Friday, October 25, 2013
Using Google and Scumware for samples
Here's a quick tutorial on good sources for Android malware. The site scumware.org is a great source for finding the latest threats. Use Google and put in the search box android site:scumware.org. You will get results to downloads of all kinds of Android malware.
Remember to use safe downloading techniques as links on scumware are not limited to Android and could really hose your Windows machine.
As always; stay safe out there
-R`/4N
Friday, October 4, 2013
"Remember the 13th" Scam.
While this one is a bit off topic it still pertains to basic security principles. The website promoting a huge NASA discovery that will "change the world." www.rememberthe13th.com is making its rounds on Facebook.
To catch the victims attention the site claims huge things: "SO WHATS THAT ALL ABOUT? NASA has made a historic discovery that will shake the entire planet. This announcement will be released to the media on November 13th, 2013. It will be a day to remember and One for the history books. Spread the word to your family & friends and sign up to stay updated!"
This site is fake. Anyone who has registered or sent an Email has fallen for this phishing campaign. It's only goal is to get Social Media likes and shares and harvest Email addresses for sending more spam. Always be skeptical of sites like this and never fall for the hype. It is easy to prove that this is fake.
First thing is to check the site's registration info:
Registration Service Provided By: Namecheap.com
Contact: support@namecheap.com
Registered through: eNom, Inc.
Domain name: rememberthe13th.com
Registrant Contact: WhoisGuard, Inc. WhoisGuard Protected ()
Fax: P.O. Box 0823-03411 Panama, Panama NA PA
Creation date: 01 Oct 2013 16:16:00
Expiration date: 01 Oct 2014 16:16:00
This is highly suspicious: A NASA Government website would not be registered anonymously in Panama. On top of that it was registered October 1st. The first day of the US Government's shut-down. Since 90% of NASA employees are currently out of work, there should be no one left to substantiate any of this.
Next, we check out the sites IP (192.111.149.82) on Virus Total:
https://www.virustotal.com/en/ip-address/192.111.149.82/information
2013-09-19: www.mileytape.com
2013-09-11: www.opblackout.com
2013-10-04: www.rememberthe13th.com
2013-09-17: www.rockstarannouncement.com
You can now see that this isn't the first time they tried to pull this. In the past they have used a fake Miley Sirus sex tape stolen from her phone and an announcement for Grand Theft Auto V on the PC to get sign-ups. This is just a scam set-up by adixy.com, a site that allows you to purchase social media likes and shares. These harvested emails and account info will then go into a pool for future spamming.
Lastly, you can email a representative of NASA if you have any doubts. Unfortunately, as of now do to the lack of US Government funding, you will only get this response:
"NASA is currently closed due to a lapse in government funding. I am in furlough status; therefore, I am unable to respond to your message at this time."
Stay safe out there
-R`/4N
To catch the victims attention the site claims huge things: "SO WHATS THAT ALL ABOUT? NASA has made a historic discovery that will shake the entire planet. This announcement will be released to the media on November 13th, 2013. It will be a day to remember and One for the history books. Spread the word to your family & friends and sign up to stay updated!"
This site is fake. Anyone who has registered or sent an Email has fallen for this phishing campaign. It's only goal is to get Social Media likes and shares and harvest Email addresses for sending more spam. Always be skeptical of sites like this and never fall for the hype. It is easy to prove that this is fake.
First thing is to check the site's registration info:
Registration Service Provided By: Namecheap.com
Contact: support@namecheap.com
Registered through: eNom, Inc.
Domain name: rememberthe13th.com
Registrant Contact: WhoisGuard, Inc. WhoisGuard Protected ()
Fax: P.O. Box 0823-03411 Panama, Panama NA PA
Creation date: 01 Oct 2013 16:16:00
Expiration date: 01 Oct 2014 16:16:00
This is highly suspicious: A NASA Government website would not be registered anonymously in Panama. On top of that it was registered October 1st. The first day of the US Government's shut-down. Since 90% of NASA employees are currently out of work, there should be no one left to substantiate any of this.
Next, we check out the sites IP (192.111.149.82) on Virus Total:
https://www.virustotal.com/en/ip-address/192.111.149.82/information
2013-09-19: www.mileytape.com
2013-09-11: www.opblackout.com
2013-10-04: www.rememberthe13th.com
2013-09-17: www.rockstarannouncement.com
You can now see that this isn't the first time they tried to pull this. In the past they have used a fake Miley Sirus sex tape stolen from her phone and an announcement for Grand Theft Auto V on the PC to get sign-ups. This is just a scam set-up by adixy.com, a site that allows you to purchase social media likes and shares. These harvested emails and account info will then go into a pool for future spamming.
Lastly, you can email a representative of NASA if you have any doubts. Unfortunately, as of now do to the lack of US Government funding, you will only get this response:
"NASA is currently closed due to a lapse in government funding. I am in furlough status; therefore, I am unable to respond to your message at this time."
Stay safe out there
-R`/4N
Shop Amazon Gold Box - New Deals. Everyday
Subscribe to:
Posts (Atom)