Theft of Domain

It won’t happen to me, right?

That’s what I thought!  As many of you have probably already read in DNJournal or elsewhere, last week was a rough week for me.  I awoke Monday morning to discover that I had been hacked.  Someone had stolen my domain name, CFJ.com , from my Godaddy account.  At the time, we didn’t know if it was isolated to that name or even just to Godaddy.  So of course, wide spread panic ensued. To clarify, the thief did not hack into Godaddy.  It appears that they installed a keylogger on my computer, most likely by sending me an email which I in turn opened (although not necessarily with an attachment).  The keylogger then tracked my keystrokes for an uncertain period of time and relayed the information back to the thief until he/she had all the information they need (i.e.- my Godaddy Username and Password). The whole thing was well planned and carefully orchestrated.  The thief never even took possession of the domain name him/herself.  The domain was sold on NamePros.com through private messaging on the forum prior to them logging in to my Godaddy account and pushing the domain to the account of the unsuspecting (perhaps naïve) buyer.  The whole thing only took a couple of minutes. The transaction, as I said, took place on NamePros.com.  The thief sold/traded CFJ.com for a sum of cash plus 15 other domain names, mostly 3 Character .NET, .ORG and .COM domains.  What boggles my mind is how someone could think they could buy a 3 Letter .COM for a bag full of mediocre domains and a small amount of cash?  The buyer didn’t even take the time to check the WHOIS first and see if they were actually negotiating with the owner of the domain or an authorized representative!  Please, do us all a favor (as well as yourselves) and when you see a 3 Letter .COM domain name being advertised for sale on DNForum or NamePros at $3,000 or less, use your better judgment and take a pass.  At least do your due diligence to make sure you aren’t buying stolen goods.  If we all took some precaution it would make it a lot harder for these criminals to resell the stolen domains in the short window that they have to offload them and we could start making some progress towards stopping them. I have to give a big applause to Godaddy, and specifically to my Executive Account Manager Tess Diaz, for the way that this situation was handled.  They acted fast, were able to lock down the domain so as to prevent it from being transferred out of Godaddy, and everything was surprisingly non-bureaucratic, contrary to what people often believe Godaddy can be.  I actually find it hard to believe that any other registrar could have, or would have, acted in such an effective manner.  In the end, we were able to recover CFJ.com safely back in to my account in just about 12 hours! Record time for a domain theft recovery.  However, I can tell you that those were a rough 12 hours.  Although they don’t advertise it, Executive Account customers are eligible for a free security service at Godaddy called “Domain Transfer Validation Service”.  This service does not allow any domains to be transferred away from your Godaddy account without verbal authorization and a separate, secure authorization PIN from the account holder and can only take place at a pre arranged phone number which is not stored in your account (necessarily).  Further, the only person authorized to transact these transfers at Godaddy is your account manager.  Of course, I have now entrusted my portfolio of domains to this service and will begin migrating many of my domains not registered at Godaddy over to my Godaddy account.  To my knowledge, no other registrar offers such a service. I must aslo give a special thanks to Warren Weitzman whose advice on this matter was crucial in my timely recovery.  Warren, unfortunately, was recently victim of an even larger hijacking when 12 of his most valuable domain names were stolen from his Enom account.  It took 2 weeks to recover all of his domains, but luckily they were recoverable.  Warren’s advice to publicize the theft as broadly as possible was critical in the recovery process.  Informing other domain investors, who are in general the only on demand buyers for these stolen names, is very important in order to prevent further reselling of the domain and complicating of the recovery process.   It is also important to broadcast the theft because these are rarely isolated incidents and often, as was the case this time, there are other stolen domains also being marketed and often the owners haven’t even discovered the theft yet.  Awareness is a key element in prevention. Domain Hijacking is on the rise, whether it’s due to the depressed economy, ever increasing domain values or simply that these cyber criminals see the security weakness in the domain registration and registrar model and are exploiting it while they can, I’m not certain, but it is likely a culmination of all of these factors.  These guys are clever, and unfortunately by definition, they are always one step ahead of the security software such as Anti-Virus and Firewall protection.  Updates are created in response to new types of attacks. I’d like to make one last note.  Although I don’t often like to speak badly about anyone as it doesn’t reflect well, in this case something needs to be said and I can only hope it gets a reaction.  NamePros.com  was entirely uncooperative and unresponsive in this incident.  Despite multiple phone calls and emails, I received no response and no assistance in this matter from them.  The thief used NamePros to transact the stolen domain name(s) and the whole thing is well documented through private messaging and a forum string which I do not have access to without the help of NamePros.  This information is critical to law enforcement in finding the identity of the thief, yet NamePros refuses to cooperate in any way whatsoever.  As one of the leading forums in the domain industry, NamePros has a responsibility to help protect the community from these criminals.  NamePros.com has often been the platform of choice for these criminals to offload their stolen goods and yet NamePros does nothing about it and takes no action in assisting the victim’s (who represent their community) or law enforcement.  I am sad to say that this time around, NamePros.com  has failed me…shame on you! Protect yourself the best you can with good antivirus software and firewall, but remember that awareness of your domain activity and having good contacts at your registrars is essential for protecting your domain investments.  Happy Domaining!

