Categories

BitTorrent
Conferences
Direct Revenue
Julie Amero
Myspace
Podcasts
Postbag
The Big Ones
The Fourth Wall
Yapbrowser
Zango

Creative Commons License
All articles licensed
under a Creative
Commons License.  








Home | About me | Press | The Fourth Wall | Links

Wednesday, October 05, 2005

Don't mess with Google, or we will pwn you.

The current wave of anger at the group that tried to nobble Google is a joy to behold - I can honestly say I've never seen so many security experts come together and dig the dirt on the bad-guys as much as I have in this case. And the disgust displayed at these antics by the general public is a valuable reminder that when you trust a brand, you will defend it with everything you have.

Behind the scenes, almost everyone has mucked in - sole intention, kick the behinds of the losers who tried to cause some controversy using the good name of Google for their horrible little hijacker. Everyone has come to various conclusions, and the investigation is still ongoing - however, what most people weren't aware of is that this goes way, way back. In fact, quite a bit further back than the variants picked up by Panda in July of this year.

They go back to 2003.

If you're a scumbag trying to sucker people online, you better believe I'm gonna' drag you out of your hidey-hole and laugh at you on this website. And so it came to pass, that I present for your viewing pleasure, what I believe to be the history of the group attacking Google - from back in the middle-months of 2003, right the way up to the present day. You'll be surprised to see a connection made between these installs and a certain batch of IM-Adware bundles from last month, too. I pulled out all the stops this time round. As you may have guessed, almost total absence of drive-by install websites usually means an alternative point of entry. So it was was Spazbox, so it was with Aurora, so it was with the IM Adware bundles. And now that I'm getting reports of this thing doing the rounds in IM-land, the pieces are starting to fall into place once more.

And if that's not enough for you, check out this writeup by Wayne Porter and Chris Chriswell of FaceTime Security Labs. Some great technical infomation along with some clues to where the investigation will lead next.

There should be more to come on this - the story is not over yet, and we fully intend to do some serious damage to the people behind this. I can't explain it, but something about this one has really annoyed me. Coupled with the fact that there seems to be some shady connection with the IM Bundles, along with that particular attack vector, and the stage is set for more action.

Enjoy the show, kids.

Labels:

posted by paperghost at 6:31 PM | Digg it!

All Content © Vitalsecurity.org 2006. The content of this site is entirely the opinion of Paperghost, and is in no way endorsed by FaceTime Communications. In other words - have a problem, come see me.