Month: September 2010

Fiverr is an excellent site that allows you to buy / sell services – all of which cost $5.

There’s all sorts of crazy things on there, but does it attract rogues and individuals who generally want to mess up your day?

You bet. With a little furtive digging you can uncover all sorts of dubious antics up for grabs – for the low, low price of $5!

There’s this guy, who is selling an XBox Live account (not something we’d advise purchasing, as more often than not XBox Live accounts up for sale have been phished):

We also have someone claiming they can “unlock all achievements” in your games. This will be done by using custom made software to tamper with the data on your XBox profile (again, not advisable) and unlock all the gaming achievements artificially.

Click to Enlarge

Note that unless they do it the “right” way (and this is a very tricky thing to pull off), Microsoft can easily tell which profiles have been fiddled with leading to a banhammer – and there’s no guarantee the seller will give you your account back at the end of it.

The Playstation network isn’t safe from these kinds of sales either:

Click to Enlarge

Moving the notch up a little bit, you can find a lot of spreading guides and hacking tutorials (cpalead surveys and i-stealers are popular topics of conversation):

Click to Enlarge

Can we find guidance on how to phish accounts and sell them on for a profit too? You bet:

Click to Enlarge

Some users also spend their time offering up “undetectable keyloggers”:

I’m not entirely sure what the deal is with the odd Blue Steel pose there, but if you really want to be annoying you can find people who will happily delete accounts on sites such as Facebook:

Ouch.

I don’t know about you, but I’m going to stick to “Learn to be a Ninja” and “Will sing any song in Hindi for $5”.

Christopher Boyd

“Turn the Tables on the Bad Guys, Malware Unmasked”

The Sunbelt Labs quarterly briefing “Turn the Tables on the Bad Guys, Malware Unmasked” is available for your viewing pleasure.

Malware Unmasked 2 from OEM Sales on Vimeo.

Schwartzkopf began by describing GFI’s recent acquisition of Sunbelt Software. Schwartzkopf said the move will enable GFI to merge innovative VIPRE technology into GFI’s email and Web security products and move into new markets.

The presentation features a 25-minute PowerPoint presentation and 20 minutes of Q&A.

In the presentation, Glenn and Jack discuss the details of the TDL 3 (TDSS or Alureon) rootkit and the Sunbelt Labs CWSandbox.
(click to enlarge image)

They credit CWSandbox with VIPRE’s recent showing in Virus Bulletin’s Reactive and Proactive (RAP) analysis of detection rates. VIPRE was evaluated as the AV engine with the highest proactive behavioral detection rate.

Glenn and Jack also discussed their analysis of the zero-day Stuxnet exploit, the first malicious code that can infect 64-bit systems running Windows 7.
Next webinar: December 8, 9 a.m. and 2 p.m. Eastern Time

Sign up here.

(click to enlarge image)

Tom Kelchner

Here’s a cheeky one. On the Greasemonkey script site Userscripts(dot)org, there’s a script claiming to banish all those horrible surveys that keep “free” downloads out of your reach forever.

Sounds good, right?

Click to Enlarge

Well, let’s fire up the install process. I can hardly wa –

…hang on, “download the REAL SCRIPT from here”?

Can you guess what is lurking at the download location?

Click to Enlarge

Attempting to hide a “survey bypassing script” behind…a survey? Whoops. “You should only install scripts from sources you trust” is on the install box for a reason…

Christopher Boyd