Google Study: Ten Percent of Web Pages Carry Malicious Code

Monday , May 21, 2007

By Jonathan Richards

http://www.foxnews.com/printer_friendly_story/0,3566,273614,00.html

//

About one in 10 Web pages is infected with malicious software that could result in a user’s personal information being stolen, according to Google researchers.

Sensitive data such as banking passwords and e-mail addresses could unwittingly be handed over to criminals as a result of visiting infected pages, which work by exploiting a vulnerability in the user’s Internet browser, a study by Google researchers suggests.

The researchers said in their report that they had analyzed approximately 4.5 million Web pages over a 12-month period and found that 450,000 had caused a test computer to make a “drive-by download,” a common example of which was a “keylogger,” which captures every keystroke a user makes.

• Click here to read the full 9-page report (pdf format).

http://www.usenix.org/events/hotbots07/tech/full_papers/provos/provos.pdf

The report, entitled “The Ghost in the Browser,” concluded: “Unfortunately, average computer users have no means to protect themselves from this threat.”

“Their browser (sic) can be compromised just by visiting a web page and become the vehicle for installing multitudes of malware on their systems.”

Pages with advertising were among those most commonly exploited, the study, said, because the ads were often displayed via a third-party network and not under the control of the Web site owner.

Other pages that were vulnerable included those with user-generated content, such as forums or blogs, and those that make use of “widgets” — for instance, traffic counters — which could be configured to exploit a visitor’s computer.

In many instances the Web site owner was unaware his site had been infiltrated, experts said.

“We expect that the majority of malware is now spreading via web-based infection, because the computer of an average user provides a rich environment for adversaries to mine,” Niels Provos, who led the study, wrote.

“Banking transactions and credit-card numbers, for instance, are much more likely to be found on a user’s machine than on a compromised server.”

The work of anti-virus software providers was made difficult by the fact that malware evolved rapidly, one malicious bit of code changing 1,100 times over the 12-month period of the study, the authors said.

But Graham Cluley, an expert at the British computer-security firm Sophos, said that there was “a fair amount” users could do to protect themselves, such as ensuring their virus-protection software was up to date and setting their PCs to automatically download patches from Microsoft’s Internet servers.

“Anti-virus vendors now also sell plug-ins, which screen pages as you try to access them, detecting relevant threats,” Cluley said.

He added that according to research by his company, 70 percent of Web-based infections were found on “legitimate” Web sites.

Google said it was now labeling sites that had been identified as malicious as “potentially harmful” when they were returned as search results.

Security Tip of the Week

Monday , July 13, 2009

http://www.foxnews.com/printer_friendly_story/0,3566,531787,00.html

//

To protect against skimming and eavesdropping attacks, federal and state officials recommend that Americans keep their e-passports tightly shut and store their RFID-tagged passport cards and enhanced driver’s licenses in “radio-opaque” sleeves.

That’s because experiments have shown that the e-passport begins transmitting some data when opened even a half inch, and chipped passport cards and EDLs can be read from varying distances depending on reader techonology.

