Readers of the Seattle Times and Seattle Post Intelligencer Web sites may have unknowingly had their computers infected with a virus, the Times reported on Tuesday.

The risk wasn't limited to the Seattle newspapers, with readers of the New York Times and San Francisco Chronicle Web sites also being put at risk, since Gabriels serves up ads to those newspapers' sites as well. More than 50 Web sites have been affected by the virus since early July. The virus apparently does not harm users' computers but does mess up the "experience" of the affected Web sites.

Infected computers may display messages referring to virus scanners or provide fraudulent instructions. The Seattle Times advised readers to scan their computers with anti-virus software and clear out the cache in their Web browsers.

Most Web users are familiar with the advice that e-mail from strangers should never be opened and that e-mail attachments, even from people they know, should always be treated with caution. This type of virus risk is much more difficult for the average Web user to avoid, since the newspaper sites are considered trusted Web destinations. [Source: Seattle Times.]

Be wary when opening e-mail greeting cards this Valentine's Day if you don't know the sender. As Switched.com has been warning all its readers for a few weeks now, the message could turn out to be a computer virus, in this case known as a "botnet," which can take over your computer to send more viruses out, link to other computers doing the same, or even steal your personal information.

The FBI suggests not opening e-mail if you don't know the sender.

This particular e-mail baddy is known as the Storm Worm virus, and saw activity around several holidays last year. It takes advantage of people who let down their guard because an e-mail greeting card is often entertaining and seen as non-threatening.

Typically, the e-card arrives in a user's in-box, the e-mail is opened, and the user is directed to click on a link within the text to retrieve the full card. That's when the virus download occurs. The Storm Worm will be downloaded to that computer and begin its bad work, which ultimately is to deny service to a large network.

Storm Worm (so named because the subject line of the e-mail messages originally contained the line "Many Dead As Storm Batters Europe") was the most pervasive Internet attack last year.

Here are Switched.com's quick three tips to avoid Storm Worm and other viruses, trojans and malwares from being downloaded to your computer:

1. Don't click on a link in an e-mail message from someone you don't know.
2. Turn on your e-mail reader's spam prevention.
3. If an advertisement you find on a Web page looks suspicious, type in the company Web address yourself instead of clicking directly on the ad (Sometimes Web ads are another way viruses and trojans get distributed.)

Are you looking for a safe way to send a Valentine's Day greeting card -- or a card for any other occasion? Try Hallmark, Bluemountain, or, of course, our parent, AOL, which has a whole site dedicated to just that.

From News.com.au.

Related Links:

• New Malicious MySpace Friends Plant Viruses
• Record Industry Wants Anti-Virus Software to Scan for Pirated Files
• Malicious Websites Trick Google, Infect Computers

The Recording Industry Association of America really, really wants to stop people from downloading illegal music. Over the years it has supported crippling copy protection that would leave your music files unplayable should you get a new computer, has stated that ripping your own CDs to your own MP3 player is illegal, and showed its commitment by hitting a single mother for a $220,000 fine for sharing two-dozen songs online. Now the RIAA wants unfettered access to the contents of your computer as part of a virus scan.

The software, which would either be part of anti-viral scanners or even something your ISP might require you to install, would run through your files on a regular basis and ensure that they are, indeed, your files. Presumably if it found something that wasn't yours it would alert the authorities and you'd be due for a summons.

This raises the question of just how the RIAA would be sure that the files it scans are indeed yours. Especially given those statements that ripping CDs is illegal, would it be flagging every iTunes or Windows Media Player track that didn't have DRM on it? It's a frightening concept even for those who do not illegally download music and one that we at least hope never sees the light of day.

From Fark and Gizmodo

Related Links:

• RIAA Claims Ripping CDs for Personal Use is Illegal
• Mom of Two Stung With $220K RIAA Penalty
• Software Pirates Could Get Up to 10 Years In Prison

If you bought a 10.4-inch Insignia-branded photo frame with model number NS-DPF-10A from Best Buy during the holidays, then beware: The device may come with a virus that can infect Windows-based computers.

