Some possibly interesting links and a very old new paper

If you regularly follow my blogs, you'll know that while this my primary blogspot, it isn't the only site to which I post (see signature for full details). Here are a few recent blogs and microblogs that may be of possible interest.

@Mophiee asked me about the ICPP Trojan on Twitter (where I'm @ESETblog or @dharleyatAVIEN, though the Research team has a communal account at @esetresearch). There's lots of background info at http://tinyurl.com/yblgpqb, which I won't try to summarize, but I should also emphasise that we also detect those variants as Win32/Adware.Antipiracy, and also have an Online scanner at http://tinyurl.com/yjcukpg.

As Mikko Hypponen has also pointed out, there's a good article at the Electronic Frontier Foundation web that  attempts to control copyrighted material as if this was 1910 rather than 2010. As Mikko says, this is exactly the reason why people so easily fall for frauds like the "ICPP" trojan: http://bit.ly/brYWEK.

I posted at Mac Virus about a new Mac malware variant at http://macviruscom.wordpress.com/2010/04/17/hellish-mac-malware/. I also posted more about Londoning and blackhat SEO at http://chainmailcheck.wordpress.com/2010/04/17/londoning-and-seo-is-that-why-mums-go-to-iceland/.

I drew attention on the AMTSO (Anti-Malware Testing Standards Organization) blog to an upcoming SOURCE testing event in Boston: http://amtso.wordpress.com/2010/04/15/upcoming-source-event/.

And there's been so much interest this week in a paper I presented at EICAR in 1998 on social engineering that I've made it available again. You can also link to it from the ESET white papers page at http://www.eset.com/documentation/white-papers

And here's a thought from @briankrebs that I like a lot:

"3 tips cover most threats: If you didn't go looking for it, don't install it. If you installed it, update it. If you don't need it, nix it."

David Harley CISSP FBCS CITP
Research Fellow & Director of Malware Intelligence

ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter:
http://twitter.com/esetresearch; http://twitter.com/ESETblog
ESET White Papers Page: http://www.eset.com/download/whitepapers.php

Securing Our eCity community initiative: http://www.securingourecity.org/

Also blogging at:
http://amtso.wordpress.com/
http://avien.net/blog
http://blogs.securiteam.com
http://blog.isc2.org/
http://macvirus.com/
http://chainmailcheck.wordpress.com
http://smallbluegreenblog.wordpress.com/