Eye on Security: Microsoft Windows Emergency Patch, Botnets Grab Data, Malware Scam Analysis

Dr. Roy Schestowitz

2010-08-06 12:12:28 UTC
Modified: 2010-08-06 12:12:28 UTC

Summary: An update on problems Windows users may be experiencing

● Microsoft rushes out emergency fix for critical Windows bug (more about this emergency)

Microsoft on Monday rushed out an emergency patch for a critical vulnerability that criminals are exploiting to install malware on all supported versions of the Windows operating system.

● Botnet with 60GB of stolen data cracked wide open

Most botnet command-and-control channels run on compromised webservers or web-hosting services designed for criminals, making it possible to dismantle the network by taking down the central server. Mumba, by contrast, makes use of fast-flux technology, in which the operations are carried out on thousands of compromised PCs. That allows the IP address and host machine to change every few minutes, a measure that frequently foils takedown attempts by researchers and law enforcement.

● Anatomy Of An Attempted Malware Scam

The display media segment is the newest target of malvertising, the latest trend in online criminal methodology. The problem has escalated in recent months and despite many suppliers' best efforts, it continues to grow. The culprits behind many of these attacks are based in foreign states leaving little course to take action. While the best defense against malvertising is to prevent it from happening in the first place, this has proven to be a challenge for even the most astute publishers, networks and the like.

We were recently the targets of one such attempt, and while it certainly wasn't the first "fake agency" we've been besieged by (and that we've successfully stopped), it is one of the most organized efforts we've encountered so far. Below we've outlined the approach that was used and the findings of our investigation as an FYI to others who may be on the target list.

Recent Techrights' Posts

Writing and Coding Isn't Always Enough: Last year we had to assume a role we didn't have before: litigants
Why We Publish Information About the SLAPPs (But Not About the Legal Process), an Abuse of Process by Americans Trying to Silence Critics of Their Employer, Microsoft: It doesn't take thousands of pages to explain something simple
Internet Relay Chat Didn't Fall Off a Cliff: IRC will turn 40 in less than 3 years from now
The UEFI 9/11 - Part V - This is Not a Drill (Disable "SecureBoot" Now): A "9/11" Coming
There's No Obligation to Speak to Anybody: The very fact that "bkuhn" is till spending time in social control media says a lot about his poor judgment
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Monday, September 01, 2025: IRC logs for Monday, September 01, 2025
The Register MS Says "AI Web Crawlers Are Destroying Websites", So Why Does The Register MS Help 'AI' Companies? (Spoiler: Money): People need to call out The Register MS on its hypocrisy
Microsoft Trying to Force People to Resign (Amid Mass Layoffs) a Strategy That Takes Its Toll: Microsoft seems to be circling down the drain and the "final flush" will be the moment the "hey hi" (AI) bubble implodes completely
Google Simply Cannot Be Trusted: Only fools would trust GAFAM
Admission That a Third Party (or Parties) Funds the SLAPPs Against Techrights: This can end up costing them over a million dollars
Modifying and Writing One's Own Computer Programs is Not a Crime (or: Google Proves That Stallman Was Right): We're generally gratified to see so many positive mentions of him
Why We Stopped Publishing Videos (for Now): We'll probably get back to videos one day, but it's hard to say when or to what extent
What Animal Rights Activism Teaches Us About Sympathy and Focus: It's possible to believe that the planet is warming, that we must do something about it, and still eat eggs and butter
When You Turn Web Sites About Tech Into Political Sites: A lot of people fall into the trap of catering only for particular groups
Gemini Links 02/09/2025: ROOPHLOCH 2025 and Lagrange 1.19 Released: Links for the day
Gemini Links 01/09/2025: News Corp. WSJ and A Month With NixOS: Links for the day
Slopfarms Already Peaked, They Will Die When Slop Companies Run Out of Money to Borrow: slopfarms will lack an actual "engine"
“Sideloading” Never Killed Anybody: There are many online discussions this week about the misnomer "sideloading"
Slopwatch: Google News as FUD Vector Against Linux and Plagiarism Enhancer, Serial Slopper (SS) Uses LLMs to Googlebomb "Linux": Slop destroys the Web not just by screwing with search engines and helping plagiarists. It's also responsible for de facto DDoS attacks...
Links 01/09/2025: "Attacks on Science" and China's "Soft Power" Grows: Links for the day
Links 01/09/2025: Fresh Backlash Against Slop and "Norway’s Electricity Crisis is About to Hit Britain": Links for the day
Links 01/09/2025: Catching Up (Mostly via Deutsche Welle), "Windows TCO" Effect in UK: Links for the day
Gemini Links 01/09/2025: Linguistic Barriers and "Web 1.0 Hosting": Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Sunday, August 31, 2025: IRC logs for Sunday, August 31, 2025
Autumn Has Come: Autumn should be exciting in all sorts of ways; it'll also mark our anniversary
The UEFI 9/11 - Part IV - External Interference: They all seem to be playing a role in crushing Software Freedom and self-determination for users
Links 31/08/2025: Baggage Claim Scams, an Insurrectionist’s War on Culture, and a Sudden Robotics Hype: Links for the day
Gemini Links 31/08/2025: Reviewing Netsurf and Slightly Less Historic Ada Design: Links for the day
IBM Has Taken Control of GNOME: Don't expect a successor to be found any time soon
Links 31/08/2025: Google Gmail Data Breach and LF Puff Pieces for Pay: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Saturday, August 30, 2025: IRC logs for Saturday, August 30, 2025
This is What Google News Has Become: Moments ago