Best Buy has taken all the remaining Insignia-branded frames off its store shelves and has discontinued producing them. According to the Insignia Web site, "this is an older virus which is easily identified and removed by current anti-virus software." The company is also providing telephone support for any consumers concerned they have one of the infected frames at 1-877-467-4289.

(Note: Insignia is a brand name created and owned by Best Buy to create several lines of consumer electronics products for distribution through its stores. This is similar to store brands of other types that consumers typically see in everything from grocery stores to auto parts dealers.)

This isn't the first time a consumer electronics product comes installed with a little something malicious that the consumer wasn't counting on. GPS maker TomTom found out the hard way in late 2006 that a batch of its GO 910 units were infected at the factory level with a virus. And even the beloved iPod hasn't been immune, with an incident also in late 2006 where a collection of its 5.5-gigabyte MP3 players sprung up with a virus that was inserted at the manufacturing point. (That virus only infected Windows machines, as well.)

How does this happen? Typically, it's not the work of some nefarious factory employee who wants to sabotage a product line. Instead, the people who work at these manufacturing points are just as susceptible as the rest of us to mistakenly downloading a virus onto their work computers. This virus then replicates itself and ultimately makes its way onto one of the computers that is tasked with setting up the consumer electronics products destined for store shelves.

Both Apple and TomTom stated at the time that they were reviewing their manufacturing processes to prevent this from happening again and issued warnings and advice to consumers, just as Best Buy and Insignia are doing now.

Best Buy has not issued a recall of the photo frames. Since the flaw is (apparently) easy to correct, we don't think a panic is forthcoming -- or necessary.

From ComputerWorld.

Related Links:

• New Malicious MySpace Friends Plant Viruses
• iPhone Gets its First Virus
• Online Videos Could Deliver Viruses, Experts Say
• Anti-Virus Software Downloads

...And the Storm Worm strikes again. Like a computerized Tet Offensive, the team behind the now infamous Storm Worm uses holidays as an excuse to launch attacks on unsuspecting e-mailers. Christmas, New Year's, and now the computer criminals are prepping for an electronic Valentine's Day massacre.

The nature of Valentine's Day may make the attack much less effective. New Year's and Christmas are holidays in which people often reach out to family and friends they don't speak to on a regular basis, where as Valentine's tends to be celebrated privately by couples.

The attack is also not very sophisticated and can be easily thwarted by even the least computer savvy of users. The worm presents itself in the form of an e-mail with a Valentine's Day subject and a body consisting of a simple IP address. Clicking on the IP address takes you to a page that displays a heart and the message "your download should begin shortly." If your download doesn't automatically start it instructs you to click a download link and run the file.

The attack probably won't be as successful or as widespread as past outbreaks, but some sad lovers are sure to be infected.

From Ars Technica

Related links:

• New Malicious MySpace Friends Plant Viruses
• Sneaky New Windows Virus Steals Financial Data
• iPhone Gets its First Virus

In the 'Star Wars' universe, it was Luke Skywalker's Rogue Squadron that was largely responsible for driving back the forces of the evil empire. However, in the world of computing, just about anything labeled "rogue" is a very bad thing indeed. So, reports of "rogue friends" on MySpace don't sound promising, and indeed they are not. Hacked and bogus accounts are nothing new on MySpace, but now they're packing viruses and have the potential to take over your computer.

According to the virus experts at McAfee, this new type of attack seems to be coming from hackers in the Ukraine or Malaysia. Requests from rogue friends look just like any other request, but once accepted, visiting the new friend's profile displays a popup that asks if you would like to download an official update to Windows. The update is, of course, not official, and should you click to download it, you will find yourself infected.

It goes without saying that, just like you shouldn't open e-mail attachments from random people, you should be cautious when accepting random friend requests from people you don't know.

