• Yahoo site flaw uncovered
• Rogue antivirus: a growing problem
• Malware writers feeding on Twilight mania
• Police make “trojan” virus arrests
• MS discovers flaw in Google plug-in for IE
• Dumb code could stop computer viruses in their tracksDumb code could stop computer viruses in their tracks

There are more articles located within the NewsBot Centre. Plus there is also an chance to have your blog feed included. Details about it can be found here.

• Softpedia’s exclusive interview with Malwarebytes: Malwarebytes Accuses, IObit Plays Dead
• Rogue Anti-Spyware Targets Sesame Street’s Big Bird
• New Koobface Component Imitates Facebook User
• Firefox flaws make up 44% of all browser bugs?
• Windows 7 Team: How we really designed the look and feel of Windows 7
• Pushdo/Cutwail Spambot – A Little Known BIG Problem
• New Declaration by IObit about MBAM’s database;Iobit apologizes
• Keylogger Software Company Not Liable for Eavesdropping by Ex-spouse — Hayes v. SpectorSoft

There are more articles located within the NewsBot Centre. Plus there is also an chance to have your blog feed included. Details about it can be found here.

All articles in the NewsBot Centre are imported from blog and site feeds from the world of security and technology. This weeks articles are:

• Fugitive gives the game away with Facebook updates
• Twitter launches tool for nailing spammers (Follow @Securitycadets)
• MJ’s New Song Leaked Triggers Spam Attacks
• Trojan Turns Smash & Grab Into Grab & Smash
• With botnets everywhere, DDoS attacks get cheaper – $30 only
• Bad anti-malware affiliates caught by MVP S!ri Urz

There are more articles located within the NewsBot Centre. There is an oppertunity to put your blog feed forward and have a chance to be added to our NewsBot service. Details about it can be found here.

• Dell to acquire Perot for $3.9bn
• Google Confirms That Keyword Metatags Don’t Matter
• Razer downloads distributing malware
• Fake anti-virus attack on Twitter
• Microsoft: Google Chrome Frame makes IE less secure

There are more articles located within the NewsBot Centre. There is an oppertunity to put your blog feed forward and have a chance to be added to our NewsBot service. Details about it can be found here.

• ISPs asked to cut off malware-infected PCs
• ‘Ice explorer’ ready for launch
• Microsoft’s Bing.com goes visual
• ClamWin Free AV released a build with Ask Toolbar
• Zbot evades most anti-virus programs
• Fake AV – why I want your FTP credentials

There are more articles located within the NewsBot Centre. There is an oppertunity to put your blog feed forward and have a chance to be added to our NewsBot service. Details about it can be found here.

• T-Mobile and Orange in UK merger
• Flight site hacker ‘identified’
• Future Firefox to Nag Users on Insecure Plug-ins
• Jobs returns to Apple limelight
• Windows 7 Security Bug Emerges at Worst Time for Microsoft
• FakeAV for 9/11
• Sears forced to destroy spyware-gathered information

There are more articles located within the NewsBot Centre. There is an oppertunity to put your blog feed forward and have a chance to be added to our NewsBot service. Details about it can be found here.

• eBay ‘reaches deal to sell Skype’
• The Conficker worm makes a comeback
• Reboot for UK’s ‘oldest’ computer
• Rogue AV Goes Green
• Fake Flash For Firefox
• WordPress blogs falling prey to worm

There are more articles located within the NewsBot Centre. There is an oppertunity to put your blog feed forward and have a chance to be added to our NewsBot service. Details about it can be found here.

Also, on a side point away from our weekly round-up, our application (formally codename ProjectX) SCars, is in full swing and several components are finished. There is no predicted release date, but we will hopefully provide a run down of what we’re actually programming soon. We are after a few graphic designers to help us with graphics on the application. Please contact me, AndyAtHull, via my forum account for details. Let us crack on.

All articles in the NewsBot Centre are imported from blog and site feeds from the world of security and technology. This weeks top articles are:

• Nokia announces netbook offering
• Malware Writers: Will That Be OS X, or W?
• Internet cut-off threat for illegal downloaders
• Hackers prefer to use Firefox and Opera
• Black man becomes white in Microsoft advert gaffe
• Google: Malware Statistics Update
• Apple confirms malware protection in Snow Leopard
• New ‘rogueware’ variants spotted: SaveKeep, SaveSoldier and TrustNinja
• FBI fears free laptops could be malware scam
• Back with a vengence: Fresh MS06-028 malicious PowerPoint documents

There are more articles located within the NewsBot Centre. There is an oppertunity to put your blog feed forward and have a chance to be added to our NewsBot service. Details about it can be found here.

• Digital Spy fights second malware attack
• UAE Blackberry update was spyware
• How to Check if Installer is bundled with Ask toolbar or Ask/IAC?
• Twitter, Facebook urged to improve security
• Comodo continues to ignore Malware warnings
• Fake Avira website using Comodo certificate
• Rogue anti-spyware on Twitter
• Malware SPAM: UPSNR_881762102.zip and ecard.zip

There are more articles located within the NewsBot Centre. You can also add your feed to our NewsBot should you wish, details about it can be found here.

• Bing is live!
• Microsoft unveils new controller
• Malware SPAM: 123greetings.com card – bizzi11.zip
• Malware SPAM: Outlook Setup Notification – micr__outlook_update_6556.zip inside Outlook Setup Notification.zip
• Twitter hit with rogue anti-virus scam (Follow @Securitycadets)
• Windows 7 release date announced
• FTC Sues, Shuts Down N. Calif. Web Hosting Firm
• Google Chrome Out for Mac and Linux – Just Don’t Download It

There are more articles located within the NewsBot Centre. You can also add your feed to our NewsBot should you wish, details about it can be found here.

