>Scam Email – Facebook Website Update

> Tweet Click images to see email, just mark as spam and ignore this

The BULLDOG Estate

Scam Email – Facebook Website Update

Tweet Click images to see email, just mark as spam and ignore this

The BULLDOG Estate

>Geinimi Android Trojan horse discovered- nakedsecurity.sophos.com

> Tweet Geinimi Android Trojan horse discovered
nakedsecurity.sophos.com

Geinimi Android Trojan horse discovered

Over 30,000 people are part of the Sophos community on Facebook. Why not join us on Facebook to find out about the latest internet and Facebook security threats. X

Hi fellow Twitter user! Follow our team of security experts on Twitter for the latest news about internet security threats. X

Don’t forget you can subscribe to the SophosLabs YouTube channel to find all our latest videos. X

Hi there! If you’re new here, you might want to subscribe to the RSS feed for updates. X

by Graham Cluley on December 31, 2010 | Be the first to comment

Filed Under: Malware, Mobile

There has been something of a sting in the tail of the year for lovers of the Android mobile operating system, as researchers uncovered a new Trojan horse.
The Troj/Geinimi-A malware (also known as “Gemini”) has been seen incorporated into repackaged versions of various applications and games, and attempts to steal data, and may contact remote URLs.
Although some media reports have portrayed Geinimi as the first ever malware for the Google Android operating system, this isn’t correct. For instance, in the past we’ve seen banking malware has been found in the Android Market, security researchers have demonstrated spyware rootkits for Android devices, and users have been warned about Trojans from Russia which send SMS text messages to premium-rate numbers.
In the case of the Geinimi malware, the good news is that it appears not to have made it into the official Android market app store – meaning that you would only have been putting yourself at risk if you installed poisoned software from an unauthorised source. Researchers at mobile security firm Lookout say they have only seen the software on unofficial Chinese app stores.
And you have to deliberately change the settings on your Android smartphone to make it possible to install software from such “unknown sources”.
So, the sky is not falling – and it’s not the end of the the world as we know it if you love all things Android. But Android users should still be sensible about security.
Android is a much more “open” operating system than the Apple iOS used on iPhones and iPads, and Android users don’t have to jump through as many hoops to install applications that have not been made “officially” available.
And, it shouldn’t be forgotten that not all attacks are OS-specific. Phishing attacks, for instance, don’t care what operating system you’re running – they just rely on you not taking enough care about the link you are clicking on (something that’s pretty easy to do when you have a small screensize to view a – perhaps – long url).
And increasingly we are seeing examples of threats which only exist “within the browser” or spreading entirely inside a social network, never touching your smartphone’s operating system.
So there are dangers out there whatever kind of browsing device you are using. Desktop or laptop, mobile or tablet.
Sophos products can detect samples of the Geinimia Trojan we have seen to date as Troj/Geinimia.
Image source: Laihiu’s Flickr photostream. (Creative Commons)

The BULLDOG Estate

Geinimi Android Trojan horse discovered- nakedsecurity.sophos.com

Tweet Geinimi Android Trojan horse discovered
nakedsecurity.sophos.com

Geinimi Android Trojan horse discovered

Over 30,000 people are part of the Sophos community on Facebook. Why not join us on Facebook to find out about the latest internet and Facebook security threats. X

Hi fellow Twitter user! Follow our team of security experts on Twitter for the latest news about internet security threats. X

Don’t forget you can subscribe to the SophosLabs YouTube channel to find all our latest videos. X

Hi there! If you’re new here, you might want to subscribe to the RSS feed for updates. X

by Graham Cluley on December 31, 2010 | Be the first to comment

Filed Under: Malware, Mobile

There has been something of a sting in the tail of the year for lovers of the Android mobile operating system, as researchers uncovered a new Trojan horse.
The Troj/Geinimi-A malware (also known as “Gemini”) has been seen incorporated into repackaged versions of various applications and games, and attempts to steal data, and may contact remote URLs.
Although some media reports have portrayed Geinimi as the first ever malware for the Google Android operating system, this isn’t correct. For instance, in the past we’ve seen banking malware has been found in the Android Market, security researchers have demonstrated spyware rootkits for Android devices, and users have been warned about Trojans from Russia which send SMS text messages to premium-rate numbers.
In the case of the Geinimi malware, the good news is that it appears not to have made it into the official Android market app store – meaning that you would only have been putting yourself at risk if you installed poisoned software from an unauthorised source. Researchers at mobile security firm Lookout say they have only seen the software on unofficial Chinese app stores.
And you have to deliberately change the settings on your Android smartphone to make it possible to install software from such “unknown sources”.
So, the sky is not falling – and it’s not the end of the the world as we know it if you love all things Android. But Android users should still be sensible about security.
Android is a much more “open” operating system than the Apple iOS used on iPhones and iPads, and Android users don’t have to jump through as many hoops to install applications that have not been made “officially” available.
And, it shouldn’t be forgotten that not all attacks are OS-specific. Phishing attacks, for instance, don’t care what operating system you’re running – they just rely on you not taking enough care about the link you are clicking on (something that’s pretty easy to do when you have a small screensize to view a – perhaps – long url).
And increasingly we are seeing examples of threats which only exist “within the browser” or spreading entirely inside a social network, never touching your smartphone’s operating system.
So there are dangers out there whatever kind of browsing device you are using. Desktop or laptop, mobile or tablet.
Sophos products can detect samples of the Geinimia Trojan we have seen to date as Troj/Geinimia.
Image source: Laihiu’s Flickr photostream. (Creative Commons)