The cover of the e-passport booklet contains a metallic sheathing that can diminish the distances radio waves travel, presumably hindering unwanted interceptions.

Alloy envelopes that come with the PASS cards and driver’s licenses do the same, the government says.

The State Department asserts that hackers won’t find any practical use for data skimmed from RFID chips embedded in the cards, but “if you don’t want the cards read, put them in an attenuation sleeve,” says John Brennan, a senior policy adviser at the Office of Consular Affairs.

• Click here to visit FOXNews.com’s Cybersecurity Center.

• Got tech questions? Ask our experts at FoxNews.com’s Tech Q&A.

Gigi Zenk, a spokeswoman for the Washington state Department of Licensing, says the envelope her state offers with the enhanced driver’s license “ensures that nothing can scan it at all.”

But that wasn’t what researchers from the University of Washington and RSA Laboratories, a data security company in Bedford, Mass., found last year while testing the data security of the cards.

The PASS card “is readable under certain circumstances in a crumpled sleeve,” though not in a well maintained sleeve, the researchers wrote in a report.

Another test on the enhanced driver’s license demonstrated that even when the sleeve was in pristine condition, a clandestine reader could skim data from the license at a distance of a half yard.

Will Americans consistently keep their enhanced driver’s licenses in the protective sleeves and maintain those sleeves in perfect shape — even as driver’s licenses are pulled out for countless tasks, from registering in hotels to buying alcohol?

The report’s answer: “It is uncertain … “

And when the sleeves come off, “you’re essentially saying to the world, ‘Come and read what’s in my wallet,’” says Marc Rotenberg, executive director of the Electronic Privacy Information Center in Washington, D.C.

By obliging Americans to use these sleeves, he says, the government has, in effect, shifted the burden of privacy protection to the citizen.

Meanwhile, researchers have raised other red flags.

— In 2006, a mobile security company, Flexilis, conducted an experiment in which the transponder of a partially opened e-passport triggered an explosive planted in a trashcan when a dummy carrying the chipped passport approached the bin. A video of the experiment was shown that year at a security conference.

Flexilis has suggested that the government adopt a dual cover shield and specifically designed RFID tag that would make the e-passport remotely unreadable until it is fully opened.

No changes have been made to the U.S. e-passport in response, according to the State Department.

— Some RFID critics wonder: Could government officials read the microchips in an enhanced driver’s license or passport card by scanning people via satellite or through a cell phone tower network?

The short answer is no — because the chips in PASS cards and EDLs are “passive,” or batteryless, meaning they rely on the energy of readers to power up. Passive tags are designed to beam information out 30 feet.

However, research is moving forward to make batteries tinier and more powerful, says Ari Juels, director of RSA Laboratories.

A “semi-passive” tag that could transmit into the atmosphere when triggered by a reader “may be feasible at some point,” he says.

Separately, a system called STAR, that adapts deep-space communications technologies to read passive tags from distances greater than 600 feet, was announced last year by a Los Angeles startup called Mojix, Inc.

It uses “smart antennas” and “digital beam forming” to process signals in four dimensions — time, space, frequency and polarization.

Mojix, founded by a former NASA scientist, promotes the technology for supply chain management and asset tracking.

Security Software Tracks Down Stolen PCs

Security Software Tracks Down Stolen PCs

http://www.foxnews.com/printer_friendly_story/0,3566,324465,00.html

Tuesday , January 22, 2008
By Gene Koprowski

 

A thief pilfers a laptop computer from an unsuspecting traveler at an airport departure lounge and flits off, unnoticed.

A few years ago, the laptop’s rightful user would have had little chance of seeing it again.

But today, a handful of security companies offer software and gadgets to recover stolen notebook computers or, at least, make the sensitive corporate data they hold inaccessible to criminals.

According to statistics from the Gartner Group, which tracks computer-industry trends, a laptop computer is stolen every 53 seconds from U.S. airport lounges, hotel rooms and restaurants.

The FBI notes that 97 percent of the portable PCs are never recovered, with potentially catastrophic losses for the owners, who may have lost not only work-related files, but personal information such as credit card and banking information and digital family photos.

