirms that.

Microsoft today announced the release of Internet Explorer 9.0.6. It fixes "five privately reported vulnerabilities in Internet Explorer." The worst vulnerability would allow "remote code execution" if a user visited an infected Web site. This would allow somebody to gain control of the PC in question with the same user rights as the local user.

These are the kind of vulnerabilities that can lead to the creation of a botnet. People visit a Web site and get their computer hijacked by a foreign party. Their computer then becomes part of the botnet collective which usually goes unnoticed by the user if the creator of the botnet is good at their job.

Microsoft says that this updated is rated critical for IE6, IE7, IE8 and IE9 on Windows clients. It's rated moderate for the same versions of IE on Windows servers. You can check out the full security bulletin for all the information including which operating systems are affected.

If you have automatic updating turned on, the update should have already been applied. If you're like me and have automatic updates turned off, you can apply it the usual way through Windows Update. While I don't use Internet Explorer and many Windows users reading this now probably don't either, it's still suggested that you install the update. There's always that small chance of a friend using your computer and browsing with Internet Explorer. It's better to be safe than sorry.

Trojan posing as Flash Player for Android

Russian Android users are constantly targeted with Trojans posing as legitimate apps. Last month it was fake Instagram and Angry Birds Space apps, this time the lure is a bogus Flash Player for Android:



"When users opt to download and install the said fake app, the site connects to another URL to download a malicious .APK file," Trend Micro researchers warn.

The file in question is a premium service Trojan that saddles users with unwanted charges.

Both the website offering the fake app and the one from which the Trojan is downloaded are hosted on the same IP address - a Russian domain.

"Based on the naming alone used in these URLs, it appears that Android is a favorite target for cybercriminals behind this scheme," conclude the researchers.

55,000 Twitter Accounts Hacked, Passwords Exposed

Hackers appear to have successfully exposed the passwords of as many as 55,000 Twitter accounts yesterday, sparking the website to conduct an investigation into just how the security breach occurred.


The hack was first reported on the blog Airdemon.net where it was said that "anonymous hackers" - note that it's not the proper Anonymous, as in the hackivist collective, but it's not clear whether that punctuation difference was intentional or not - gained access to the the accounts, some of which are said to belong to celebrities. The account information was so enormous that it took five pages on Pastebin to share all of the information.

According to CNET, Twitter is looking into the breach and have notified the affected accounts with notices to reset their password.

Yesterday evening, Twitter, via the @twittercomms account, said that many of the accounts affected were duplicates or spam-ish.

@twittercomms Twitter CommsThe list of alleged accounts & passwords consists of more than 20,000 duplicates. Also suspended spam accounts & incorrect login credentials
12 hours ago via Twitter for Mac ·  Reply ·  Retweet ·  Favorite · powered by @socialditto

After crunching the numbers and identifying the duplicate accounts shared on Pastebin, Anders Nilsson at Säkerhetsbloggen determined that the total amount of actual accounts is 34,062 and, of those, only 25,068 appear to be legit. He also postulates that a majority of the accounts appear to be associated with email accounts from Brazil, which would make sense since when I looked at the list of account info on Pastebin my browser offered to translate the webpage into Portuguese. More interesting, Nilsson also points out that the list of yesterday's hacked accounts appear to be accounts that were hacked last summer.

So maybe Twitter's right to downplay this security breach and it's not really as threatening or legitimate as it first appeared to be. Do you think Twitter's responded appropriately, or should it be taking the matter a little more seriously? Think this situation is more hoax than actual hack?

Update [14 May 2012]: Even though the sentiment is pretty much summarized above, here is the official Twitter statement a spokesperson provided to WPN:

We are currently looking into the situation. In the meantime, we have pushed out password resets to accounts that may have been affected. For those who are concerned that their account may have been compromised, we suggest resetting your passwords and more in our Help Center.

It's worth noting that, so far, we've discovered that the list of alleged accounts and passwords found on Pastebin consists of more than 20,000 duplicates, many spam accounts that have already been suspended and many login credentials that do not appear to be linked (that is, the password and username are not actually associated with each other).