Tuesday, September 14, 2010

Damballa Discovers New Wide-Spread Global Botnet Offering ‘Commercial’ DDoS Services

(BUSINESS WIRE)--Damballa Inc., the company transforming the fight against cyber threats, today announced the discovery of a new botnet that offers pay-for-delivery Distributed Denial of Service (DDoS) attacks. The ‘IMDDOS’ Botnet, named after the commercial name on the botnet website, has grown to be one of the largest active global botnets in less than four months from initial testing. According to Damballa, the infected hosts used in the DDoS attacks have become unwitting participants in the botnet and are widespread. The vast majority of infected hosts are in China, with the United States being in the top 10 countries affected. Internet Service Providers (ISPs) worldwide were affected, including the majority of North American ISPs, and a number of major corporate networks are hosting bot agents for the IMDDOS Botnet.

“The commercial nature of this botnet and the rapid growth and ultimate size are what make this discovery interesting”

The IMDDOS Botnet offers a commercial service for delivering DDoS attacks against any desired target. Hosted in China, this publicly available service is available for lease to anyone willing to establish an online account, input the domain(s) they wish to attack, and pay for the service. Throughout the Damballa period of study, the botnet grew large very quickly. Following testing by the criminal operators in April 2010, it reached a production peak of activity with 25,000 unique Recursive DNS (RDNS) lookups per hour attempting to resolve to the botnet’s command-and-control (CnC) servers. Damballa is currently working with ISPs and law enforcement officials to contain and nullify the threat.

A 16-page analysis of the discovery can be viewed at: www.damballa.com/IMDDOS. This analysis includes details of the technical infrastructure of the botnet and associated malware as well as an animated illustration of the IMDDOS Botnet’s global growth and impact from early testing stage to peak activity rendered in hourly increments.

A Denial of Service (DoS) attack is a technique used to overwhelm a website/domain in an effort to reduce its responsiveness or completely eliminate its ability to respond to new connection attempts. DoS attacks have historically been used to ‘take down’ political sites, abuse sites, commercial business websites and even military command centers as part of a coordinated targeted campaign.

A DDoS attack utilizes multiple PCs or servers to initiate a coordinated attack against a targeted system. The more assets involved in the attack, the larger the flood of requests and data that can be targeted at the victim. To create a very large army of assets that can launch DDoS attacks, botnets are used to rally and command unwitting victim machines into participating in the attacks.

“The commercial nature of this botnet and the rapid growth and ultimate size are what make this discovery interesting,” stated Gunter Ollmann, vice president of research for Damballa. “The public website hosting the DDoS service offering, with various ‘plans’ and attack options, speaks to the ease with which anyone can leverage criminal infrastructure. The malware used is simplistic, yet it was successful in spreading rapidly. And while it appears to be primarily a DDoS delivery platform, the size of the botnet reached impressive proportions, certainly large enough to wreak major havoc on any victim organization should it be pointed in the right direction.”

This discovery was made possible due to a global array of Damballa sensors, which provide worldwide visibility into CnC activity, combined with the understanding and quantification of statistical heuristics that can explain, and most importantly, quickly detect, the malicious nature of this botnet operation. Damballa tracks thousands of botnet operators and their growing cache of botnets every day. Each criminal botnet building campaign is observed, analyzed, automatically catalogued and categorized using a sophisticated array of clustering and machine learning systems. As the criminal botnet operators attempt to grow the botnet, their investments and modifications to their CnC hosting infrastructure are tracked and used as markers for eventual attribution. Damballa customers benefit from this advanced knowledge of the threat, being alerted to the presence of the malware and being able to terminate the CnC communications.

“Botnets are recognized by industry experts as being the delivery mechanism of choice for the vast majority of today’s cyber threats that plague corporate and ISP networks,” said Val Rahmani, CEO of Damballa. “Botnets and other cyber threats are attacking corporate networks and service providers at an alarmingly high rate and are causing security teams around the world to reevaluate their security investments. Damballa leads the security industry in delivering solutions that detect and terminate botnets and cyber threats, and our research and product teams are constantly innovating and bringing more powerful and automated weapons to the war against cybercrime.”

