Gadgetell | Tech News, Reviews, and Interesting Things

A new company is claiming it can offer background support on all the top social networking sites like Twitter and Digg - for a price.

uSocial says that if you are willing to fork over some cold hard cash they can boost your Twitter followers or Diggs by about a thousand in 7 days and 100,000 in a year.  Their guarantee says that if they fail to do so they will give you an additional 20% for free.

So how much cash are they asking for?  Anywhere from $87 for 1000 new followers to a nearly $3500 for 100,000.  How do they find said followers?  They search user interests to find ones that match yours then ask those people to follow or friend you.  Hmm.  Seems that’s easy enough to do yourself for free.  It also sounds a little like spam.

I don’t have a huge social following - about 250 friends on Facebook and about 340 followers on Twitter.  That’s probably a drop in the bucket to many folks, but really, is the point of such networks to have as many people as possible follow/friend you or is it to build deep and valuable connections?  In other words, isn’t quality a lot more important than quantity?  My follower/friend numbers aren’t large but I have a personal connection with every one of them.  Can those with hundreds of thousands say the same?

Read [PCWorld]

• Twitter adding updates for list features
• Who’s on Crack in Tech: 07.03.09
• Lance Armstrong may crash while tweeting - Twitter rules the Tour

A Dallas security guard charged with hacking the computer system of the hospital he worked for was busted by a fellow hacker, but didn’t help his case when he posted videos of his exploits on YouTube.  Jesse McGraw, known by the hacker name GhostExodus, posted videos to YouTube in which he claimed to be breaking into a major corporate building, and as the “Mission: Impossible” theme played in the background, he was shown installing malware on several computers.  In actuality, McGraw was in the hospital he worked at.

“He’s a security guard at the hospital, but he’s pretending to infiltrate a corporate office and he’s running around with a hoodie on over his security guard uniform and installing botnet software on a hospital computer all to the Mission Impossible music,” said security researcher Wesley McGrew. “[You] can’t make this stuff up.”

Wesley McGrew is the one who busted Jesse McGraw after another member of McGrew’s hacker group, the Electronik Tribulation Army, bragged to him about the hospital hacking and tried to take credit for it.  McGrew investigated and eventually discovered that McGraw was the one responsible.

McGraw was either auditioning for “America’s Dumbest Criminals” or was overly full of himself and made the mistake of thinking he was invincible.  His blunders included typing on the computer he used to install malware on the hospital’s network and then putting on gloves to prevent leaving fingerprints, wearing a mask to hide his identity but then holding up a fake FBI ID to the camera that had his picture on it, and of course, posting everything to YouTube!

The FBI said McGraw intended to use the malware to launch a massive DDoS attack on July 4th, the day after his last day of employment there.  Some of the malware was installed on computers that held sensitive patient data and on the system that controlled the hospital’s heating, air conditioning and ventilation.  He’s now facing felony charges of computer intrusion.  If convicted he’ll likely have plenty of time to think about finding a new hobby!

Read [PCWorld]

• Twitter adding updates for list features
• Who’s on Crack in Tech: 07.03.09
• Lance Armstrong may crash while tweeting - Twitter rules the Tour

This week we’re going to take a look at how spammers and scammers use news headlines to do their dirty work.  It’s an old and well worn technique, presumably because of its effectiveness.  Scammers and spammers love to send emails and links claiming to have exclusive info about a hot news story.  So far this year we’ve seen spam with subjects such as President Obama’s inauguration, the Swine Flu outbreak, the Air France tragedy, and now the spam making the rounds claims to have exclusive footage of Michael Jackson’s last moments alive.  They do this because they know people are likely to be looking for information on such hot topics and as a result may be more likely to click on titillating links about then.

Yes, the music icon’s shocking and sudden death is the newest thing to be exploited by spammers and scammers alike.  The messages range from simple text based spam asking the recipient to reply to receive some exclusive info about Jackson’s death (meant to harvest their email address for a future attack, since the reply tells them the address is both active and receptive to spam!) to malicious messages with links to fake news videos that quietly infest the viewers computer with malware.