“That costs consumers and businesses an awful lot of money,” said Robert Siciliano, an information security consultant based in Boston.

The computer industry, however, is now using technology to beat back the thieves.

Like a Lojack device that car owners can put in their vehicles to track a stolen BMW or Mercedes, computer users can now purchase software that allows them to monitor the whereabouts of their Toshiba Satellite or Lenovo ThinkPad once a crafty crook gets hold of it.

What’s more, some of the software enables owners of stolen computers to delete files remotely via satellite networks, preventing the cyber-punks from accessing the vital information.

“That’s multiple layers of protection,” Siciliano told FoxNews.com.

There are a number of companies in this electronic-security market, and some of their products for consumers and companies are priced as low as $49.99.

One of the better known developers is Vancouver, B.C.-based Absolute Software, maker of Computrace.

Its Lojack for Laptops consumer software — yes, that’s what it’s called — can be downloaded from the Internet and works on both Windows-based PCs and Macs.

The company’s more sophisticated corporate Computrace software comes embedded in the BIOS — basic input, output system — of computers produced by Dell, Lenovo, Gateway, HP and Fujitsu. Recent deals have also been reached with Apple, Sony and Toshiba.

When a computer using either Computrace or Lojack for Laptops is reported stolen by the owner and then connected to the Internet by the thief or the person he sells it to, the embedded software “agent” sends a silent signal to a monitoring center providing critical location information.

Absolute then works with local law enforcement to recover the computer, and, if necessary, assists with search warrant and subpoena applications to Internet Service Providers (ISPs) to quickly address what Absolute , http://www.absolute.com/ CEO John Livingston wryly calls “mobile security challenges.”  ( Cost is low as $19 a year)

The company claims its recovery team, made up of many former police officers, has close relationships with more than 1,000 police departments in the U.S. and Canada.

The stealthy software agent is said to be able to survive accidental or deliberate attempts at removal by crooks seeking to resell the PC on the black market.

There’s no external dongle for thieves to unplug, and the company said the software transmits a signal whenever the stolen laptop is connected to the Internet.

Another product with some of the same functionality is eBlaster by SpectorSoft Corp., based in Vero Beach, Fla.

SpectorSoft President Doug Fowler told FOXNews.com his software was originally meant to let parents track every keystroke their children made on computers, and that the anti-theft application came about somewhat serendipitously.

“It wasn’t developed with that functionality in mind,” said Fowler. “It is used to track keystrokes and record all e-mails that are sent, as well as online chats, instant messages and MySpace.com activity. It puts together a report and e-mails the parent of the child using the computer every hour if something dangerous comes up.”

But, interestingly, if the computer is stolen, the software continues to send the reports. Inevitably, the cyber-crooks, or those to whom they resell the PC, go surfing on the Internet.

“They’re not buying it to word process,” said Siciliano. “They want to commit more crimes online. Where there is a stolen laptop, there are other illegal activities going on. Drugs. Other thieves. Or those they fence it to.”

When the crooks log on to the Internet, the eBlaster software e-mails the laptop’s Internet Protocol address back to the original owner, said Fowler.

“You could get a city location of the computer, for example, with an IP address. Then you would have to take it to an ISP to get the location of the computer,” Fowler added. “You might also be able to identify them based on the e-mails they are sending.

“We know of people who have retrieved a computer by sending an e-mail to the thieves — and saying, ‘I know who you are. I know what you are doing. If you don’t stop, I’ll turn you over to the police.’”

Fowler said that not only private consumers, but major companies and organizations had lately been added as eBlaster customers, among them Kaiser Permanente, IBM and the federal government.

Another major developer just getting into the business is Franco-American communications giant Alcatel-Lucent, which recently launched a product called Laptop Guardian jointly with Sprint.

It’s basically a tiny Linux computer built into a standard PCMCIA card, with its own CPU, memory, power supply, GPS transceiver and 3G cell phone transmitter.