Community News You Can Use
Fayette Front Page
Georgia Front Page
Follow us on Twitter:  @GAFrontPage

Monday, September 13, 2010

First-Ever Study of Google's Impact on Internet, Economy, Pricing & Jobs

/PRNewswire/ -- Today Precursor LLC released a first-of-its-kind research study on the impact of the largest and most powerful Internet company, Google Inc., on the Internet, economy, pricing and jobs. Google Inc. is expanding beyond its search monopoly to dominate other parts of the Internet at such an alarming rate that Google Inc. increasingly is the Internet for most consumers.

Precursor President Scott Cleland said:
-- "There is no net-economic growth or job creation from Google's 'free'
Internet sector model, only a deflationary price spiral, negative
growth, property devaluation, and hundreds of thousands of job losses
in over 20 industries. Consumers don't win long term from a
monopoly-gatekeeper of 'free' information access and distribution."
-- "Many will be amazed to learn that when Google rebrands its current
YouTube-Double-Click video advertising business as 'Google TV' this
fall, it already will own an Internet video-streaming monopoly with
80% of the Internet audience, almost a billion viewers, 2 billion
daily monetized views, and 45 billion ads served daily."
-- "Lax antitrust merger enforcement is responsible for tipping Google to
monopoly and facilitating its monopolization of consumer Internet
media. If antitrust authorities do not wake up soon, a wide swath of a
trillion dollar sector with millions of jobs - i.e. video, maps,
books, analytics, travel, etc. - will suffer the same fate as the
music and newspaper industries."
-- "While I expect the study to generate a healthy debate over whether
Google's behavior is pro or anti-competitive, pro or anti-consumer,
and pro or anti-innovation, any rigorous analysis of the facts will
lead to the same conclusion of this study - that Google's exercise of
its market power is spreading to many other industries and spreading
at an alarming rate."

The core recommendation of the study is that the U.S. Department of Justice's Antitrust Division and the European Commission's Competition Directorate should sue Google for monopolization.

About the study's author:

The study was conducted over the last few months by Scott Cleland, President of Precursor LLC, a leading techcom research and consulting firm. (See: www.Precursor.com.)

-- Formerly, Cleland was an Institutional Investor Magazine top
independent telecom analyst in 2004 and 2005.
-- He has a high-profile track record of being first to spot big
anomalies involving the Internet.
-- In late 2000, Cleland was the first analyst to expose that
Internet traffic was in reality growing 90% slower than what the
market assumed, heralding the bust of the dot.com bubble that
wiped out $4 trillion in market capitalization.
-- In 2002, Cleland was the first analyst to discern that WorldCom's
model did not add up and to predict its bankruptcy.
-- In 2007, Cleland was the first analyst to predict that Google's
acquisition of DoubleClick would tip Google to monopoly; an
assessment the DOJ affirmed in 2008 in blocking the Google-Yahoo
ad agreement via a threatened monopolization case.
-- A leading expert on Google, Cleland publishes two Google watchdog
sites www.GoogleMonitor.com and www.Googleopoly.net, and he has
testified before both House and Senate subcommittees on Google.

The views expressed in the Googleopoly VI study are solely those of the author and not the views of any Precursor LLC clients.

Community News You Can Use
Fayette Front Page
Georgia Front Page
Follow us on Twitter:  @GAFrontPage

Thursday, September 9, 2010

GSLO: Turn Your Apple iPod Touch Into a Smartphone

(BUSINESS WIRE)--Does your iPod Touch suffer from iPhone Envy? Not for long: GoSolarUSA Inc. (PinkSheets:GSLO) announced a deal today with innovative Chinese developer Yosion to bring that company’s cutting-edge Apple Peel 520 product to the United States.

“We see the Apple Peel 520 as a stunning breakthrough in mobile technology, and we’re proud to work with Yosion to develop this product for the U.S. market.”

Both companies signed a funding option agreement last week. Under the agreement, GoSolarUSA will work with Yosion to develop the Apple Peel 520, file for a U.S. patent and distribute it in the U.S.

