Provided by CommunityDNS, the information in this post consists of news items in the security-based Internet community.

Identity Theft Malware Surges 600%

Researchers have noted that the first half of 2009 has seen a 600% increase in malware over the same January – June period of 2008. Trojans designed to steal bank details, credit and debit card number as well as online account login names and passwords account for 71% of the total number.

The economic downturn, the thriving black market for credit and debit card numbers and the new frontier of using social networking sites, such as Twitter and Facebook, are reasons cited for the massive increase in identity theft-based malware.

Click here for more information.

Rare Malware A Hint Of Threats To Come

While Conficker may get the press based upon the shear size of the BotNet and its mysterious reason for being, researchers are seeing a new form of malware appear; malware that is both more sophisticated as well as stealthier so as to escape easy detection. The newer forms of malware are also highly focused. The emerging forms of malware seek specific information. Examples include:

• Malware pre-coded to steal specific information from an organization. After finding and forwarding the information it was tasked to find the malware would disappear.

• Malware designed to crawl for and steal intellectual property of various file types.

• Malware detecting if its running in a “sandbox” or “virtual environment”. If so the malware runs a different process which is designed to throw-off security researchers.

• Command and Control systems can detect when a computer is not one of its Bots. If a non-bot-controlled computer (such as one from a security researcher) attempts to reach a command and control system, the network will DDoS the enterprise from which the researcher’s computer is located.

• As with the case of Conficker, the malware would actually blacklist the investigators

Even with all of the attention Conficker has received, over 5 million computers are still infected with the virus. Along with the fact that Conficker uses some of the above mentioned tactics and has never kept an initial seed list is the reason why researchers have never been able to find and shut them down.

Click here for more information.

Twitter profile image spam touts smut

Spammers are taking a new approach as they, with criminal intent, seek the innocent on Twitter. Hackers are signing up hundreds of profiles with two things.

• An image of the profile in various stages of undress.

• A message imbedded in the picture asking to connect via MSN.

The embedded message makes it hard for the Twitter organization to find the criminal-based profiles.

Click here for more information.

Rogue Facebook apps steal log-in data, send spam

Researchers have discovered six separate Facebook applications used to trick people into providing their credentials so the cybercriminals have access to the infected user’s friend list, upon which to send spam messages containing malicious links. The six apps appear to be run by the same gang with hopes of spreading the scam that much quicker.

The six applications are known as “Stream”, “Posts”, “Birthday Invitations”, “Your Photos”, “Inbox(1)” and “Inbox(2)”. Originally tying to a URL the links now tie to an IP address.

Click here for more information.

Report: Singapore considers “three strikes” anti-piracy law

Using a version of the law proposed in several countries and implemented in South Korea, Singapore is now examining adding a “Three Strikes” policy to their laws. One of the main concerns deals with if a person is removed from the Internet by disconnecting their connection to a specific carrier, what is to prevent that person from going to another carrier or accessing the Net via other means, such as using a family member’s connection?

Click here for more information.