Laptop Guardian enables “business IT managers to secure, track through GPS, manage and encrypt data on an employee’s laptop, all through remote capabilities … even when the laptop is turned off,” according to Alcatel spokeswoman Tracy Dupree.

Upon first installation, Laptop Guardian encrypts all data on the laptop’s hard drive and reroutes all Internet traffic through the client’s virtual private network.

From then on, the card functions as an ignition key for the laptop — the user can’t get into, or out of, the computer without it.

With its own battery, the Laptop Guardian card is always on and transmitting its location back to a central server via cell phone networks.

Administrators can use Laptop Guardian to remotely upload patches and software updates to company PCs, or wipe hard drives — even after a machine’s been reported as stolen.

A thief could pop out the Laptop Guardian card and be able to boot the laptop after installing a new operating system, but he wouldn’t have been able to get at any of the corporate secrets locked inside.

“Our goal is to protect the corporate data, and not to recover the machine, although we can help with that as well,” says Dupree.

Of course, there’s another way to keep your corporate data from laptop thieves: Don’t let it leave the office at all.

“I had all of my company’s data on my laptop — accounting, employee, strategic planning — and thus lived in fear of having it stolen,” said David Becker, president of Philippe Becker Design, a San Francisco branding agency. “I solved this by buying a cheap laptop that I use as nothing more than a ‘dumb’ terminal.”

Becker installed GoToMyPC, a consumer-oriented subscription software service that lets one PC remotely access another, on both his office PC and his laptop.

“There’s nothing on [the laptop] but a Web browser,” said Becker. “I access my desktop through the Web browser using GoToMyPC.com.”

Experts: Phishing Frauds Still a Problem

FOXNews.com
Experts: Phishing Frauds Still a Problem

http://www.foxnews.com/printer_friendly_story/0,3566,562301,00.html

Thursday , October 08, 2009

FC5
ADVERTISEMENT

Scammers who stole email users’ passwords and published them online are using the information to perpetrate further frauds, Sky News has learned.

Earlier this week Microsoft admitted Hotmail users had been tricked into revealing their passwords, 10,000 of which had been published online. Those responsible have been using the stolen information to send out personalised spam emails, according to Websense Security Labs.

The spam is being sent from users’ accounts to contacts in their address books – so recipients will think it came from one of their friends. While the new spam is not malicious in itself, it does point the contact in the direction of something that is — a “shopping” website.

The trick is, the shopping site is not a real one.

The scam persuades victims to order goods online by credit card, leaving them vulnerable to identity theft and fraud.

Patrick Runald, Security Research Manager at Websense, told Sky News Online: “Scams are happening every day on the internet and most of them stay under the radar but what’s unusual about this is that it’s entered the public domain.

“With this one, we found five or so electronic online sites were set up over the past two months.

“The sites look legitimate so the average buyer would see nothing wrong in putting in their personal details, including their credit card details — and that’s all the scammers need.”

Mr Runald advises email users to take the following precautions to avoid being caught out:

:: Change your password immediately. It’s strange but true that most people have kept the same password since they first logged on to Hotmail or other email providers up to 10 years ago. My advice would be to change it immediately and every six months after that.

:: If you’re going to buy online, use a credit card rather than a debit card. It appears to be easier to get items off your bill than get money reinstated on your bank account.

:: If you get a suspect email, don’t open the URL address without checking it out with the friend who apparently sent it — better still, don’t open it at all.

:: Use only reputable online shops that you know are safe and do your online shopping with them.

:: Don’t use the same password on all your website addresses — such as Facebook, Hotmail and others. Your personal details are more protected if you have different ones.

43 Million People Fell for Fake Anti-Virus Scam

Oct 30, 2009
Source
http://www.foxnews.com/story/0,2933,568652,00.html?sPage=fnc/scitech/cybersecurity

Up to 43 million people could have given their bank details to cyber criminals after being duped by fake anti-virus software online, a web security firm has found.

Figures published by Symantec suggest 93 percent of the people scammed downloaded the rogue programs by choice after being tricked into believing it was legitimate. The company estimate that some cyber criminals are earning nearly $1.4 million a year from the ruse.