The most popular malware at the moment is ZBot, a Trojan that steals personal information from the victim’s computer and monitors a list of major sites that includes Amazon, Paypal, Ebay, and most major U.S. Banks.  When it detects a site on the list has been loaded, a keylogger is activated and records the victims log on credentials.  ZBot has also been discovered harvesting FTP log on credentials for over 68,000 major websites including Bank of America. It’s a very nasty piece of malware that looks to be targeting both businesses and end users.

Other Jackson themed spam has been showing up on blog comments and social networking sites, again claiming to have pics or videos of Jackson’s last moments or autopsy.  The links usually lead to malicious sites that harvest personal info.

The latest wave of Jackson themed spam is being sent with the subject line “Remembering Michael Jackson” and claims to be from michaeljackson.com.  The link in the message claims to lead to an unreleased song or video of the pop legend’s.  Instead it leads to the Ackantta-F worm, which emails itself to everyone on the infected machine’s contact list, and is network aware which means it can spread to other machines networked to the infected one as well as to any memory cards or USB sticks connected to it.

To protect yourself get your Michael Jackson news from reputable news sources only.  Don’t ever click on links in emails or posts claiming to offer secret or exclusive songs, videos, pictures or any other kind of information, especially if the email or message was unsolicited and/or from someone you don’t know.

Web traffic rose to a historic high when the news of Jackson’s death broke.  In fact the traffic was so high several major sites (Including Google, Twitter and AIM) crashed under its weight. Spammers and scammers are doing everything they can to take advantage of that huge audience so beware and stay safe!

• Twitter adding updates for list features
• Who’s on Crack in Tech: 07.03.09
• Lance Armstrong may crash while tweeting - Twitter rules the Tour

So called “Hit Man” spam is back.  This type of spam attempts to extort people rather than sell them things or trick them into installing malware on their system.  Basically, they get an email from someone claiming they have been hired to kill them but if they pay a certain amount the hit man will walk away rather than complete the job.  It’s similar to ransomware and scareware in that all of them attempt to trick the victim into sending money.

This latest attack features emails claiming to be from someone in a group called the Ishmael Ghost Islamic Group.  The group member explains that they were hired to kill the recipient and would also kill their family - but if they send $800 via Western Union they can save their lives and those of their loved ones.  The Islamic mention is surely there to further frighten and inflame in hopes of convincing the recipient the email is real and the need to send money critical.

If you receive an email like this, ignore it.  It’s a complete hoax and you are in no danger. Don’t send any money and don’t even reply as that can get you put on a list of people who read spam and that means even more of it will flood your inbox.

Read [SpamFighterNews]

• Twitter adding updates for list features
• Who’s on Crack in Tech: 07.03.09
• Lance Armstrong may crash while tweeting - Twitter rules the Tour

The latest entry in the book of frivolous lawsuits is one filed against Apple by an Illinois couple.  They are accusing the company of gift card fraud and they are seeking monetary damages for what they call Apple’s “wrongful, illegal and fraudulent acts.”  The charges in the suit include one count each of violating the Illinois Fraud and Deceptive Business Practices Act and Consumer Protection Statutes, and 2 counts of breach of contract.

The target of their outrage?  Apple’s decision in April to change the iTunes store pricing structure from a flat 99 cents per song to a one where song prices vary from 69 cents to $1.29. 

Yes, they are suing over a 30 cent price increase - but it gets better

MORE »

A new malware attack exploiting the upcoming and highly anticipated new Harry Potter movie “Harry Potter and the Half-Blood Prince” is hitting the net.  Using black hat SEO and malicious posts in blog comments, the scammers try to trick fans into clicking on the link, which claims they can watch the new movie online for free.

If it’s clicked they are brought to a site where the old fake codec trick is used.  Victims are told they must download an update before they can view the movie but the update is actually a Trojan that steals personal info, add the system to a botnet and download even more malware.

