Well, I woke up today being as cold as it is outside and drinking my tea as I read through my selective blogs and sites. Only to find a great write up that pushes the reality forward about how the internet is and can be in the future.

Chris Boyd, Director of Malware Research for FaceTime Security Labs, and a good friend of ours today blogged about how a young script kiddie can be the future of all our problems.

He paints a portrait of an artist as a young man, which goes into detail of a young hacker who could replace the current crop of organisations which exist:

“Forget Storm Worms, FastFlux, RBN and all the other things we like to wheel out and scare ourselves with - the endless, throbbing mass of (mostly) faceless, nameless kids like this guy are the real worry. Because if we don’t do something about them, in five years time (or maybe less) they’ll be the new architects of the next wave of Storms and RBNs and shady Adware vendors.”

And I would agree, because the individual mentioned is not the only one out there. There are more kids like xHelgiBx who are far more advanced and probably the same age.

It’s time to work and stick together. Report suspect sites, programs, individuals and anything else that is slightly suspect. Rather double check than leave it be!

If you have a concern, know something that is suspect or just wish to have a chat, then chat about this in our forum.

The latest to roll of the rogue anti-spyware programs production line. This one is a successor of VirusProtectPro and other rogues. Called VirusProtect.

I don’t really have to go into a lot of detail, but to those who are new, I will.

All zlob related rogues auto install after you download and install a codec to watch videos on the internet (and sometimes listen to audio). These codecs are fake.

Once the trojan is installed, you’ll automatically get fake warnings pop-ups in your windows taskbar (your bottom right). The rogue will then install itself, without your permission. Once installed it will automatically scan your system for so called infections. What it finds is the malware that has come with it in the first place. In order to remove it, it informs you that you need to purcahse the software. Please don’t.

This is how it looks like:

(Click to Enlarge)

Please do not purchase it. Infact we have a free removal guide you can use:

Automated VirusProtect Removal Guide.

Along with that you can always tell your story to us in our forum and also complain about this at MalwareComplaints.Info. Tell us your malware problems!

Warning! The following may well offend you. If you do not wish to be offended by the worst type of comedy ever! Look away to your right and say bananas!

… seriously, I don’t want to be done for neck strain either … Let’s get on with it.

Some of you may have taken part or even read the thread at CastleCops which involved the authors from a classified rogue. The one thread that had us slamdunking the guys behind IE Defender. Well a week later and I think they are trying to be comedians.

On a different domain to the one IE Defender is on (iedefender(dot)com), they also set-up another domain;

www(dot)xiedefender(dot)com

And up until yesterday, this domain had a 403. Not anymore:

(Click to view a larger copy) - This was the look on the 11th of Nov.

This was the look of the domain on the 11th of November. And this clearly shows the lack of braincells one can have at any time. Not to mention these also create the rogues that cause alot of headache to computer users.

And to think we have lost is like thinking a horse and cart will always win a lap round Silverstone over a F1 car. Not even possible.

It appears the domain in question is changing its content, thanks to a tip from ShadowPuterDude. Would you trust the owners of your anti-malware/virus/spyware to have an attitude like this?

(Click to view a larger copy) This was the look on the 12th of Nov

The text the image above shows is now already outdated. It’s changed from:

IEDefender is coming... Yeah it will be today :)

To:

IEDefender is coming...

Now after the attempt to be comedians, these kids have probably stuck to their word and the domain, xiedefender(dot)com has fully changed:

(Click to view a larger copy) - This was the look on the 12th of Nov.

All the free removal tools we recommend will be updated as we have already got all new varients to nuke it. Just get yourself into our forum and chat about this. I’m sure we will.

Other Coverage:- MalwareTeks - Nellie2

Last Updated - 12th of Novemver 2007 21:57 pm

Yesterday, whilst chatting to a known community expert, we got chatting about Internet radio and each others blogs. Plus security was a hot topic as well.

We discussed the recent spat between IE Defender and the community and the well documented discussion between ESG and the community. And other areas’. It was nice to chat with someone whom I don’t chat too often, yet we had a lot in common.

After awhile I was introduced to an Internet radio station this expert broadcasts from every week, CNI Radio. It was nice to see such an approach as I have hardly ever listened to Internet radio that covers the area we work in.

To cut a long story short, we got asked permission for them to mention us in their weekly show. What do you think my answer was?

… Correct, it wasn’t going to be No.

I’ll try and get a recording as soon as I can. This is a nice mark for me personally and for us as a support site. We now ride the air waves! Thanks goes out to Bambi for making it possibly. It’s a worthy show if you like to be educated.

Well this is comedy gold - Spandau Ballet Style!

The authors behind IE Defender dispute the classification the security community is making of their program IE Defender. But this is not the first time a dispute has happened?

If you’re a regular reader here you may remember VirusRescue. The authors behind that joke also disputed our classification (Click for more).

Back to IE Defender, it’s authors have responded with a host of messages at CastleCops:

“Hello, we’re developers of IEDefender, our software is clean and is real antispyware. As we can see, people from your site send our exe to different antivirus and antispyware companies, trying to black PR our company. They’ve got answers, that our soft is clean, because IT IS CLEAN! We contacted Kaspersky, they also confirmed, there are no problems with our software, you can check our .exe with any popular antiviruses, there no problems! Stop sending your detractive mails and messages, in other case we would be forced to send all information to our lawyers and meet your representative in the court, where it would be very hard for you to prove, that our software is not real, because IT’S REAL ANTISPYWARE!”

… lol … lol … lol … and it gets better! Get yourself over at CastleCops and read all the messages in full here. And discuss it in our forum.

More Coverage - MalwareTek - Digg It