When used with Apple’s (NASDAQ:AAPL) iPod Touch, the Apple Peel 520 functions as a protective skin that adds mobile voice and text messaging capabilities to the touch-screen media player. The startling new technology represents a more affordable alternative to purchasing Apple’s pricier iPhone, and with 275 million iPods already on the market, the Apple Peel could be an instant hit. Yosion announced last week that September’s initial manufacturing run is already sold out.

“We are so pleased to have reached this agreement with Yosion,” said Tyson Rohde, President of GSLO. “We see the Apple Peel 520 as a stunning breakthrough in mobile technology, and we’re proud to work with Yosion to develop this product for the U.S. market.”

The Apple Peel 520 is the creation of 22-year-old Chinese programmer Pan Yong. The gadget slips over the iPod Touch’s case and includes a battery, dock connector and SIM card. Once the proper software is installed, the Apple Peel adds the ability to make voice calls and text messages using the iPod Touch. When fully charged, the Apple Peel’s 800mAh battery offers nearly five hours of talk time and 120 hours of standby use.

The Apple Peel 520 first made waves online in the U.S. last month when it was featured on CNN.com [http://articles.cnn.com/2010-08-16/tech/china.apple.peel_1_apple-smart-phone-iphone-ipod?_s=PM:TECH] and earned positive buzz from Engadget.com [http://www.engadget.com/2010/07/28/ipod-touch-turned-into-a-phone-using-yosions-apple-peel-520/], among other Web sites.

“For right around $60, this device really does transform the iPod Touch into a smartphone,” Rohde said. “If there is a hotter iPod accessory anywhere in the world, we certainly haven’t seen it.”

The option agreement signed by both companies on Wednesday requires that both parties negotiate in good faith to reach terms on a profit-sharing agreement. It has been filed as a material contract with GSLO’s public filings.

GoSolarUSA is dedicated to aggressively acquiring, developing and marketing promising and potentially profitable technology. The iPod Touch and the iPhone are products of Apple Inc., which competes in the global smartphone market against the Google (NASDAQ:GOOG) Android and Research in Motion’s (NASDAQ:RIMM) BlackBerry line.

For more information, please visit www.GoSolarUSA.com.

Community News You Can Use
Fayette Front Page
Georgia Front Page
Follow us on Twitter:  @GAFrontPage

Friday, September 3, 2010

GFI Software Announces Top 10 Malware Threats for August

(BUSINESS WIRE)--GFI Software, a leading IT solutions provider for small and medium-sized enterprises, today announced the top 10 most prevalent malware threats for the month of August 2010. The report, compiled from monthly scans performed by GFI's award-winning anti-malware solution, VIPRE® Antivirus, and its antispyware tool, CounterSpy®, is a service of GFI Labs™.

“Our research group is analyzing new rogues too, but what we’re seeing through ThreatNet indicates that VIPRE is preventing these rogue downloads.”

GFI VIPRE ThreatNet™ statistics for the month of August show that GFI customers were under attack throughout the month primarily by the same Trojan horse programs that have persisted for several months. In fact, the top four threats were unchanged in order from the month of July. Trojans detected as Trojan.Win32.Generic!BT were still the chief detection, slightly down to 25.11 percent of total detections. This particular Trojan detection has been in the top spot for some time: in July with 29.08 percent and in June with 27.16 percent of the total detections.

The number two detection, Trojan-Spy.Win32.Zbot.gen is a detection of password-stealing Trojans with many versions. The third largest detection, Trojan.Win32.Generic.pak!cobra, is a generic detection for a variety of malware that can infect 32- and 64-bit Windows installations.

“Detections of this malicious code indicate that botnet operators continue to try to infect machines and use them in their spamming networks,” said Francis Montesino, manager of the malware processing team, GFI Labs. “Our ThreatNet detections for the month also agree with other reports we’ve heard in the last few weeks that have found a high level of traffic in rogue security products. These are often referred to as scareware. We’re seeing a multitude of detections of the downloaders and installers that are associated with the rogues.

Montesino continued, “Our research group is analyzing new rogues too, but what we’re seeing through ThreatNet indicates that VIPRE is preventing these rogue downloads.”