Speaking of scammers exploiting headlines and hot topics, spam and malware attacks using Michael Jackson’s sudden death hit the net within mere hours after the news hit.  The first wave was in the form of emails that promised important and exclusive info on the pop icon’s death.  The recipients were asked to reply to the message to get the info. This was merely an email harvesting attack.  The second wave included links that claimed to be of videos or photos of Jackson’s body.  When clicked they lead to a site where malware is quietly installed on the victim’s computer in the background.  The most recent attacks involve fake blogs devoted to Jackson.  These blog sites are extremely malicious and install a ton of malware onto visitor’s computers, including the Koobface virus.

To protect yourself simply avoid anything that invites you to watch the new Harry Potter movie for free.  There is absolutely no legal way to do so online.  Also beware of any e-mails/links claiming to offer videos or information of Michael Jackson’s death.  Stick to well known sites for your news.  Common sense is a scammer’s worst enemy!

Read [PCWorld]

• Twitter adding updates for list features
• Who’s on Crack in Tech: 07.03.09
• Lance Armstrong may crash while tweeting - Twitter rules the Tour

China’s dispute with Google has reached a new level as millions of users found they were unable to access the English or Chinese versions search engine or Gmail.  The block was put in place after the government accused Google of willfully spreading pornography.

“We have found that the English version of Google.com has spread lots of pornographic, lewd and vulgar content, which is in serious violation of Chinese laws and regulations,” government spokesperson, Qin Gang, was quoted by the BBC.

Google has been called upon to meet with Chinese officials but has not commented on the block.  It’s unknown if China considers any content it doesn’t agree with, such as political sites critical of the government, as “unhealthy content” or just traditional adult sites.  Knowing how China censors with an iron fist, it probably does lump any content it doesn’t like under that label.

In another show of censorship, Microsoft’s new Bing search engine has been found to deliver different results for politically sensitive keywords if they are typed in in English, traditional Chinese as opposed to simplified Chinese.  Simplified Chinese is used in China.

Google is expected to find a way to meet the Chinese government’s demands although they obviously have no clue how a search engine works.  While it’s disappointing that American companies are reluctant to stand up to China’s censorship demands, it’s understandable that they don’t want to risk losing such a large market.

Read [PCWorld]

• Twitter adding updates for list features
• Who’s on Crack in Tech: 07.03.09
• Lance Armstrong may crash while tweeting - Twitter rules the Tour

We see it everyday.  It’s everywhere - in our mailboxes, our blogs, even on our phones.  I’m talking of course about unsolicited bulk email, better known as spam.  Spam, named after a classic Monty Python skit about a couple who goes to a restaurant that turns out to serve nothing but Spam and ends with the waiters chanting over and over “Spam spam spam spam,” has been around since the 70s. 

The history of spam

In 1978 an employee at DEC sent out a message inviting inquiries about a new computer model to 383 people, creating the first piece of spam.  The net hasn’t been the same since.  That was followed by the infamous “Make Money Fast” chain letter that was spammed all over USENET in the late 80s and early 90s, and then by the “Green Card” spammers.

When email became popular, spammers left USENET behind.  Some of the products spam hawks include shady Internet pharmacies, sexual aids, mortgages, stocks, credit repair, fake watches and designer goods, porn sites, and more.  While spam started out being annoying but harmless, today it often includes malware or links to malicious sites or tries to lure the recipient into the clutches of a scammer. 

Scam spam: Won’t you please help?

The 419 or Nigerian spam is the most common type of scam spam.  Millions of messages attempting to convince people they’ve received a huge inheritance from a long lost relative or that a member of some obscure country’s Royal Family really does need their help.  The unfortunate people that do fall for it usually end up being asked to pay fee after fee until their bank accounts run dry.

