Eye on Security: Microsoft Windows Emergency Patch, Botnets Grab Data, Malware Scam Analysis

Dr. Roy Schestowitz

2010-08-06 12:12:28 UTC
Modified: 2010-08-06 12:12:28 UTC

Summary: An update on problems Windows users may be experiencing

● Microsoft rushes out emergency fix for critical Windows bug (more about this emergency)

Microsoft on Monday rushed out an emergency patch for a critical vulnerability that criminals are exploiting to install malware on all supported versions of the Windows operating system.

● Botnet with 60GB of stolen data cracked wide open

Most botnet command-and-control channels run on compromised webservers or web-hosting services designed for criminals, making it possible to dismantle the network by taking down the central server. Mumba, by contrast, makes use of fast-flux technology, in which the operations are carried out on thousands of compromised PCs. That allows the IP address and host machine to change every few minutes, a measure that frequently foils takedown attempts by researchers and law enforcement.

● Anatomy Of An Attempted Malware Scam

The display media segment is the newest target of malvertising, the latest trend in online criminal methodology. The problem has escalated in recent months and despite many suppliers' best efforts, it continues to grow. The culprits behind many of these attacks are based in foreign states leaving little course to take action. While the best defense against malvertising is to prevent it from happening in the first place, this has proven to be a challenge for even the most astute publishers, networks and the like.

We were recently the targets of one such attempt, and while it certainly wasn't the first "fake agency" we've been besieged by (and that we've successfully stopped), it is one of the most organized efforts we've encountered so far. Below we've outlined the approach that was used and the findings of our investigation as an FYI to others who may be on the target list.

Recent Techrights' Posts

Microsoft's Windows is a Niche Operating System in Africa: African nations aren't a large contributor to Microsoft's income, but if many African nations move away from Windows, then the monopoly is at risk
Gemini Links 19/06/2025: Unix Primitivism, Zine Club, and Gemini Protocol Turns 6 at Midnight: Links for the day
Common Mistake: Believing Social Control Media Will Document Your Writings/Thoughts and Search Engines Like Google Will Help You Find These: Many news sites wrongly assumed that posting directly to Twitter would be acceptable
The Manchester Bees and This Hot Summer: We have had a fantastic week so far this week
Gemini Protocol Enters Its Seventh Year, Growth Has Accelerated!: Maybe in June 20 2026 there will be over 3,500 active capsules?
Mastodon and the Fediverse Have an Issue: Liability for Content (Even in Other Instances) and Costs: self-hosting is the only logical path forward
Why Microsoft and Its 'Hey Hi' (Slop) Frenzy Fail While Sinking in Deep, Growing Debt: Right now, like Twitter around the time it was sold to MElon, "open" "hey hi" is a big pile of debt with a lot to pay for that debt (interest payments)
Europe is Leaving Microsoft, the Press Coverage Isn't Sufficiently Helpful: The news is generally positive, but the press coverage leaves so much to be desired
Slopwatch: Linuxsecurity, BetaNews, and Linux Journal: slippery slope
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Thursday, June 19, 2025: IRC logs for Thursday, June 19, 2025
Gemini Links 20/06/2025: Gemini Protocol Turns 6!: Links for the day
Links 19/06/2025: Ghostwriting Scam and Fentanylware (TikTok) Buying Time: Links for the day
Links 19/06/2025: WhatsApp Identified as Assassination 'Crosshairs', Patreon Now Rips Off People Even More: Links for the day
"Told You So": Another Very Large Wave of Microsoft Layoffs Now Confirmed in Mainstream Media: So we were right to believe the rumours, based on the credibility of prior such rumours
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Wednesday, June 18, 2025: IRC logs for Wednesday, June 18, 2025
Gemini Links 18/06/2025: Magit and Farming: Links for the day
Slopwatch: BetaNews is Now a Slopfarm (Like Linuxsecurity) and Google News is Overwhelmed by Slopfarms: The Web is bad
Links 18/06/2025: SCOTUS Decision on Fentanylware (TikTok) Still Ignored, 4.5-Day Work Weeks: Links for the day
Links 17/06/2025: Windows TCO and G7 Rifts: Links for the day
The Right to Know and the Freedom to Report on Crime (at the Higher Echelons): I'd like to do the same thing for the next 20 years
BetaNews Appears to Have Fired All Of Its Staff: Even serial sloppers
After the Web Becomes Slopped to Death: A lot of people are rightly fed up with the "modern" Web
Gemini Protocol Turns 6 on Friday: Active (online) Gemini capsules are estimated by Lupa at over 3,000
Like Most Social Control Media, Microsoft LinkedIn is Collapsing: One reason for Microsoft acquisitions is debt-loading, i.e. offloading and burying its debt
Microsoft is Losing Its Richest Clients: Unlike some very poor countries, Germany and the EU are a considerable source of income to Microsoft
Proprietary Means Not Secure: Proprietary software tends to rely on secrecy, not good design
Slop in 'AI' Clothing is a Passing Fad, We'll Get Past It (Like Blockchain Before That): Many people cheat in exams using slop and there are professionals that try using slop as a "shortcut"
GNOME Does Not Campaign Against Microsoft, KDE Does: It's good to see that KDE is still active in promotion of Free software - a term that it uses
Slopwatch: BetaNews, Linuxsecurity, and Other Prolific Slopfarms: name and shame the sites that establish such proliferation of slop
Gemini Links 18/06/2025: Birch Lake and Loon Pond: Links for the day
Over at Tux Machines...: GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 17, 2025: IRC logs for Tuesday, June 17, 2025