Spamzy

Test-preparatory firm The Princeton Review accidentally published the personal data and standardized test scores of tens of thousands of Florida students online, “where they were available for seven weeks,” says The New York Times.

A security hole, “allowed anyone to type in a relatively simple Web address and have unfettered access to hundreds of files on the company’s computer network, including educational materials and internal communications,” says the story, going on:

Another test-preparatory company said it stumbled on the files while doing competitive research. This company provided The New York Times with the Web address of the internal files on the condition that it not be named. The Times informed the Princeton Review of the problem on Monday, and the company promptly shut off access to that portion of its site.

One file on the site contained information on about 34,000 students in the public schools in Sarasota, Fla., where the Princeton Review was hired to build an online tool to help the county measure students’ academic progress. The file included the students’ birthdays and ethnicities, whether they had learning disabilities, whether English was their second language, and their level of performance on the Florida Comprehensive Assessment Test, which is given to students in grades 3 to 11.

Another folder contained dozens of files with names and birth dates for 74,000 students in the school system of Fairfax County, Va., which had hired the Princeton Review to measure and improve student performance.

According to the New York Times, The Princeton Review said student information should have been protected by a password, but the protection was, “most likely lost when the company moved its site to a new Internet provider in late June”.

It’s now looking into how many people might have accessed the files, some of which could be found through search engines,” adds the story.

Go here to read the rest:
Princeton Review test scores online

MaxAntiSpy is a new rogue anti-spyware program targetted at the Russian market. This parasite is essentially a corrupt spyware remover, which uses trojans, such as Zlob, to enter the system. MaxAntiSpy uses misleading advertising (popups, fake system notifications, falsified system scan reports) to create a reason for the user to purchase it’s “licensed version”.

MaxAntiSpy is a scam and should be treated as such: do NOT download or buy it and block MaxAntiSpy.com using your HOSTS file.

Original post:
MaxAntiSpy

Lop is a family of malicious browser hijackers that change Internet Explorer home and search pages, modify related search settings, install a toolbar and add numerous bookmarks to advertising sites to the web browser’s Favorites list. Lop parasites also track user Internet activity, create advertising desktop shortcuts, install unsolicited and potentially harmful programs and pests. Some threats can display commercial pop-up advertisements and may affect system stability. Typical Lop parasites are able to update themselves via the Internet. Threats automatically run on every Windows startup.
there are many variants of LOP:
lop/Trinity: old variant, which adds shortcuts and hijacks homepage and search.
lop/Dialer: porn dialler.
lop/Toolbar: IE toolbar with lop links
lop/Rnd: same lop/Toolbar but with completely random class IDs and filenames.
lop/AYB: a URL protocol module used by the MP3Search (or similar) minibrowser.
lop/Loader: an installer process that opens a small progress window and loads other lop products and variants.
lop/IMZ: similar to lop/Loader, but installs lop/Rnd and FavoriteMan/IMZ
lop/Active: monitors web pages viewed for keywords, and sets the buttons in the toolbar to match. Hijacks Default window to active-max.com, mysearchnow.com, searchwebnow.com or find-quick.com.

Excerpt from:
Lop

Spamza.com is a website that recently went live, where you can enter someone’s - anyone’s - email address, and they will start getting instantly spammed by dozens of newsletters for which they did not sign up. If you’ve had a sudden increase in spam or suddenly found yourself signed up for a lot of newsletters and mailing lists that you didn’t request, Spamza may be why. You see, the Spamza site runs a script that takes their email address and then Spamza signs them up for those newsletters, without their permission.

Spamza then also encourages their victims to do the same thing to someone else, by sending that target email address several emails that are the spam equivalent of “nyeah, nyeah”, taunting the victim and saying:

“You got spammed!
Get your revenge and spam your enemies at

SpamZa.com will sign up any email to hundreds of newsletters anonymously”

Now, clearly this is pure evil.

But, is it really what it seems?

Let’s think this through.

The Spamza script that runs when you enter someone’s email address signs that email address up for a bunch of newsletter mailing lists.

However, this only works because those mailing lists don’t use confirmed (double) opt-in, which is considered the industry standard for best email practices. This means that they add that email address to their mailing list without first confirming that the owner of the address really wants to be on the mailing list.

Confirmed or double opt-in means that they first send an email to that address asking the owner of that email address to confirm that they really want to be on the mailing list, by clicking a link, or replying to the confirmation email.

(And actually, some of those mailing lists are confirmed opt-in, and did send confirmations when we did our own testing of Spamza - good for them!)

The point here is that the only reason Spamza is able to create the havoc that it does is because people run single opt-in mailing lists, where they grab any email address that comes their way, say “Oh goody! Another subscriber!”, and add it to their list, without first checking that it was a legitimate subscription.

Now, we have been saying for years that running single opt-in mailing lists, even if you are pure of heart, is a wide open security hole, because anybody can sign up someone else. And the response has always been “Oh c’mon, you’re making that up - nobody would actually do that. Who would do that??”

Well, here’s your answer.

Spamza would do that.

Which brings us to our title question: is Spamza really the ultimate spamming weapon? Or, is it the ultimate anti-spammer weapon?

Was Spamza created by some whacko who just wanted to see how much spam they could proliferate on the Internet?

Or was Spamza created by some ardent anti-spammer, who knew that, among other things, all those single opt-in mailing lists would get in trouble for having been duped into unwittingly proving what the email receiving and anti-spam industries have been saying all along: single opt-in is ripe for abuse?

