Rogueware Being Spread Via Forums and Social Networking Sites

Most experienced computer users know how adware and spyware is spread.
Typically free programs that are designed for a certain purpose such as
KaZaA (for downloading music) are bundled with other applications which
contain adware or spyware. A new threat on the scene is called
“Rogueware”, Rogueware are meaningful files which in reality can be
quite malicious. The most common type of Rogueware are fake anti
virus/adware/spyware progams that once installed, say you have lots of
viruses/malware installed and in order for the program to remove them
you must pay for the full version. In the past, these programs
typically spread by advertising on other sites with banners saying
things like “1023 Viruses detected on your computer! Click here to fix it now!”.
Recently,I spotted a pattern in posts across a few forums he visited and reported
it to us. It appears to be another method of spreading rogueware.

What makes this interesting is that Spyware
Sweeper (not to be confused with the legitimate application Spy
Sweeper) is a known Rogueware program that masquerades as a spyware
removal program which asks for money to remove the fake infection.

This same group have been doing the exact same thing on other
forums where one of them creates a post saying that they have an
infection, and the other replies recommending SpywareSweeper as if they
were a helpful forum member.

If you look at the original post on Technibbles forums located HERE. And then look at the post on VirtualDr.com’s forums located HERE. You can see that the posts are almost exactly identical.

After doing a Google Search, I can find many other forums with the exact same post.

Technical forums are still an excellent way to get some computer
help, just look at who’s giving the advice on the forum. If the person
just signed up and has a post count of 1, it might be worth double
checking what they say.

Computer Processor Codenames: What the processors are and the inspiration behind the names.

In the computer industry there are plenty of buzzwords that get
slung about when talking about the next generation of computer hardware
and CPU codenames are quite possibly the hardest to keep track of due
to the sheer amount of them. We have put together this list with the
codename of each of the existing AMD and Intel processors.

So what is the purpose of all the codenames?
Well, it allows the chip companies to talk about their upcoming CPU’s
without actually talking about them. The chip companies let slip the
barebones facts about the chips, give it a codename and let the
computer hardware geeks speculate and ask questions which makes for
great material to write about in the hardware industry.

Why the weird names? It seems most of Intels
processors codenames are inspired by local geography of the Pacific
Northwest of America. Alaska, Deerfield, Foster, Gallatin, Northwood,
Montana, Madison and McKinley are rivers in Alaska, California,
Montana, Massachusetts and Vermont.

The early series of AMD processors (eg. K5, K6-2) had their name
inspired by Kryptonite which is a fictional element from Superman
comicbooks (Im assuming this was set up to sound like AMD is Intels
kryptonite?). Some of the later AMD series were inspired by sports cars
(eg. Corvette, Mustang). Now that is cleared up, on to the list.

AMD Codenames	Processor Description	Socket/Slot
X5	5×86-133	Socket 3
SSA5	K5 (original PR75-PR100)	Socket 5, 7
5k86	K5 (newer PR120-PR200)	Socket 7
K6	The Original AMD K6 core (cancelled)	n/a
NX686	NexGen K6 Core which became the K6	Socket 7
Littlefoot	0.25µm K6	Socket 7
Chompers	K6-2	Socket 7, Super 7
Sharptooth	K6-3	Super 7
Argon	Previously K7	n/a
K7	Athlon	Slot A
K75	0.18µm Athlon	Slot A
K76	0.18µm Athlon (with copper interconnects)	Slot A
K8	Athlon 64
Thunderbird	Athlon	Slot A, Socket A
Mustang	Athlon with a large L2 cache (cancelled)	n/a
Corvette	Previously mobile Athlon (now Palomino)	n/a
Palomino	0.180.18µm Athlon XP/MP, Mobile Athlon 4	Socket A
Thoroughbred-A	0.13µm Athlon XP/MP 1700-2100+	Socket A
Thoroughbred-B	0.13µm Athlon XP/MP 1700-2400+, 2600-2800+, Semperon 2200-2800+	Socket A
Barton	0.13µm Athlon XP/MP 1700-2100+	Socket A
Thorton	Athlon XP (256KB L2 cache)	Socket A
Spitfire	Duron	Socket A
Camaro	Previously Morgan
Morgan	Mobile Duron & Mobile 7 Duron 900MHz - 1.3GHz	Socket A
Applebread	Duron 1.4 - 1.8GHz
Appaloosa	0.13µ Morgan	Socket A
ClawHammer	Athlon 64 (64bit)	Socket 754 & Socket 939
ClawHammer DP	Early name for the now Opteron DP	Socket 940
Newcastle	Althon 64	Socket 754 & Socket 939
Winchester	0.09µ Athlon 64	Socket 939
San Diego	0.09µ Athlon 64 and the Athlon 64 FX with SSE3 extensions	Socket 939
Venice	0.09µ Athlon 64 with SSE3 extensions	Socket 939
Odessa	0.09µ Mobile-version Athlon 64
Manchester	Athlon 64 X2 with 512KB L2 cache and SSE3 extensions	Socket 939
Toledo	Athlon 64 X2 with 1024KB L2 cache and SSE3 extensions	Socket 939
SledgeHammer	Opteron with a large L2 cache	Socket 940
Palermo	0.09µ Sempron	Socket 754
Paris	Sempron	Socket 754
Oakville	Mobile Athlon 64 and Sempron	Socket 754
Windsor	Athlon 64 X2 and Athlon 64 FX-62	Socket M2
Orleans	Athlon 64	Socket M2
Manila	Sempron	Socket M2