Web users fall prey to the scam when they click on links, pop-ups or flashing adverts warning them their computer is infected. The fake program then appears to run a virus check which tells the user their PC is infected and asks them to pay for it to be cleaned up.

But downloading the software can give criminals access to bank details and computer files. Symantec found 250 rogue programs were downloaded 43 million times in the 12 months to July 2009.

The company’s analysts believe a small number of people run networks of more than 1,000 distributors — whose earnings are linked to the number of machines they infect. The distributors, most of whom are in the United States, may not even realise they are acting illegally. “It is a challenge to fight this,” Orla Cox, Symantec’s security operations manager told Sky News Online.

“The software may be developed in one country and then distributed in another so it is hard to track them down. It’s a tangled web.”

As most users lose between $30 and $100, it can be hard to get the attention of law enforcement agencies.

“There are very few things the consumer can do. If you go to the site and try to get your money back, you will find that it has rebranded and it’s gone,” Ms Cox said.

Ben Camm-Jones from Web User magazine told Sky News Online there are ways to spot a fake site.

“You should be protected from this type of malware if you keep your browser and anti-virus software up to date,” he said. “If messages telling you that your PC has an infection pop up when you visit a website, simply close your browser down and use your existing anti-virus software to scan your PC.

“And if you think a warning message on your PC is suspect, carefully check spelling and grammar — there could be a tell-tale mistake.”

E Crime Video

Workers ’stealing company data

http://news.bbc.co.uk/2/hi/technology/7902989.stm

By Maggie Shiels Technology reporter, BBC News, Silicon Valley

The study said companies fail to take proper steps to stop data theft

Six out of every 10 employees stole company data when they left their job last year, said a study of US workers.

The survey, conducted by the Ponemon Institute, said that so-called malicious insiders use the information to get a new job, start their own business or for revenge.

“They are making these judgements based out of fear and anxiety,” the Institute’s Mike Spinney told BBC News.

“People are worried about their jobs and want to hedge their bets,” he said.

“Our study showed that 59% of people will say ‘I’m going to take something of value with me when I go’.”

The Ponemon Institute, a privacy and management research firm, surveyed 945 adults in the United States who were laid-off, fired or changed jobs in the last 12 months.

Everyone that took part had access to proprietary information such as customer data, contact lists, employee records, financial reports, confidential business documents, software tools or other intellectual property.

‘Surging wave’

In the report, entitled Jobs at Risk = Data at Risk, the Institute showed that such data breaches put a company’s financial health in jeopardy.

That view is backed in part by another recent study by security firm McAfee. It estimated total global economic losses due to data theft and security breaches by organised crime, hackers and inside jobs reached $1 trillion last year.

24% of workers could still access data after leaving the company

Kevin Rowney , from the data loss prevention arm of security firm Symantec, the sponsors of the study, told the BBC there would be a “surging wave” of these insider attacks.

“It is conceivable that a company can lose its corporate life through a large scale data breach,” warned Mr Rowney.

He added: “The intellectual property of a company can represent the crown jewels and are almost worth more than the building. This is the core asset of a company and any breach or loss can be very expensive.”

Relaxed attitude

The Ponemon Institute revealed that part of the problem rests with companies themselves and their relaxed attitude towards security.

It found that only 15% of respondents’ companies reviewed or audited the paper documents or electronic files employees were walking out of work with.

Most data breaches are preventable said experts

The report also said that if businesses did conduct a review, it was very poor with 45% not being completed and 29% being fairly superficial.

“Many firms believe insider data breaches are the cost of doing business,” said Mr Spinney.

“They believe this is just something they have to live with. Our sense is that a lot of companies have really just given up, but this study shows these are preventable events.”

During the economic downturn, security experts have predicted that the number of insider attacks will rise.

Last week, Microsoft told BBC News that “with 1.5 million predicted job losses in the US alone, there’s an increased risk and exposure to these attacks”.

Mr Rowney said one way to limit such breaches was to boost security but also to change focus.

“The industry has concentrated on the protection of the containers where the data is stored like firewalls, access, controls and end point security systems.

“The end result is that most security teams are protecting the containers not the data itself. And that is a core flaw in the security methodology of many practitioners today,” claimed Mr Rowney.