The BULLDOG Estate

>Scam Alert : Farmville Rewards Program

>faceTweet Scam Alert : Farmville Rewards Program

Scam Application: http://www.facebook.com/apps/application.php?id=176778345687783

Scam Page :http://www.facebook.com/pages/Farmville-Rewards-Program/140537842669100?v=app_176778345687783

Clickjacking: 

Defined – A malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocent looking Web pages. It will usually execute without the user’s knowledge, through a button on the web page that appears to perform another function.

Examples can be as follows: The user receives an email with a link to a video about a news item, but another valid page, say a product page on amazon.com, can be “hidden” on top or underneath the “PLAY” button of the news video. The user tries to “play” the video but actually “buys” the product from Amazon.

Other known exploits have been: 

• Tricking users to enable their webcam and microphone through Flash (which has since been corrected by Adobe);
• Tricking users to make their social networking profile information public.
• Making users follow someone on Twitter.
• Share links on Facebook.

Details: This is a wall spamming application and is linked to a survey and harvest details

Damage Control (For those that may have fell victim)

Facebook Clean Up

You need to be aware that if you have installed any bad apps into your facebook profile or clicked any clickjacked or likejacked links within facebook, you may be currently spamming your wall and or your friends news feeds with the apps or links viral/scam messages. If this has occurred you must remove the messages from your wall by deleting the post and or remove the rogue app by uninstalling it from your facebook profile.

How to remove an Application from your profile:

If you have made the mistake of following thru with the install of a rogue application, Please do the following:

1. Navigate to your Privacy settings- (Click Account, then “Privacy Settings”).
2. Then under the heading “Applications, Games, and Websites” click “Edit Settings”.
3. To the right of the heading “Applications You Use” Click the “Edit Settings” button.
4. Finally find the application name in your list and click the “Little X” to the right of that name. Follow the facebook prompt to remove the app.

What to do if you’ve downloaded Software to your Computer

If you have followed one of the links on facebook to an external website or downloaded a piece of software you are unsure of and believe you may have got a virus infection, I suggest you immediately uninstall any software you may have installed, then run a virus check on your system.

Damage Control written by Mr. Black Knight (Co-admin BDE) Owner 

───► Scam Sniper ◄───

The BULLDOG Estate

Scam Alert : Farmville Rewards Program

faceTweet Scam Alert : Farmville Rewards Program

Scam Application: http://www.facebook.com/apps/application.php?id=176778345687783

Scam Page :http://www.facebook.com/pages/Farmville-Rewards-Program/140537842669100?v=app_176778345687783

Clickjacking: 

Defined – A malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocent looking Web pages. It will usually execute without the user’s knowledge, through a button on the web page that appears to perform another function.

Examples can be as follows: The user receives an email with a link to a video about a news item, but another valid page, say a product page on amazon.com, can be “hidden” on top or underneath the “PLAY” button of the news video. The user tries to “play” the video but actually “buys” the product from Amazon.

Other known exploits have been: 

• Tricking users to enable their webcam and microphone through Flash (which has since been corrected by Adobe);
• Tricking users to make their social networking profile information public.
• Making users follow someone on Twitter.
• Share links on Facebook.

Details: This is a wall spamming application and is linked to a survey and harvest details

Damage Control (For those that may have fell victim)

Facebook Clean Up

You need to be aware that if you have installed any bad apps into your facebook profile or clicked any clickjacked or likejacked links within facebook, you may be currently spamming your wall and or your friends news feeds with the apps or links viral/scam messages. If this has occurred you must remove the messages from your wall by deleting the post and or remove the rogue app by uninstalling it from your facebook profile.