• Ask brings back butler Jeeves
• Stopbadware delists CyberDefender as badware (Read our take on this)
• BBC iPlayer goes high definition
• PCWith.org software bundles their program with Rogue software PC MightyMax 2009
• Zango in transition to Blinkx
• Net security, Windows 7 and Conficker under scrutiny
• Microsoft, HSBC, Sony, Coca-Cola(…) New Zealand hacked
• Yahoo pulls the plug on GeoCities
• ShuURL: A Safe URL Redirection using Web of Trust
• Malware SPAM: WorldPay CARD transaction Confirmation – WorldPay_NR9712.zip
• Windows 7 Release Candidate

There are more articles located within the NewsBot Centre. You can also add your feed to our NewsBot should you wish, details about it can be found here.

… Well, they all imitate legit removal tools for malware. And probably created to gain financial advantages from the traffic the original tools get.

This time they have released another version called ComboFixTool which imitates the legit tool ComboFix.

Make no bone about it. SmitFraudFixTool, VundoFixTool and now ComboFixTool are the fake applications here. Not SmitFraudFix, VundoFix or ComboFix.

What is funny at the time of me writing this is that the offending domain has not been updated. Nor has it’s download. Example below:

(Click to Enlarge)

Another twist on this story are the comments we’ve been getting from the last product this gang released. A victim has claimed to even get a refund on the amount of money they had spent before realising it’s practices from our articles. They’re also receiving help in our support forums.

A discussion has started about ComboFixTool over at BleepingComputer.com. And it’s safe to say that exploiting ComboFix is a dangerous prospect. You should never use the legit tool without supervision due to the nature of it. So when this fake application comes along, the impression it has could well affect this area of ComboFix and possibly push users into confusion.

We have procedures to help you with this kind of problem. Our forums have experts in place to assist you and will provide step-by-step help freely in removing it:

• Malware Removal Assistance with an Expert

Update (29/03/2009 – 17:41 PM – BST) – Offending URL’s are combofixtool.org and combofixtool.com. Both sites still not updated with graphics and download.

Update (31/03/2009 – 20:40 PM – BST ) – Both offending URL’s are now down – Result

Selective Linkbacks;

• Dell Forums – ComboFixTool – What’s that all about?
• Forum Linkback- ComboFixTool – What’s that all about?

All articles in the NewsBot Centre are imported from blog and site feed from the world of security and technology:

• WinPatrol 2009 (V16.0.2009) is here! (or Introducing WinPatrol 2009)
• Massive Profits Fueling Rogue Antivirus Market
• Twitter growth explodes in a year (Follow us on Twitter @Securitycadets)
• Passwords of Comcast Customers Exposed
• StopBadware and Consumer Reports launch BadwareBusters.org
• Symantec decides to disable Ask.com Search (Aka Safe Search) by default
• Quite a long thoughts by Symantec customer regarding Ask.com in Norton installers
• Google’s pictures of UK go live
• Microsoft launches latest browser
• Researcher cracks Mac in 10 seconds at PWN2OWN, wins $5k
• FTC urged to investigate security of Google services
• Antivirus2009 Holds Victim’s Documents for Ransom
• IE8 issues if immunization by Spybot-S&D is enabled
• Rogue Antivirus Distribution Network Dismantled
• Ad-Aware SE Updates Discontinued

We hope you have a great remaining Sunday wherever you are. There are more articles from the last eight days or so. Just visit the NewsBot Centre for more.

You can add your feed to our NewsBot should you wish, details about it can be found here.

This week another legit tool got targeted.

VundoFixTool

Popular removal tool for the infection Vundo, VundoFix, has been around for a long time. And for the time it’s been here, it’s done a lot of good.

You could say now it’s been a target itself, it’s a compliment. However this won’t help the fact it will fool general members of the internet. That is offcourse one of the reasons it was targeted.

Like SmitFraudFixTool, VundoFix Tool is the fake here. Which also happens to be a copy of MalwareRemovalBot.

We have procedures to help you with this kind of problem. Our forums have experts in place to assist you and will provide step-by-step help freely in removing VundoFixTool:

• Malware Removal Assistance with an Expert

Misc. Links:

• Forum Mirror – VundoFix also gets imitated: VundoFixTool

… Popular removal tool SmitFraudFix (which we mirror) has this week been rogue’d. Enter … SmitFraudFixTool

The above is the GUI of the fake anti-spyware program in question. Which is carbon copy of MalwareRemovalBot (also a rogue).

The author of SmitFraudFix brought this one to my attention on his personal blog. I followed up enquiries with the author about this rogue. And when asked what he thought of his tool being targeted he had the following to say:

“It’s not the first time that rogues are using real tools names to deceive final users. Spyware Warrior list has got a lot of some. But it’s the first time for SmitfraudFix. What a nice GUI!”

“I was really deceived. But when a legit tool is copied, this also means that it is well known. Should I be happy and/or proud of being targeted? I’m not. First feelings are passed. It’s funny, and I’m waiting for the next rogue.” - S!Ri.URZ

My main concerns when rogues like this come out and target legit tools is that it’s there to deceive computer users. Off course it is. Which is why we are posting about this. But you have to remember that SmitFraudFix and SmitFraudFixTool are not from the same author and the latter one is the fake.

We have procedures to help you with this kind of problem. Our forums have experts in place to assist you and will provide step-by-step help freely:

• Malware Removal Assistance with an Expert

Or follow the self-help removal guide:

• How To Remove SmitFraudFixTool (removal instructions)

Misc. Links:

• Forum Mirror – SmitFraudFix gets imitated into a rogue dubbed SmitFraudFixTool
• Digg it also at Digg.com

Update:- We’ve changed the title of this article as the previous title may suggest to some that we implied SmitFraudFix became a rogue itself. This is not the case. The URL has also changed.