Giant leap looms for mobile bugs

http://news.bbc.co.uk/2/hi/technology/8014111.stm

Giant leap looms for mobile bugs
By Jason Palmer
Science and technology reporter, BBC News, Prague

Phones on display, BBC
Mobiles are ubiquitous but few share the same essential software

The widespread outbreak of mobile phone viruses will occur when a sufficient number of them share an operating system (OS), according to researchers.

Viruses spread by Bluetooth could reach all users of a given OS in days, whereas those spread by multimedia messages could spread in just hours.

But the virulence will only appear when a given OS has about 10% market share.

This “percolation transition” was described at the Science Beyond Fiction conference in Prague.

Media mix

In 2008, Albert-Laszlo Barabasi, Director of the Center for Complex Network Research at Northeastern University in the US, published a study on the movements of more than 100,000 mobile phone users.

Their daily routines showed which “social networks” an individual user inhabits, and their patterns of movement exhibited surprising repetition and predictability.

Once any operating system reaches 10% of the whole user market…viruses will spread everywhere
Albert-Laszlo BarabasiNortheastern University

Now, Professor Barabasi and his team have turned their attention to how these networks could facilitate the proliferation of mobile viruses.

“There are actually more than 600 mobile phone viruses out there,” Prof Barabasi told BBC News. What is more, he explained, mobile phone viruses have reached a level of sophistication in two years that computer viruses took more than two decades to achieve.

“But why haven’t I ever got one?” he asked.

Slow movers

Mobile viruses can spread in two ways: through Bluetooth, or via a file sent as a multimedia message.

“You have to have the right operating system; the viruses that will spread on the iPhone will not spread on Nokias, and vice versa,” said Prof Barabasi.

“It turns out that the Bluetooth way, because it’s driven by human mobility, is relatively slow. If you launch a Bluetooth virus it may take anywhere from days to months to spread, particularly if it’s not a popular phone.”
Crowd at festival. BBC
Mobile viruses have struck when lots of people gather

Eventually users take infected phones to shops and replace or reset them, or change phones altogether, and the viruses spread no further.

“The real question is about MMS viruses. They’re instantaneous: within two minutes everyone in your address book could have it; within a few hours everyone who is reachable would have it.”

To discover the reason that this hasn’t happened, the team turned to the network theory that was used in the 2008 work, making use of the data set that showed them the details of users’ movement and social connections.

In the network theory, there is a phenomenon known as a “percolation transition”.

In social networks, beyond the transition, everyone is connected to everyone. Applied to mobile viruses, the transition describes the point of no return: when everyone who could conceivably have a given virus will get it.

Up to now, viruses transmitted by MMS have spread sufficiently slowly that operators have had a chance to block them. The future scenario will be very different.

“Right now, we’re under the percolation threshold. Only 5% of users have smartphones and even those are fragmented into different operating systems – the largest one doesn’t even reach 3% of the overall market.

“We predict that once any operating system reaches 10% of the whole user market, then the percolation transition will happen, and then the [viruses] will spread everywhere.”

Near the percolation transition of 10% market share, viruses spread via MMS wouldn’t necessarily reach every single handset with a given operating system, but they would cast their net before operators will have time to respond.

On the other hand, a Bluetooth-mediated viruses, while having a much slower rate of infection, could conceivably reach every user of a given OS.

Keeping yourself Safe

Tips to help you stay safe online

http://news.bbc.co.uk/2/hi/technology/5414992.stm

By Mark Ward Technology Correspondent, BBC News website

Windows needs help to keep you safe online

There are now thought to be more than 200,000 malicious programs in existence – the vast majority of which are aimed at subverting Windows PCs.

These problem programs can arrive via e-mail, instant messenger, through your internet connection or even your web browser if you visit the wrong website. The threats are so numerous and appear so fast that Windows users must feel under siege.

While there is no doubt that attacks on PC users are getting more sophisticated, it is possible to avoid the vast majority of problems by taking some straight-forward steps and exercising some common sense.

