Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

Torrentreactor breach serves potent exploit cocktail

Long regarded as one of the top bit torrent search engines, the site has been breached and is now delivering a rootkit-based piece of malware to visitors. Hackers have added an iframe to the site which scans visitors’ computers looking for vulnerabilities in Adobe’s Reader and Shockwave programs as well as Microsoft’s Internet Explorer and Office Snapshot Viewer. At this point, out of 32 anti-virus engines, only two have been able to identify the threat. The malicious file appears to want to communicate with a system based within the Russian Business Network.

Click here for more information.

Google: Spammers Regroup After ISP Takedowns

A 30% drop in spam was noticed by Google after the FTC shut down the ISP known as 3FN, APS Telecom and Pricewert, a known organization providing safe harbor to hackers, spammers, malicious software developers and child pornographers. In just one month spam volumes have risen to the point where the level of spam is 6% higher than this time last year.

According to Google, who filters around 3 billion to 3.5 billion spam messages per day for its 50,000 customers, they noticed on June 18th that spammers sent more messages in a 2 hour window than is usually seen in 12 hours, illustrating the firepower of BotNets.

Click here for more information.

Zeus Trojan Variant Steals FTP Login Details

A new variant of the Zeus Trojan is spreading quickly. In two days alone the number of infected computers grew from 66,000 to 74,000. Infected PCs programmatically modify hi-volume websites, which in turn infect computers of unsuspecting visitors.

Click here for more information.

Rise in Cyber Crime, Cyber Terrorism and Cyber Espionage Tied Heavily to Data-Stealing Malware

Trojans appear are the fastest growing form of malware used to steal data from unsuspecting users. In 2007 52% of data-stealing malware came from Trojans. 87% was the number for 2008 and in Q1 of 2009, that number has reached 93%. Data stolen through such malware only serves to fuel the needs of financially motivated cyber criminals.

In 2008 31,173 sites were used to infect PCs. This number is up 827% from the previous January.

Click here for more information.

Mobile operators question net snoop plan

In the UK’s effort to capture all information that traverses the Internet, a program that would fund organizations to capture information running across their own networks instead of the government maintaining a single master database of the information, the government is learning of the possible constraints to their plan.

Today mobile networks are not architected to capture the information requested by intelligence and law enforcement agencies. For example, T-Mobile’s network can serve over 1,000 users through a single IP address.

To meet program’s data gathering and retention requirements would mean major technical upgrades to the respective networks. Citing the fact that T-Mobile does not have a legitimate business reason to capture this information, they simply don’t capture the information.

Click here for more information.

Conficker left Manchester unable to issue traffic tickets

In an example of Conficker’s destruction, last February the city of Manchester’s systems were disrupted by the virus. The interruption kept 1,609 traffic tickets from being issued. The resulting loss of revenue to the city from the infractions was £43,000. While people may feel fine with people escaping traffic fines, here is a classic example of how cost may mount due to a virus.

• £43,000 in lost ticket revenue

• £600,000 in clean up costs and consulting fees

• £600,000 for Wyse thin client terminals as part of enhanced backup strategy

• £169,000 for extra staff needed to handle the backlog of benefit claims.

All totaled, the virus impacted the city of Manchester by £1.5 million.

Click here for more information.

Rolling Stone allegedly DDoSed for negative story

After being cast in an unfavorable light by Rolling Stone magazine, Bruce Raisley carried out a DDoS attack on the magazine in July of 2007. What is of interest in this story is how the Bots were instructed. Raisley created the BotNet by infecting computers with malware. The malware then proceeded to overwhelm Rolling Stone’s site. If forbidden from communicating with two servers for instructions the Bots would proceed to initiate a DoS on a static list of sites.

The Bot details were discovered because one of the computers infected belong to the Academic and Research Network of Slovenia, which helps run the Slovenian Computer Emergency Response Team, or CERT.

Click here for more information.