Intel Codenames	Processor Description	Socket/Slot
P23	486SX	Socket 1, 2, 3
P23S	486SX SL-Enhanced	Socket 1, 2, 3
P23N	487SX (coprocessor)	Socket 1
P4	486DX	Socket 1, 2, 3
P4S	486DX SL-Enhanced	Socket 1, 2, 3
P24	486DX2	Socket 1, 2, 3
P24S	486DX2 SL-Enhanced	Socket 1, 2, 3
P24D	486DX2 (with write-back cache)	Socket 3
P24C	486DX4	Socket 3
P23T	486DXODP (486 Overdrive)	Socket 3
P4T	486ODPR (486 Overdrive)	Socket 1, 2, 3
P24T	PODP5V (486 Overdrive)	Socket 2, 3
P24CT	Pentium Overdrive 3.3v	Socket 2, 3
P5	Pentium 60/66MHz	Socket 4
P5T	Pentium Overdrive 120/133MHz	Socket 4
P54C	Pentium 75MHz - 120MHz	Socket 5, 7
P54CQS	Pentium 120MHz - 133MHz	Socket 5,7
P54CS	Pentium 120MHz - 200MHz	Socket 7
P54CT(A)	Pentium Overdrive	Socket 5, 7
P55C	Pentium MMX	Socket 7
P54CTB	Pentium Overdrive MMX	Socket 5, 7
Tillamook	Mobile Pentium MMX	Mobile Module
P6	Pentium Pro	Socket 8
P6T	Pentium II Overdrive	Socket 8
Klamath	0.35µm Pentium II	Slot 1
Deschutes	0.25µm Pentium II	Slot 1
Drake	0.25µm Pentium II Xeon	Slot 2
Tonga	Mobile Pentium II	Mobile Module
Covington	Celeron (Pentium II without cache)	Slot 1
Mendocino	0.25µm Celeron with 128KB on-die L2 cache	Slot 1, Socket 370
Dixon	Mobile Pentium II with 256KB on-die L2	Mobile Module
Katmai	0.25µm Pentium III with SSE	Slot 1
Tanner	0.25µm Pentium III Xeon with SSE	Slot 2
Coppermine	0.18µm Pentium III with on-die L2 cache	Slot 1, Socket 370
Tualatin	0.13µm Pentium III	Socket 370
Coppermine-T	0.18µm Pentium III with Tualatin Voltage	Socket 370
Cascades	0.18µm Pentium III Xeon	Slot 2
Coppermine-128	0.18µm Celeron with 128KB L2	Socket 370
Timna	Mobile Celeron with DRAM controller (cancelled)	n/a
P68	Willamette	n/a
Willamette	0.18µm Pentium 4	Socket 423, 478
Northwood	0.13µm Pentium 4	Socket 478
Prescott	0.09µm Pentium 4 with HyperThreading, Celeron D (Sockett 478), Celeron D (socket 775)	Socket 775
Smithfield	Pentium D, Pentium Extreme Edition	Socket 775
Presler	0.065µm Pentium D
Conroe	0.065µm Pentium D (with reduced power consumption)
Banias	130nm Pentium M with 1MB L2 cache
Yonah	Dual Core Pentium M and Single Core Celeron M
Merom	64bit version of the Yonah
Foster	Xeon DP	Socket 603
Foster MP	Xeon MP	Socket 603
Prestonia	0.13µm Xeon DP	Socket 603
Gallatin	0.13µm Xeon MP	Socket 603
Nocona	0.09µm Xeon (Socket 603) and Pentium 4 Extreme Edition (Socket 478 and Socket 775
Dothan	90nm Pentium M with 2MB L2 cache
P7	Previously Merced (Itanium)
Merced	Itanium	PAC 418
McKinley	Itanium 2 with 3MB on-die L3 cache	PAC 418
Madison	0.13µm Itanium 2
Deerfield	Low cost Madison
Montecito	0.09µm Madison
Shavano	Future Itanium family chip (Itanium 3?)
Dimona	Future Itanium family chip (Itanium 3?)
Tukwila	Future Itanium family chip (Itanium 3?)

