Fake Twitter Invites

Aditya — Sun, 21 Jun 2009 18:01:20 +0000

If you are not a Twitter user, this implies more to you. Symantec has warned internet users about malicious email from “invitations@twitter.com” which contains an attachment. If this attachment is downloaded extracts email addresses from your computer and then copies itself to shared folders and removable drives.

The subject of this e-mail is “Your friend invited you to twitter!” similar to the mail that is actually sent fro Twitter when a friend invites you, but the original Twitter mail does not contain any attachment. This attachment is name Invitation Card.zip for deceiving users but it actually is W32.Ackantta.B@mm – a nasty, email address-harvesting worm.

Surprisingly this has got nothing to do with Twitter, or does not even target its users. It just uses the popularity of Twitter to spread . Simply delete such mails without downloading the file.

Windows 7 hacked!

Aditya — Sun, 26 Apr 2009 21:33:10 +0000

The latest installment of OS from Microsoft as you know is Windows 7, whose RC1 is yet to be released for masses on 30th April, i.e 3 days from now. Eventhough two Indian researchers, Vipin and Nitin Kumar claim to have successfully hacked Windows 7. They have designed a piece of software weighing just 3kb(wow!), that attacks what is claimed to be a ‘design problem’ of the OS. Their software is name Vbootkit 2.0 and it can actually allow the attacker to gain complete control of the exploited system. Also the researchers claim that it is an non-fixable change, well that sure is going to give M$ a chase for their new baby.

This is an informational article, it does not encourage use of tools for malicious purposes!

VBootkit's working

How does it work? During boot up, VBootKit 2.0 , loads itself into the system memory and bypasses the hard drive altogether, making it extremely difficult to detect as nothing is altered on the hard disk. And once it is is up in the memory, it functions just like a remote backdoor that allows the attacker to do any changes including changing system passwords, install other malwares etc. But, as it runs in memory it will last as long as PC runs, once it is restarted its gone. Also, you dont need to worry much as the attacker needs to have physical access to your machine to use this software. But Microsoft has definitely got some reasons to get worried, if their so called “best designed” OS can be taken over by a 3KB code. You might have noticed somethind, the version of this software, its 2.0 , and thats because they made a similar code for Vista too! Why dont OS makers learn from it?Well, we do learn and hence using Linux is a wise decision . Look out for my next post to get what I mean to say.

Novocained » Hack

Fake Twitter Invites

Windows 7 hacked!