How to remove an Application from your profile:

If you have made the mistake of following thru with the install of a rogue application, Please do the following:

1. Navigate to your Privacy settings- (Click Account, then “Privacy Settings”).
2. Then under the heading “Applications, Games, and Websites” click “Edit Settings”.
3. To the right of the heading “Applications You Use” Click the “Edit Settings” button.
4. Finally find the application name in your list and click the “Little X” to the right of that name. Follow the facebook prompt to remove the app.

What to do if you’ve downloaded Software to your Computer

If you have followed one of the links on facebook to an external website or downloaded a piece of software you are unsure of and believe you may have got a virus infection, I suggest you immediately uninstall any software you may have installed, then run a virus check on your system.

Damage Control written by Mr. Black Knight (Co-admin BDE) Owner 

───► Scam Sniper ◄───

The BULLDOG Estate

>Scam Alert: Farmville Click Jacking Website

> Tweet Scam Alert: Farmville Click Jacking Website

http://farmville.zyngapromos.com/

The Scam Site

Clickjacking: 

Defined – A malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocent looking Web pages. It will usually execute without the user’s knowledge, through a button on the web page that appears to perform another function.

Examples can be as follows: The user receives an email with a link to a video about a news item, but another valid page, say a product page on amazon.com, can be “hidden” on top or underneath the “PLAY” button of the news video. The user tries to “play” the video but actually “buys” the product from Amazon.

Other known exploits have been: 

• Tricking users to enable their webcam and microphone through Flash (which has since been corrected by Adobe);
• Tricking users to make their social networking profile information public.
• Making users follow someone on Twitter.
• Share links on Facebook.

Details: This is a wall spamming application and is linked to a survey and harvest details

Damage Control (For those that may have fell victim)

Facebook Clean Up

You need to be aware that if you have installed any bad apps into your facebook profile or clicked any clickjacked or likejacked links within facebook, you may be currently spamming your wall and or your friends news feeds with the apps or links viral/scam messages. If this has occurred you must remove the messages from your wall by deleting the post and or remove the rogue app by uninstalling it from your facebook profile.

How to remove an Application from your profile:

If you have made the mistake of following thru with the install of a rogue application, Please do the following:

1. Navigate to your Privacy settings- (Click Account, then “Privacy Settings”).
2. Then under the heading “Applications, Games, and Websites” click “Edit Settings”.
3. To the right of the heading “Applications You Use” Click the “Edit Settings” button.
4. Finally find the application name in your list and click the “Little X” to the right of that name. Follow the facebook prompt to remove the app.

What to do if you’ve downloaded Software to your Computer

If you have followed one of the links on facebook to an external website or downloaded a piece of software you are unsure of and believe you may have got a virus infection, I suggest you immediately uninstall any software you may have installed, then run a virus check on your system.

Damage Control written by Mr. Black Knight (Co-admin BDE) Owner 

───► Scam Sniper ◄───

The BULLDOG Estate

Scam Alert: Farmville Click Jacking Website

Tweet Scam Alert: Farmville Click Jacking Website

http://farmville.zyngapromos.com/

The Scam Site

Clickjacking: 

Defined – A malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocent looking Web pages. It will usually execute without the user’s knowledge, through a button on the web page that appears to perform another function.

Examples can be as follows: The user receives an email with a link to a video about a news item, but another valid page, say a product page on amazon.com, can be “hidden” on top or underneath the “PLAY” button of the news video. The user tries to “play” the video but actually “buys” the product from Amazon.

Other known exploits have been: 

• Tricking users to enable their webcam and microphone through Flash (which has since been corrected by Adobe);
• Tricking users to make their social networking profile information public.
• Making users follow someone on Twitter.
• Share links on Facebook.

Details: This is a wall spamming application and is linked to a survey and harvest details

Damage Control (For those that may have fell victim)

Facebook Clean Up

You need to be aware that if you have installed any bad apps into your facebook profile or clicked any clickjacked or likejacked links within facebook, you may be currently spamming your wall and or your friends news feeds with the apps or links viral/scam messages. If this has occurred you must remove the messages from your wall by deleting the post and or remove the rogue app by uninstalling it from your facebook profile.

How to remove an Application from your profile:

If you have made the mistake of following thru with the install of a rogue application, Please do the following:

1. Navigate to your Privacy settings- (Click Account, then “Privacy Settings”).
2. Then under the heading “Applications, Games, and Websites” click “Edit Settings”.
3. To the right of the heading “Applications You Use” Click the “Edit Settings” button.
4. Finally find the application name in your list and click the “Little X” to the right of that name. Follow the facebook prompt to remove the app.

What to do if you’ve downloaded Software to your Computer

If you have followed one of the links on facebook to an external website or downloaded a piece of software you are unsure of and believe you may have got a virus infection, I suggest you immediately uninstall any software you may have installed, then run a virus check on your system.