From 'The Daily Mail'

Related Links:

• Is Canceling Your MySpace Account Impossible?
• Another MySpace Predator Caught Going After Children
• MySpace Finally Takes Steps to Protect Kids

Warning -- a new virus is making its way around the Internet. The virus, dubbed Mebroot, lodges it self in the Master Boot Record (MBR), a part of the hard drive responsible for loading the operating system, where it is out of the reach of most anti-virus software.

The virus itself doesn't actually harm a PC, but it does load other software on the computer, including key-loggers that are triggered when a user visits any of 900 financial institutions' Web sites. The virus then captures the user's log-on information and sends it back to the virus writers, who specialize in stealing confidential information.

The virus is classified as a root kit, meaning it hijacks the administrator functions on the computer and evades detection by normal scanning methods, in this case by hiding in the MBR. Few anti-virus programs can detect the virus, and none can remove it. Because of its location in the MBR, the virus cannot be removed once the computer has been booted.

That said, an independent company GMER has developed software that can scan for and remove the rootkit.

From The BBC

Related Links:

• iPhone Gets its First Virus
• Malicious Websites Trick Google, Infect Computers
• E-Mail Security Hole Found in Apple's OS X Leopard

You just had to figure this was coming. With phones getting smarter and more advanced, and with the popularity and hype surrounding the iPhone, a virus just had to be in the cards. And that's exactly what been released. But, breathe easy: if you're one of the vast majority of iPhone users who haven't unlocked your phone, you aren't susceptible to a virus -- at least not yet.

The virus is what's called a trojan, something that pretends to be something else to get you to install it. According to Macworld UK, this virus pretends to be an update to Erica's iPhone Utilities, a popular suite of tools for those who have unlocked their phone, enabling them to install whatever they like. This means, of course, that if your phone isn't unlocked you couldn't install the app anyway, so no virus worries for you.

As viruses go this one isn't a particularly bad one. If you're infected your iPhone will just show the text "shoes" rather frequently. Go to uninstall it, though, and it'll wipe out the installation of many of your system applications.

The kicker is: the thing was apparently written by an 11-year-old, making us wonder what will happen when a serious malicious developer decides to try his hand at killing some iPhones.

From textually.org and Macworld UK

Related Links:

• Hackers Will Go After iPhone in 2008, Says Network Security Firm
• iPhone's Web Browser Vulnerable to Hacker Attacks
• The FBI's Spyware: Is it Watching You?

A number of malicious websites have popped up online over the past few weeks, and unlike most dangerous destinations that lurk in the dark recesses of the Internet, these have been showing up at or near the top of some seemingly innocuous Google searches for words like "Christmas". The sites, believed to be run by a high-tech wing of the Russian mafia, used flaws in older versions of Microsoft's Internet Explorer browser to install malicious software that could take control of your computer.

The delivery of malicious software through web sites is nothing new, but what is new was the rank these pages were able to achieve at search engines like Google and MSN Search. Through extensive campaigns of comment spam, posting innocuous things on popular blogs with links to their bogus sites, these sites were able to work up a virtual reputation. Google and other search engines see these links from popular blogs and are tricked into thinking that the site being linked to is also reputable, resulting in prioritized search results.

The sites of course were not reputable, and Google at least has already removed most of them, but it's a troubling trend that's all too similar to the hacking of Al Gore's blog earlier this week. So, as always, be safe out there and keep your operating system and browser up to date.

From BBC News

Related Links:

• Al Gore's Blog Hacked
• Did China Hack the Pentagon?
• Cyber Attacks in Eastern Europe

Mac addicts like to tout their chosen operating system's security superiority over those who have chosen Microsoft's product, but a report of a major security oversight in the latest release, Leopard, might just give Windows users something to snicker about. It seems the latest Apple OS has a critical flaw in its e-mail application -- a flaw that was fixed in older versions of OSX.

The flaw enables a person to attach malicious code to an e-mail attachment that looks like a simple JPEG image. When you double-click on that supposed image, the code runs and can do whatever it likes to your system, including deleting all your files (or just running something in the background to steal all your passwords). It surreptitiously uses the Unix command-line prompt that few OSX users ever see.