Another popular type of scam spam is dating spam.  It arrives as a message from someone claiming to have seen the recipient’s profile on an unspecified site.  They lavish them with compliments and claim they want to get to know them better.  If they fall for it, a “relationship” begins.  Once they feel they’ve gained the victim’s trust the scam begins.  The victim is told they’d really like to come and visit or move to see them (the scammer is almost always overseas) but need to clear up some financial obligations first, or is given a sob story which can only be resolved with money.  Thinking they’ve found the love of their life the victim sends money.  As soon as the money runs out or the victim becomes suspicious, the scammer disappears.

Shields Up!

So with all this spam around, how do you protect yourself?  Here are some simple tips.

• Keep your email address to yourself!  It is fine to give it to family and friends, but for registering at websites and the like, set up a throw away address at Yahoo, Hotmail, or Gmail.  This way the spam that is generated by those registrations stays out of your inbox.
• Never click on an “unsubscribe” link in a spam message.  99% of the time it will do nothing but tell the spammer that your address is valid and that you actually read spam, resulting in even more coming your way.
• Don’t ever give your cell phone number out when registering on a site and avoid offers for free ringtones or wallpapers.  They almost always result in spam and nasty charges on your phone bill.  The same goes for any type of text message offer such as a free horoscope or free pictures of hot girls.
• If you have a blog, set it up so that all comments must be approved before they appear on your site and install a good spam filter like Akismet.
• If you send out messages to groups of people at once, always use BCC not CC so the list of emails aren’t on display.
• When posting on message boards and discussion groups, don’t put your email address in your signature.  Spammers harvest addresses this way.  The same goes for Twitter - don’t ever tweet your email address (or any other personal info).
• To avoid Twitter spam, see above and also refrain from automatically following people who follow you.  Take the time to check them out first.

Next time we’ll take a look at what to do if your spam solutions are working too well and blocking messages you actually want to receive!

• Twitter adding updates for list features
• Who’s on Crack in Tech: 07.03.09
• Lance Armstrong may crash while tweeting - Twitter rules the Tour

Internet based device designer and manufacturer IPEVO has announced that 18 USO centers across the Pacific Region will be equipped with its S0-10 Skype Desktop Phone and S0-Wi-Fi Phone for Skype devices. This will allow the over 890,000 troops and their families who use the centers to stay in touch with loved ones back home for free. Both devices work without the need for a computer.

“The USO is excited to be able to connect our men and women in uniform with those who travel with them in spirit, silently supporting them from the other side of the world,” said USO Pacific Region Vice President, Tom Kolstad. “We appreciate IPEVO generously donating these VoIP phones to our region. The service that IPEVO phones will provide to our military and their families to call home is priceless.”

This is a wonderful thing IPEVO is doing.  Let’s hope that the 112 other USO centers around the world will eventually have the chance to be similarly equipped. Staying connected to home is so important for our troups-and the ones waiting for them to return

Read [Ipevo]

• Twitter adding updates for list features
• Who’s on Crack in Tech: 07.03.09
• Lance Armstrong may crash while tweeting - Twitter rules the Tour

Twitter is under attack by yet another worm.  This one is spreading via a Twitter message claiming to be an invite from your friends and asking that you check the attachment for more info.  The attachment contains the Ackantta.B worm which is capable of taking over any machine it infects.

When it’s installed it immediately searches for any email contacts and sends itself to them, and sends your IP address to its botnet and prepares your PC for even more malware downloads.  Fortunately, since most people are wary of opening attachments and many ISPs either scan or outright block zip files, this latest worm is not expected to spread very rapidly.  It appears to be the work of some rather dim scammers.

Twitter has been a hot spot for worm, spam, and phishing attacks this year with the Mikeyy worm, the TwitterCut phishing scam, and numerous other attacks hitting the site.  To protect yourself, don’t automatically follow people who follow you (check out their profiles first), don’t click on URLs in Tweets from people you don’t absolutely trust, and consider protecting your tweets so only people you approve can see them.

Read [PCWorld]

• Twitter adding updates for list features
• Who’s on Crack in Tech: 07.03.09
• Lance Armstrong may crash while tweeting - Twitter rules the Tour