The top 10 results represent the number of times a particular malware infection was detected during VIPRE and CounterSpy scans that report back to ThreatNet, GFI’s community of opt-in users. These threats are classified as moderate to severe based on method of installation among other criteria established by GFI Labs. The majority of these threats propagate through stealth installations or social engineering.

The top 10 most prevalent malware threats for the month of August are:
1. Trojan.Win32.Generic!BT 25.11%

2. Trojan-Spy.Win32.Zbot.gen 4.23%

3. Trojan.Win32.Generic.pak!cobra 3.61%

4. INF.Autorun (v) 3.27%

5. Trojan.Win32.Generic!SB.0 2.01%

6. BehavesLike.Win32.Malware (v) 1.04%

7. Worm.Win32.Downad.Gen (v) 0.96%

8. Trojan.Win32.Malware.a 0.93%

9. Trojan.Win32.Meredrop 0.92%

10. Exploit.PDF-JS.Gen (v) 0.84%

Community News You Can Use
Fayette Front Page
Georgia Front Page
Follow us on Twitter:  @GAFrontPage

Wednesday, September 1, 2010

FCC Terminates AWS-3 Rulemaking to Auction Spectrum with Free Broadband Requirement; Breaks National Broadband Plan Commitment

/PRNewswire/ -- On Friday, August 27, 2010, the Federal Communications Commission (FCC) notified M2Z Networks, Inc. (M2Z) and its Silicon Valley investors including Kleiner Perkins, Charles River Ventures, and Redpoint Ventures, that it has terminated the AWS-3 spectrum (2155-2180 MHz) public interest rulemaking, thereby closing off the possibility of providing free nationwide broadband service in the United States for the foreseeable future. The FCC has been considering M2Z's proposal for a free nationwide broadband network using AWS-3 since 2006. This decision reverses the FCC's National Broadband Plan commitment to finalize the AWS-3 spectrum rulemaking in the fourth quarter of 2010 and for the spectrum to be auctioned by the second quarter of 2011.

The FCC's AWS-3 rulemaking, pending since 2007, consisted of three key issues:

-- A requirement that the AWS-3 licensee provide free broadband service
to at least 95% of the U.S. population in order to address the digital
-- A requirement that the AWS-3 licensee adhere to Net Neutrality
principles of open access (end-user access to all lawful content) and
open platforms (end-users to have the choice of devices);
-- An enforceable requirement on the AWS-3 licensee to build-out a
national broadband network covering 50% of the population in 4 years
and 95% in 10 years.

According to the FCC's own National Broadband Plan, 28 million Americans today cannot afford to subscribe to broadband. A free nationwide broadband service using the AWS-3 spectrum band would have addressed this persistent digital divide. While campaigning for the White House in 2008, President Obama told the U.S. Conference of Mayors, "Every American should have broadband access - no matter where you live, or how much money you have. We'll connect our schools and libraries and hospitals. And we'll take on the special interests to realize the potential of wireless spectrum for our safety and connectivity."

There continues to be considerable support from the public for a free nationwide broadband service. The FCC record shows that during the pendency of the AWS-3 rulemaking, more than 50,000 Americans signed a petition supporting the proposed rules while the FCC and members of Congress received over 20,000 letters and emails in support of the proposed rules. Government officials outside of Washington--faced with a growing digital divide and a poor economy--also saw merit in this innovative private sector solution. The FCC record shows that over 300 local, state and federal officials from all 50 states wrote to the FCC in support of the proposed AWS-3 rules.

"The FCC's decision to delay the use of this valuable spectrum forgoes the consumer welfare and economic stimulus that would result from putting new spectrum into the marketplace," said John Muleta, CEO of M2Z Networks. "A new nationwide broadband entrant that provided a free broadband service would have created tens of thousands of direct and indirect jobs throughout the country while giving all Americans an equal opportunity to participate in the digital economy. Despite the spectrum crisis facing the U.S. as documented by the FCC's National Broadband Plan, the AWS-3 spectrum will continue to lie fallow providing no economic value to American consumers."

Community News You Can Use
Fayette Front Page
Georgia Front Page
Follow us on Twitter:  @GAFrontPage