If you are worried about your computer it is possible to scan it via the web to see if it is infected. Companies such as Trend Micro, Kaspersky and Microsoft all offer free scanning services.

Organisations such as the Computer Emergency Response Team (Cert) also offer advice on how to set up a safe net connection.

ANTI-VIRUS

The first piece of security software every PC user needs is some anti-virus software. It must also be regularly updated to ensure it protects you against the latest threats.

One of the ways that virus writers try to catch out anti-virus software is by pumping out enormous numbers of variations of their malicious creations. Good anti-virus programs use heuristic techniques to spot viruses that have not been formally identified but have all the characteristics.

STAYING SAFE ONLINE Use anti-spyware and anti-virus programs On at least a weekly basis update anti-virus and spyware products Install a firewall and make sure it is switched on Make sure updates to your operating system are installed Take time to educate yourself and family about the risks Monitor your computer and stay alert to threats Hi-tech crime: A glossary

Many PCs now come with anti-virus installed and though an annual subscription can seem expensive, it might be cheap when you consider how much it could save you if it stops your bank details being stolen.

As well as retail versions of anti-virus there are now some free programs that do a good job of protecting you. Avira, Avast and AVG all produce free anti-virus software.

Microsoft now sells a package of security programs but, so far, they are only available to US users.

FIREWALL

A firewall is also an essential piece of security software for PC users. Newer versions of Windows XP have a firewall built in and this will give you protection against nuisance attacks and many of the more serious ones.

HI-TECH CRIME PLANS The BBC News website is running a series of features throughout the week Tuesday: What did we catch in our honeypot? Wednesday: Anatomy of a spam e-mail and hackers face to face Thursday: How to spot a phishing scam

However some people feel that the Windows XP firewall is a bit limited in its features. Many anti-virus programs have a firewall bundled with them.

There are free firewalls available too from firms such as Comodo and Zone Alarm.

To block some of the attacks it can also be useful to connect to the net via a hub or router. Often these have a firewall built in and, even if not, will do a good job of blocking a lot of the low level attacks.

SPYWARE

Increasingly simply browsing the web can subject you to all kinds of dangers. Specially crafted websites can initiate so-called “drive-by downloads” that exploit weaknesses in Microsoft’s Internet Explorer browser to install programs you never asked for.

Google has started warning people if they hit an unsafe site

At best these will annoy you with pop-up ads, at worst they will let someone else take control of your PC. Anti-spyware software will help stop these taking hold and help you clean up your PC if you do get hit.

There are add-ons for browsers, such as McAfee’s Site Advisor that warn you about potentially harmful sites. Also Google has now started warning when you are about to visit a potentially unsafe site. Search sites such as Scandoo will also flag sites loaded with malware.

These days adware tends to be very aggressive and it is far better to avoid an infection than try to clean up afterwards.

Security experts recommend migrating away from Internet Explorer to a browser such as Firefox or Opera. At the very least they say to keep Microsoft’s browser up to date with patches.

Anti-spyware activists Suzi Turner and Eric Howes run a website that lists the bogus security products to help you avoid falling victim. Microsoft makes free anti-spyware but there are many other products from firms such as Lavasoft and Spybot.

UPDATE

With Windows it is also important to keep your system up to date. Windows XP now regularly nags people about upgrades and Microsoft produces security patches on a monthly basis.

Phishing gangs try to steal confidential details

Microsoft recommends automatic updating so patches are downloaded and applied as soon as they become available. As the time between the announcement of a vulnerability and it being exploited is shrinking, it pays to act quickly.

The other things you can do to stay safe fall into the realm of common sense. To begin with never open an attachment on an e-mail you were not expecting – even if it appears to come from someone you know.

Never reply to spam e-mail messages as that just confirms your address is live and makes it more valuable. Be wary of any e-mailed message about online financial accounts you own. Learn to spot the signs of phishing e-mails.

APPLE

Apple users who feel confident that they are invulnerable to attacks should also take steps to protect themselves.

While virus attacks are virtually unheard of, the platform can be subject to malware and adware.

The firewall on an Apple computer should be switched on and common sense regarding potential phishing attacks should be applied.