Older versions of Apple Mail pop-up a warning when such attachments are run, but this new one does not, leaving less-in-the-know Mac users somewhat in the cold. To see if your Mac is properly warning you about these e-mails, you can have a safe one sent to you by using the Emailcheck service at heise Security.

From heise Security

Related Links:

• Leopard Out Tomorrow, and the Reviews Are Positive
• Apple's New Leopard Hits Illegal Download Sites
• Apple's Leopard OS Has Bugs

It wasn't all that long ago that director Ang Lee was opening eyes and pushing boundaries with 'Brokeback Mountain,' a film about sweaty cowboy man love. Now he's back with another controversial film, but this one's stirring up a different sort of controversy, this time in China. The hullabaloo features an interesting mix of warnings from a variety of sources, including both physicians and computer scientists who are all urging caution in viewing the film.

The first warning appears to be intended to stop Chinese computer users from downloading illegal copies of the film. A Chinese anti-virus company is saying that those copies of the film that can be found online come with a virus. The firm isn't detailing just what virus it is, but says the virus contains code to snag user passwords.

The second warning comes from Chinese physicians who warn that the ... erm ... extreme sexual positions demonstrated in the uncensored version of the film (which is seven minutes longer than the heavily censored version shown in China) rely on "abnormal body positions." They advise that only women with "comparatively flexible bodies that have gymnastics or yoga experience" dare try them, or risk "unnecessary physical harm."

We're not sure how much of these examples are sound warnings from concerned experts, and how much is a sort of combo smear-campaign against both illegal downloading and illicit films. We here in America think that if you're planning on seeing this film -- and we don't recommend it since it's likely to be an illegal copy -- you should fire up your virus scanner and either do a few stretches, or call up that gymnast you dated in college.

From Reuters

Related Links:

• Five Steps to a Safer Password
• MySpace Scam Offers Free Macy's Gift Card
• Hacked Alicia Keys MySpace Page Could Leave You With a Virus

We try to keep you abreast of the latest scams, whether they appear to come from MySpace or the U.S. Government. We also try to let you know about new viruses that might infect your machine with monitoring software capable of stealing the passwords to all your online accounts. These are all bad, of course, but if you're using a password so simple that someone can guess it after two or three tries, well, you may as well download all the viruses you can find.

To help, the British government has started a program called Get Safe Online to help keep folks in the U.K. from being statistics. Its recommendations range from software update advice to ways to secure your wireless network.

When it comes to passwords, to save you some time, Shiny Shiny has compiled the top five tips to a more secure account. They are:

1. Your cat's name is not unique. Leave it alone. Ditto your name, your birthday, your mom's maiden name or your birthday.
2. Don't use a dictionary word. They can be cracked with clever -- and even not-so-clever -- password hacking programs.
3. Don't use Qwerty, one of the most popular passwords on the block. Consecutive letters are generally a no-no as they're easily guessed.
4. Use a combination of upper and lower case, letters, and numbers. If non-alphanumeric symbols are permitted, throw a few of those in. Make it as nonsensical as possible, even to you. And if you do need to write it down, try not to do it on a piece of paper entitled Internet Banking Passwords...
5. Now is not the time to be restrained. Many sites will have a minimum-character-length password, but few have a maximum. Length is in your favor as it increases the myriad of combinations that would have to be tried out before your password could be cracked.

These all jive pretty well with our own recommendations compiled earlier this year, where we list password as the number-one least-secure password ever, for obvious reasons. And no, Mr. Lazy, password1 isn't much better.

From Shiny Shiny

Related Links:

• Is Your Password on This List?
• MySpace Scam Offers Free Macy's Gift Card
• Fake FTC E-Mail Contains Computer Virus
• Hacked Alicia Keys MySpace Page Could Leave You With a Virus

Back in August, we reported on a new form of spam that was sweeping inboxes around the world: the use of PDF attachments to hide product pitches from spam filters. That seeming flood of spammy attachments was apparently more of a wave, which passed quickly and seemed to be gone. But now the PDF spam scourge is back, with hundreds of thousands of these attachment e-mails being received over the past few weeks. And, troublingly, the PDF attachments in those e-mails are infected with viruses that can lead to trouble down the line for your computer (and your personal information).

