Blog for hpHosts, and whatever else I feel like writing about ....

Sunday, 29 July 2012

hphosts: Updated 29-07-2012

I am happy to report, the hpHosts server is now back online, and I've just finished updating the server and mirrors (all except one, due to a technical error, currently being worked on), with the new files (were meant to be out earlier this week, but obviously had to be delayed).

The hpHOSTS Hosts file has been updated. There is now a total of 171,879 listed hostsnames.

If you are NOT using the installer, please read the included Readme.txt file for installation instructions. Enjoy! :)
  1. Latest Updated: 29/07/2012 22:00
  2. Last Verified: 28/07/2012 01:00
Download hpHosts now!
http://hosts-file.net/?s=Download

Thursday, 26 July 2012

Info: hpHosts downtime

For those wondering, hpHosts has been suffering a dDos attack for the past ~48 hours. Steps are being taken to mitigate it and identify those responsible. Once done, hphosts will be back online. Sorry for the inconvenience.

Wednesday, 25 July 2012

Called by 03339009119?

I recently handled a call my family received, from the following number;

0333 9009 119

The chap on the phone had an Indian accent (surprise surprise), and asked for my brother. When told he wasn't in, I asked who it was, and the chap immediately hung up.

I did a little digging, and it appears this number, has quite the history of cold-calling, and spamming on websites (dating back to 2009), including a site claiming to be for the Punjab Police, bit strange, but we also know the Indian police force don't seem to care about their citizens involvement in fraud (unfair? perhaps, but they don't appear to be doing anything about the cold-calling scammers in Kolkata ....).

If you've received a call from this number, or any number starting with 0333 900, then the company to report it to, would be the phone company that owns this number;

Windsor Telecom PLC
http://www.windsor-telecom.co.uk

I'd also recommend reporting it to your phone provider (e.g. BT, Sky, Virgin Media).

References

OfCom: Unsolicited Telesales Calls
http://consumers.ofcom.org.uk/tell-us/telecoms/privacy/

Telephony scams: Your machine told them it was infected? Really?
http://mysteryfcm.co.uk/?mode=Articles&date=18-01-2012

Malwarebytes: Telephony Scams: Can You Help?
http://blog.malwarebytes.org/news/2012/05/telephony-scams-can-you-help/

Eset: The Tech Support Scammer’s Revenge
http://blog.eset.com/2012/07/23/the-tech-support-scammers-revenge

Monday, 23 July 2012

Alert: Olympics 2012 malware

Criminals are very predictable;

1. Disaster occurs
2. Serve malware by exploiting [1]

1. News occurs
2. Serve malware by exploiting [1]

1. Someone dies
2. Serve malware by exploiting [1]

As usual, they're also predictable in how they do it;

1. Drive-by's
2. Exploits
3. Phishing
4. Social engineering

In this case, it's all about the Olympics (don't see why everyone is so fussed about it personally, never have), and right on schedule, the criminals have rallied to exploit it;

The Opening Ceremony of the 2012 Olympic Games is exactly 1 week away and Websense Security Labs researchers are already seeing data-stealing malware that aims to capitalize on the Games. Malware piggybacks on the buzz surrounding current, high profile events like the Olympics in order to steal personal data. Olympics-themed content armed with malware is introduced mainly through social engineering-based attacks. The cyber criminals behind the themed attacks know that they have a better chance of enticing potential victims by appearing current and relevant to a hot topic. That gets clicks, and the chance to spread their data-stealing creations further.

We have been following with interest an advisory released by the Polish Computing Emerging Response Team (CERT) which analyzed an interesting sample of data-stealing malware. This malware, once executed, has the ability to interact with social channels like Facebook, Skype, and Microsoft Live Messenger. This particular variant spreads malicious URLs through those channels and the victim's contact list. To be precise, it employs a socially engineered attack accompanied by a malicious URL that ultimately leads to a malware file that is part of a bot network. Since the sample analyzed has tried to take advantage of the buzz around the start of this year's Olympic Games, we decided it was timely to write this blog post.


Read more
http://community.websense.com/blogs/securitylabs/archive/2012/07/20/a-malware-very-social-and-ready-for-the-olympic-games.aspx

Tuesday, 10 July 2012

vURL server

Just an FYI folks, the servers are going through the routine Windows Updates, so will be down for a few mins or so. fspamlist.com server has already been done, and the vURL server is going through its reboot as I write this.