You be the judge - here is what Spamza says about itself:

“SpamZa.com is a website designed to promote newsletters and interesting content. WE DO NOT SEND SPAM. SpamZa will subscribe the e-mail you submit to hundreds of popular and free newsletters. You can leave these newsletter at any time. Simply speaking, you put any e-mail, you click “Spam this email!” and we do the rest. The said e-mail will be registred to hundreds of daily newsletter and receive thousands of e-mails, most of them who avoid the junk filter. The point of this website? To spend as much newsletters as possible to as much people as possible. There are very few things the owner of the e-mail can do: change his e-mail address (but you can re-submit his e-mail), manually unsubscribe hundreds of newsletters (but you can resusbcribe him… if you are really evil) or ignore all the message (it becomes impossible to execute the most basic tasks). In short, SpamZa! is a very mean way to create a lot of problems

SpamZa was created with the idea that spam and newsletters were our friends, not our enemies. Think about it for a second: some people worked really really hard to write interesting newsletters and emails. The least we can do is read it! SpamZa will subscribe any email sent to hundreds and hundreds of newsletters. Furthermore, its algorithm always being under development, you can expect the e-mail owner to make a lot of friends from Nigeria who have a lot of money to give and he can expect to have your Bank of America/Citigroup/eBay/Paypal account suddenly locked with a poorly written email from LOLUGETSCAMMED@PHISINGROFLMAO.com. You know all the newsletters that say “we do not redistribute or resell your email” (but do anyway)? We do the opposite. We get your email known, and pretty well known to as many newsletters are possible. Expect any email entered in our form to receive 100-150 emails per day at the bare minimum, most being able to bypass most junk filters. To use our service, enter any email and click “Spam this email!” and get ready to get spammed. You may enter any email you want but please understand this is very, very mean to use. For maximal efficiency, enter the email every day and re-spam it, so even if the person unsubscribe, he’ll get in again the next day.

SPAMZA DOES NOT SENDS SPAM. SPAMZA TAKES NO RESPONSABILITY FOR THE E-MAIL YOU CHOOSE TO SUBMIT TO OUR ALGORITHM. SPAMZA WAS CREATED TO PROMOTE POPULAR NEWSLETTERS AND NOT FOR SPAM. SpamZa is perfectly legal and respect all anti-spam policies around.

SpamZa is not responsible for any consequences of using its services. SpamZa provides its services in a purely informative manner. The user is solely responsible the email he submits to our engine and algorithm. We are not responsible for any unwanted email from anyone. We do not send unwanted email and do not maintain a newsletter for ourselves. SpamZa is neither affiliated nor associated with any newsletter or website sent from using this service. SpamZa does not approve nor disapprove any email, communication letter or information sent using its service. If you received spam because someone used SpamZa on you, we do not care. If you want to bitch because your email is unusable, we do not care, but please send us your hate mail anyway so we can laugh at it. If you are frustrated about our website, good for you.

PRIVACY
We never reveal the IP of the person who visits our website and submit e-mails, no matter what. We never reveal who subscribed him to SpamZa! and all those newsletters. The victim will most likely never know who subscribed him to this service, making it almost impossible to track the person who subscribed him to so much spam.

To all the little shits that try to take us down by submitting complaints — it won’t work. Stop wasting your time and ours and e-mail us if you got a problem”

[Ed. Note: Ironically, it appears that it did work, as as of noon EST today, the Spamza.com site is down.]

See the original post:
Spamza - The Ultimate Spamming Weapon - Or is It?

Titan Shield is a trojan that displays an icon in the system tray. This icon shows a message, which says that the compromised computer is infected with dangerous spyware parasites and asks the user to download and install a removal program, which actually is Titan Shield, corrupt illegally distributed spyware remover. Once the user clicks on such message, the trojan opens a web site distributing Titan Shield. It may also try to download the application. The trojan is able to change the Internet Explorer default home page and redirect the web browser to malicious web sites. Furthermore, it can restart the infected computer without asking for user permission. Titan Shield automatically runs on every Windows startup.

Here is the original:
Titan Shield

Virut is a virus that infects any executable files and screensavers that the user accesses. The parasite also opens a back door providing the attacker with unauthorized remote access to the compromised computer. The intruder can upload and run arbitrary files.

Here is the original post:
Virut

Internet Antivirus is a new rogue anti-spyware program - a fake spyware remover, which uses trojans, such as the infamous Zlob or Vundo, to enter the system. This parasite relies on misleading advertising (popups, fake system notifications, falsified system scan reports) to convince the user that he is infected and therefore in need of Internet Antivirus’ “licensed version”, which is just as fake as the “trial”.

There is no reliable information on Internet Antivirus available. There doesn’t seem to be a company behind it, and there are no contact details. Internet Antivirus is a scam and should be treated as such: do NOT download or buy it and block it’s homepage using your HOSTS file.

Read more:
Internet Antivirus

EAnthology is an adware although it claims to be a useful software package.

Original post:
eAnthology

Imaut.d is an Internet worm that spreads through instant messages using Yahoo! Messenger and Windows Live Messenger programs. The parasite’s messages contain links to malicious web pages. Once the user clicks on such a link, the worm gets secretly downloaded and installed to the system. Then it runs a spreading routine and a payload. Imaut.d changes the Internet Explorer default home page, disables the Task Manager and the Registry Editor and modifies certain Yahoo! Messenger settings. It also displays commercial advertisements and terminates some running security-related applications. The parasite runs on every Windows startup.

Read the rest here:
Imaut.d

Braviax is a malware that milks money from people by displaying misleading alerts. Braviax (also known as Cru629) appears as icon in a system tray that mimics notifications loaded by operating system. Cru629 also loads annoying commercial pop-ups. The purpose of all the alerts loaded by Braviax is the same: to scare people and gain a purchase.
Do not trust Braviax and don