An Australian ISP is temporarily disconnecting PCs infected with trojan viruses. BidPond was required to take this measure after its servers were swamped by malicious traffic coming out of malware-infected PCs a.k.a. "zombies."   

In a statement provided to ZDNet Australia , BigPond said it had
stepped up network monitoring to identify infected machines. "Customers
with suspected compromised PCs are being contacted where possible to
encourage them to rectify the issue and if necessary are being
disconnected from the network while the issue is rectified"

Is this a solution to the problem? It is true, many "zombie" PCs will be turned off of the Internet, thus limiting the traffic that BigPond’s servers get, including spam, but it is interesting whether unhappy customers will turn to someone else for their Internet as a result. A non-technical user, who is being told that their PC is infected and thus their network is disconnected is left with few options - one of them is to fork out a large sum of AU$ and hire a "geek" to fix it for them.

Should we allow ISPs to shift the cost of network "cleanup" to their customers?

[Via ZDNet.com.au, Australia -]

A class-action lawsuit against alleged spyware king
DirectRevenue of New York claims that the company has deceptively
downloaded harmful and offensive spyware to unsuspecting users’
computers. The suit alleges that DirectRevenue

"unlawfully used and damaged plaintiffs’ computers to make money for
themselves while willfully disregarding plaintiffs’ rights to use and
enjoy their personal property."

[Via eWeek]

From Lieutenant General Boris Miroshnikov:

"Everyone knows that Russians are good at maths. Our
software writers are the best in the world, that’s why our hackers are
the best in the world."

I am not sure whether I can detect a sense of pride, or distress in this Leutenant’s comment.

[Via ZDNet -]

Don’t be misled by the title - phishing is not on its way to disappear - just the big publicity and negative emotion surrounding phishing has led phishers to adopt different, and in many cases - better, techniques.

Although according to the Anti-Phishing Working Group phishing has increased by only 1.8% in February, the number of pharming attacks increases. The bad news is that pharming is much harder to detect due to the fact that only some users’ traffic gets re-directed, and only temporarily.

Previous
phishing attacks lured a user in through social engineering, primarily
spoofed e-mail and websites. Now, not only are phishers beginning to
use Instant Messaging (IM) to spoof companies, but phishing without a
lure is becoming more prevalent. There are several variations. The most
common is malicious code, which either modifies a host file to point
commonly accessed sites to a fraudulent site (called "pharming") and
malicious code that logs a user’s keystrokes based upon a set of
predetermined URLs that are accessed (known as "keylogging"). DNS cache
poisoning is an alternative technique that can be used to resolve
information to non-legitimate pharming web sites.

[Via eMarketer, NY -]