Spyware, viruses, & security forum: NEWS - April 30, 2012

Mozilla will give Firefox 3.6 the coup de grace next month by automatically upgrading users of that 2010 browser to Firefox 12.

The move isn't a first for the open-source developer: A year ago, it gave Firefox 3.5 the same auto-upgrade death blow.

According to Alex Keybl, Firefox's release manager, the automatic upgrade of Firefox 3.6 to Firefox 12 will take place in early May, although a date has not yet been set.

The decision to push Firefox 3.6 users to a newer edition has been under discussion for several weeks. In late March, Keybl brought it up on a Mozilla planning discussion thread, saying that the proposal was needed to keep users safe while they browsed.

Mozilla issued its final security update for Firefox 3.6 on Jan. 31, and officially retired the browser from support last Tuesday, April 24.

Mozilla has given Firefox 3.6 users plenty of warning, telling them several times over the last months that they need to upgrade because of the impending retirement. The newest such message told Firefox 3.6 users that it was their last warning before Mozilla switched on automatic upgrading.

Continued : http://news.techworld.com/applications/3354659/mozilla-uses-auto-upgrade-kill-firefox-36/

Also: Mozilla to auto-upgrade Firefox 3.6 users to version 12

A new Android Trojan that first paves the way for the download of other apps and them effects it has been spotted lurking on third-party websites, camouflaged as legitimate file managing, ad blocking, and performance boosting apps.

According to Lookout researchers, the Gamex Trojan's functionality is split across three components.

Once the downloaded app repackaged with the Trojan is granted root access by the user, the malware takes advantage of this permission to install another app onto the device, which then functions as a privileged installation service.

"A third component communicates with a remote server, downloads apps, and triggers their installation. Gamex also reports the installation of these applications, along with the IMEI and IMSI, to a remote server," the researchers explain.

"We believe that this information is used to operate and/or report installations to a malicious affiliate app promotion network."

Continued : http://www.net-security.org/malware_news.php?id=2086

According to a blog post, a modified version of the Skype VoIP software can be used to easily find out the IP address of any valid Skype user. No contact has to be made with the user in order to get the information. This IP could then be used to find out other personal details about the user, such as their location or even their employer.

With a certain registry key, the manipulated version of Skype will create a log file with information including other users' external and internal IP addresses. These IPs can be retrieved simply by opening up a user's profile with the Skype client. In a test conducted by The H's associates at heise Security, the log file always showed the correct IPs - and when a user was logged in with multiple clients, the IP addresses for all the clients were visible.

Shortly after this was discovered, a hacker known as "Zhovner" put together the skype-ip-finder.tk web service. After a CAPTCHA has been submitted, the service can be used to find out IPs even without the special Skype client, and therefore without having to use a valid Skype account. [Screenshot]

Continued : http://www.h-online.com/security/news/item/Skype-divulges-user-IP-addresses-1564236.html

"Good news - spam drops 20 billion messages per day"

Botnet shutdowns have stemmed the Internet spam flood, taking daily message volumes back to levels last seen as long ago as 2006, Symantec has reported in its 2011 Internet Security Threat Report (ISTR).

Worldwide levels are now an average of 75.1 percent of all email traffic, well below 2010's figure of 88.5 percent and 2009's 88 percent, but percentages only tell part of the story.

The absolute volume also fell in 2011, down to a still imposing 42 billion messages per day from 2010's figure of 61.6 billion, Symantec reported.

Comparisons are hard to make across years and different vendors, but Symantec's Brightmail system (inherited after buying the messaging company in 2004) reported spam numbers of 31 billion per day in 2005 and 61 billion per day in 2006, which remained constant with some fluctuation until the recent drop.

By 2007, botnets took over as the growth engine, replacing compromised servers and relays that had been the predominant vehicle in preceding years. Since then, the battle against spam has really become a battle against botnets, which in 2011 distributed 81 percent of all spam.

Continued : http://news.techworld.com/security/3354767/botnet-shutdowns-cause-big-2011-spam-drop-symantec-finds/

Report Related:
Five Shocking Statistics From The Latest Internet Threat Report
Symantec: Small-company Security Problems Can Threaten Large Corporate Nets

SophosLabs has been intercepting an X-rated spam campaign, designed to promote hardcore porn websites.

Emails have been spammed out purporting to have an adult video attached, using a variety of names. [...]

The subject lines can vary, but each has an HTML file attached with a woman's name.

Juliet Morton represents new movie
(JulietMorton.html)

Mona Fletcher returned with new movie
(MonaFletcher.html)

Destiny Patterson shot unbelievable episode
(DestinyPatterson.html)

Rachel Ruiz made fantastic video
(RachelRuiz.html)

Destiny Ayala shows herself in clip
(DestinyAyala.html)

Amber Nichols introduced her new video
(AmberNichols.html)

The emails themselves are very basic, and are designed merely to lure unsuspecting recipients into clicking on the attached file.

If you do click on the attached file, however, your browser will be redirected to one of a series of pornographic websites.

Continued : http://nakedsecurity.sophos.com/2012/04/30/porn-spam-campaign-redirects-web-browsers-to-hardcore-websites/