Damage Control written by Mr. Black Knight (Co-admin BDE) Owner 

───► Scam Sniper ◄───

The BULLDOG Estate

>Scam Alert: This is a Farmville Clone page

> Tweet This is a Farmville Clone page

Scam Application: http://apps.facebook.com/farmvfbaeebaf/

Scam Fan Page: http://www.facebook.com/apps/application.php?id=146410742065990&v=wall 

 Click images to enlarge

Clickjacking: 

Defined – A malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocent looking Web pages. It will usually execute without the user’s knowledge, through a button on the web page that appears to perform another function.

Examples can be as follows: The user receives an email with a link to a video about a news item, but another valid page, say a product page on amazon.com, can be “hidden” on top or underneath the “PLAY” button of the news video. The user tries to “play” the video but actually “buys” the product from Amazon.

Other known exploits have been: 

• Tricking users to enable their webcam and microphone through Flash (which has since been corrected by Adobe);
• Tricking users to make their social networking profile information public.
• Making users follow someone on Twitter.
• Share links on Facebook.

Details: This is a wall spamming application and is linked to a survey and harvest details

Damage Control (For those that may have fell victim)

Facebook Clean Up

You need to be aware that if you have installed any bad apps into your facebook profile or clicked any clickjacked or likejacked links within facebook, you may be currently spamming your wall and or your friends news feeds with the apps or links viral/scam messages. If this has occurred you must remove the messages from your wall by deleting the post and or remove the rogue app by uninstalling it from your facebook profile.

How to remove an Application from your profile:

If you have made the mistake of following thru with the install of a rogue application, Please do the following:

1. Navigate to your Privacy settings- (Click Account, then “Privacy Settings”).
2. Then under the heading “Applications, Games, and Websites” click “Edit Settings”.
3. To the right of the heading “Applications You Use” Click the “Edit Settings” button.
4. Finally find the application name in your list and click the “Little X” to the right of that name. Follow the facebook prompt to remove the app.

What to do if you’ve downloaded Software to your Computer

If you have followed one of the links on facebook to an external website or downloaded a piece of software you are unsure of and believe you may have got a virus infection, I suggest you immediately uninstall any software you may have installed, then run a virus check on your system.

Damage Control written by Mr. Black Knight (Co-admin BDE) Owner 

───► Scam Sniper ◄───

The BULLDOG Estate

Scam Alert: This is a Farmville Clone page

Tweet This is a Farmville Clone page

Scam Application: http://apps.facebook.com/farmvfbaeebaf/

Scam Fan Page: http://www.facebook.com/apps/application.php?id=146410742065990&v=wall 

 Click images to enlarge

Clickjacking: 

Defined – A malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on seemingly innocent looking Web pages. It will usually execute without the user’s knowledge, through a button on the web page that appears to perform another function.

Examples can be as follows: The user receives an email with a link to a video about a news item, but another valid page, say a product page on amazon.com, can be “hidden” on top or underneath the “PLAY” button of the news video. The user tries to “play” the video but actually “buys” the product from Amazon.

Other known exploits have been: 

• Tricking users to enable their webcam and microphone through Flash (which has since been corrected by Adobe);
• Tricking users to make their social networking profile information public.
• Making users follow someone on Twitter.
• Share links on Facebook.

Details: This is a wall spamming application and is linked to a survey and harvest details

Damage Control (For those that may have fell victim)

Facebook Clean Up

You need to be aware that if you have installed any bad apps into your facebook profile or clicked any clickjacked or likejacked links within facebook, you may be currently spamming your wall and or your friends news feeds with the apps or links viral/scam messages. If this has occurred you must remove the messages from your wall by deleting the post and or remove the rogue app by uninstalling it from your facebook profile.

How to remove an Application from your profile:

If you have made the mistake of following thru with the install of a rogue application, Please do the following:

1. Navigate to your Privacy settings- (Click Account, then “Privacy Settings”).
2. Then under the heading “Applications, Games, and Websites” click “Edit Settings”.
3. To the right of the heading “Applications You Use” Click the “Edit Settings” button.
4. Finally find the application name in your list and click the “Little X” to the right of that name. Follow the facebook prompt to remove the app.

What to do if you’ve downloaded Software to your Computer

If you have followed one of the links on facebook to an external website or downloaded a piece of software you are unsure of and believe you may have got a virus infection, I suggest you immediately uninstall any software you may have installed, then run a virus check on your system.

Damage Control written by Mr. Black Knight (Co-admin BDE) Owner 

───► Scam Sniper ◄───

The BULLDOG Estate