Latest news in technology from BitWise Computer Repair and Consulting.

Kelihos botnet now gaining strength

February 2, 2012

A botnet that was crippled by Microsoft and Kaspersky Lab last September is spamming once again and experts have no recourse to stop it.

The Kelihos botnet only infected 45,000 or so computers but managed to send out nearly 4 billion spam messages a day, promoting, among other things, pornography, illegal pharmaceuticals and stock scams.

But it was temporarily corralled last September after researchers used various technical means to get the 45,000 or so infected computers to communicate with a “sinkhole,” or a computer they controlled.

But the computers that comprised Kelihos were still infected with its code. Researchers knew that it would only be a matter of time before its controller used the botnet’s complex infrastructure of proxy servers and communication nodes to regain control.

In fact, it happened shortly after the researchers intervened. Sinkholing the botnet was only a temporary solution.

“We could have issued an update to those machines to clean them up, but in several countries that would be illegal,” said Ram Herkanaidu, security researcher and education manager for Kaspersky Lab.

Read the rest of this entry »

Facebook files for $5 billion IPO

February 2, 2012

Facebook is hoping investors will “like” the social network just as much as its users already do. Following a series of rumors that have multiplied in recent weeks, Facebook filed for Initial Public Offering (IPO) on Wednesday with the Securities and Exchange Commission at a value of $5 billion.

The impending IPO has been widely expected among investors and tech circles for some time, with the earliest rumors going back for years. Some expected the company to raise upwards of $100 billion (yes, you read that right—one hundred billion US dollars) but according to the company’s S-1 filing with the SEC, Facebook is aiming for a much more reasonable $5 billion to start.

For some extra reading, there’s a letter to investors buried within the S-1 filing from Facebook founder and CEO Mark Zuckerberg himself. Below is the text in full:

Facebook was not originally created to be a company. It was built to accomplish a social mission — to make the world more open and connected.

We think it’s important that everyone who invests in Facebook understands what this mission means to us, how we make decisions and why we do the things we do. I will try to outline our approach in this letter.

At Facebook, we’re inspired by technologies that have revolutionized how people spread and consume information. We often talk about inventions like the printing press and the television — by simply making communication more efficient, they led to a complete transformation of many important parts of society. They gave more people a voice. They encouraged progress. They changed the way society was organized. They brought us closer together.

Today, our society has reached another tipping point. We live at a moment when the majority of people in the world have access to the internet or mobile phones — the raw tools necessary to start sharing what they’re thinking, feeling and doing with whomever they want. Facebook aspires to build the services that give people the power to share and help them once again transform many of our core institutions and industries.

There is a huge need and a huge opportunity to get everyone in the world connected, to give everyone a voice and to help transform society for the future. The scale of the technology and infrastructure that must be built is unprecedented, and we believe this is the most important problem we can focus on.

We hope to strengthen how people relate to each other.

Even if our mission sounds big, it starts small — with the relationship between two people.

Read the rest of this entry »

The Koobface malware gang – exposed!

January 17, 2012

An investigation by Jan Drömer, independent researcher,
and Dirk Kollberg, SophosLabs.

On 17 January 2012, The New York Times revealed that Facebook plans to name five men as being involved in the Koobface gang. As a result of the announcement, we have decided to publish the following research, which explains how we uncovered the same names.

Introduction: there ain’t no perfect (cyber)crime

The Koobface botnet – a product of the self proclaimed “Ali Baba & 4″ or “Koobface Gang” – has been terrorizing millions of internet users since mid 2008 and continues to do so up to the present day, despite multiple takedown efforts.

The research below, conducted by independent researcher Jan Drömer and Dirk Kollberg of SophosLabs, is focused on the suspects behind one of the largest cybercrime threats in recent years and the process of their identification.

Research into the suspects was mainly conducted from early October 2009 until February 2010 and has since been made available to various international law enforcement agencies.

As in real life, a perfect (cyber)crime is something of a myth. The simple truth is that today’s cybercrime landscape is aimed at achieving maximum revenue with minimal investment, and that implies a certain level of accepted imperfection.

It is this imperfection, paired with a sense of “criminal arrogance” and an uncontrollable threat environment such as the internet, that ultimately led to the identification of multiple suspects forming the “Koobface gang”. Read the rest of this entry »