If opened, the PDFs use a flaw in the Acrobat Reader PDF viewer that enables the sender to install so-called malicious software, or malware. This malware actually goes out and downloads, then installs, other malware from other machines. Thankfully these programs don't appear to actually impact or corrupt the files on your machine, but they can be used to send that personal data to someone, and can also be used to turn your computer into a so-called zombie, which means it can be controlled remotely to participate in the sorts of attacks that were levied against Estonia in May.

So, as always, watch those attachments. If you don't know what the PDF contains or who sent it, don't open it.

From Network World

Related Links:

• Spammers' New Methods of Deception Uncovered
• Cyber Attacks in Eastern Europe
• The Top Five E-Mail Scams

We've said it before and we'll say it again: Never trust an e-mail, especially one carrying attachments, regardless of where it says it comes from. Still don't believe us? Check out this latest example, an e-mail purporting to be from the Federal Trade Commission (FTC) that supposedly is notice of a complaint posted against you, the recipient. The attached complaint is, of course, not really a complaint, but rather a virus that is, ironically, resulting in thousands of complaints made being to the FTC.

Early reports suggest that the virus doesn't delete or corrupt your files, but instead runs itself in the background on your computer and logs your keystrokes. This type of virus is called a keylogger, and can be harmful because it can record and save private information like passwords and bank account numbers. This confidential information is often used by cyber-criminals to clear out your bank accounts or steal your identity.

If you should receive such an e-mail -- it'll be from the 'frauddep@ftc.gov' e-mail address and will be full of spelling and grammatical errors and typos -- don't open it. Instead, just forward it on to the FTC's spam database address, spam@uce.gov, and then delete the thing. Whatever you do, do not open the file attachment, as that most likely contains the virus. That said, sometimes even opening the e-mail may be enough to infect your machine depending on your settings, so you'd better run a virus scan just to be safe.

You do have a virus scanner ... right?

From Government Technology and InformationWeek

Related Links:

• The Top Five E-Mail Scams
• Nude Celebrity E-Mail Infects More Than Curiosity
• Online Videos Could Deliver Viruses, Experts Say
• Majority of Americans Can't Spot an E-Mail Scam

If you receive an e-mail (even from a friend) with an attachment promising video of starlets like Angelina Jolie or Natalie Portman wearing nothing but their pride, do yourself a favor and don't open it: It's a virus. Amazingly, 80 percent of reported computer infections last month came from this single source. The e-mails contain a message along the lines of, "Shocking video of nude Angelina Jolie," and carry a single attachment named either amazing.zip or shocking.zip. The attachment purports to contain the titillating peep show, but what it actually includes is a piece of malicious software called a rootkit.

A rootkit is basically computer code that installs itself in a protected area on your machine's hard drive. Once there, it's very difficult to detect and remove. Frighteningly, it can do just about anything it wants, including monitoring anything you type on your keyboard, rifling through your files for confidential information, participating in attacks against other computers and, of course, e-mailing itself to all of your contacts.

Sending your friends a virus is no way to win their admiration, but sending them a virus that proves you're the sort of person who would open an attachment like shocking.zip, well, that could do some serious long-term harm to your social status.

If you suspect your computer is infected with a virus, or you'd like to know how to spot the threats currently spreading themselves over the Internet, anti-virus software maker McAffe is a great resource. Granted, this a company trying to sell you a product, but its site offers free information on current viruses and free tools for removing some of the more sinister ones.

From Daily Mail

Related Links:

• The Top Five E-Mail Scams
• Cybercrime More Lucrative Than Drug Trade
• Study Claims 83% of All E-Mail is Spam
• Online Scammers Using Pets to Get Your Cash