Hackers, Crackers. Stop them before they come-in!

It’s always big news when computers are broken into and sensitive information is stolen. But many a time, computer owners don’t even realise when somebody controls their computer and uses it for malicious activities.

You’ve probably also heard of emails that profess to be from banks or credit-card companies and prompt users to enter details that will enable the sender to gain access to these accounts. All such activities, which are designed to gain access to others’ computers, email, or personal information, are popularly termed ‘hacking’.

What is hacking?

Hacking, however, has another meaning. Before its pejorative interpretation became popular in the 1980s, hacking meant any activity designed to gain an intimate understanding of the internal workings of computers, computer networks or any other system.

In one of his articles on his website, Richard Stallman defines hacking as “exploring the limits of what is possible, in the spirit of playful cleverness”. In this context, hackers have no criminal intent; they are enthusiasts who enjoy understanding how systems work and what can be done with them.

The hacking community uses the term ‘cracking’ for activities that result in breaking security systems to gain unauthorized entry, and the people who do this are termed ‘crackers’.

The upside of hacking
Several organizations, including companies that make security software, employ hackers to strengthen their security systems and software. Called ‘ethical hackers’ or ‘white hats’, these people use their technical expertise and knowledge to test an organization’s security setup by actually trying to break into the setup.

To do this, hackers first gather as much information about the company as possible. They use Internet searches to find out more about the company, its financial results, and its employees. The hacker also uses domain-name searches to get the names of the servers that the company owns. After this, they use tools to look for vulnerabilities on these servers. These include servers where patches have not been applied for known bugs or inadequately protected servers. All the security holes thrown up in this exercise are then plugged by the organization.

Similarly, security software - antivirus programs or firewalls, for instance - is tested by allowing these hackers to break into computers or servers that are protected by the software in question.

The downside of hacking
Virtually anything can be attacked on the Internet. This includes your computer, your email account, and information you exchange with a banking or ecommerce site.

Hackers, or crackers, or black hats, use various means to launch such attacks. Social engineering is a currently popular method. This means that the cracker sends an email or makes a telephone call, professing to be from an authorized source, such as your bank, credit-card company or the system administrator of your email account. The cracker asks for information like username or password, or other such details, for ostensibly legitimate purposes.
Phishing is one form of social engineering, where you may receive an email professing to be from a trusted source, which prompts you to go to a website, which is actually bogus, to confirm certain personal details. Banking account or credit-card numbers form part of the information that’s stolen from you in this way.

Other ways of getting at your passwords include hash algorithms or dictionary attacks. There are several tools out there, most of them easy to get and use, designed for the specific purpose of discovering passwords.

Websites are attacked through several programs or by launching distributed denial of service (DoS) attacks. The latter involve throwing so many requests at a Web server for a particular service that the server gets jammed. Any Web server with known vulnerabilities is an easy target for such attacks. By breaking into the website of an online retailer, a black hat hacker can potentially steal credit-card information of online shoppers from the retailer’s database.

Another commonly used means of attack is to send email with malicious attachments or induce the user to visit a website that installs such mal-ware on the user’s computer. Pornographic websites or peer-to-peer networks are notable for this. Trojans are one such mal-ware that professes to be harmless, but includes a payload that is malicious. Some Trojans self-install when you click on them, and do things like deleting your files, or open a backdoor for a black hat on your computer.

Viruses and worms could also travel as Trojans. Trojans could also include keyloggers that log every stroke of your keyboard, including the passwords you enter; or spyware that notes your browsing behavior and communicates it to the installer, who may use it for advertising purposes.

Once your system has been compromised, the attacker could use it for anything—distributing more mal-ware, launching distributed DoS attacks, steal sensitive information, and so on. What’s more, most of these programs stay hidden after installation and often cannot be detected and deleted.

What you can do

Hacking, ethical or otherwise, is not very difficult to learn. The Web is full of resources for anyone who is interested in it.

However, as a computer user, whether at home or at work, there are several things you can do to block the entry of intruders into your systems.

The first thing to do is ensure that all your software is updated and you have applied patches for known vulnerabilities. This is especially true of the operating system and the Web browser. Second, your antivirus software has to be updated regularly. Consider installing a software firewall and an anti-spyware program to further strengthen security. This also holds true for Web and other critical servers in organizations. Intrusion-detection systems should be installed on such servers.

Then, use the Web and email wisely. You should not trust any email you receive blindly - in case you have received email that professes to be from your bank or other service providers, it’s better to check with them whether such an email has been sent. Banks usually do not send any email that asks you for personal details, especially passwords and PINs.. Similar caution should be exercised when visiting new websites. Be very wary of email from people you don’t know.

Also, keep your passwords secure by making them difficult to guess and changing them frequently. Don’t store your passwords on your PC. And do not share them with others.
Regards
Nikhil Deshmukh