Articles about Spam

Password reuse bot steals creds from weak sites, logs in to banks

The perils of password re-use have been laid bare with the discovery of a botnet dedicated to finding account credentials on websites and testing the logins it finds on banks. The work is clever since it avoids tripping botnet detection and brute force rate limiters in place at most security-savvy banks, but absent across the …
Darren Pauli, 24 May 2016
Microsoft Clippy

You wanted innovation? We gave you Clippy the Paperclip in your IM client

Comment Look no further for proof that Silicon Valley is now running on its own exhaust fumes than the latest hype: The War of the Clippys. A decade after Microsoft banished its helpful cartoon “Assistant” Clippy from Microsoft Office, Clippys are popping up everywhere, like a plague of rodents. Don’t laugh: Clippy is now a “platform …
Andrew Orlowski, 19 May 2016
Afraid of the dark, image via Shutterstock

Dark net LinkedIn sale looks like the real deal

A hacker is attempting to sell 117 million LinkedIn users' emails and passwords on the dark web. The black hat "Peace" claims the data is the fruits of a well publicized LinkedIn breach from 2012. At the time, only around 6.5 million encrypted passwords were posted online. The business-focused social network LinkedIn never …
John Leyden, 18 May 2016
Her Majesty Queen Elizabeth II, aged 81, of the United Kingdom. Photo taken during a visit in NASA’s Goddard Space Flight Center. Greenbelt, Maryland, USA

Queen's Speech: Ministers, release the spaceplanes!*

Promises on broadband make up the mainstay of a new Digital Bill, first revealed at The Register back in January and formally revealed in the Queen’s Speech today. It’s one of 21 new legislative proposals. The speech reiterated plans to create the right for every household to access high speed broadband. The plans for a …
Team Register, 18 May 2016
Wall of Spam. Pic: freezelight

Sainsbury’s Bank insurance spam scam causes confusion

Numerous UK surfers were left confused on Monday after receiving email confirmations for insurance products with Sainsbury’s Bank that they never bought. People are receiving emails claiming they have started new policies for travel, home and car insurance from the UK supermarket giant’s banking business. El Reg learnt of the …
John Leyden, 17 May 2016
Vikings. Credit: History Channel.

Malicious Android apps slip into Google Play, top third party charts

Malicious Android applications have bypassed Google's Play store security checks to enslave infected devices into distributed denial of service attack, advertising fraud, and spam botnets. The apps are legitimate games that in some stores outside of Google Play have made it to highly-contested top free games charts. …
Darren Pauli, 17 May 2016

Nuisance caller fined a quarter of a million pounds by the ICO

A claims spam company from Blackburn has been fined £250,000 by the Information Commissioner's Office (ICO) after making over 17.5 million nuisance calls. Check Point Claims had harassed people illegally with automated calls encouraging them to claim compensation for job-related hearing loss. The ICO launched its …

Cloud security 101: Get a little more intimate with your provider

You can get many different services in the cloud these days, and cyber security is among them. These days, cloud service providers will take care of everything from email scanning through to watching where your employees surf (and stopping them from going there, if necessary). Most of them claim to do a better job than the …
Danny Bradbury, 16 May 2016

Aussie wedges spam javelin in ring spanner

An Australian man whose penis somehow became lodged in a ring spanner earlier this week was freed in the traditional manner - by a fire crew bearing an angle grinder. According to this local report, "firies" were called to a hospital in the New South Wales city of Tweed Heads on Monday to perform what for them is apparently …
Lester Haines, 13 May 2016
2001: A Space Odyssey

Lie back and think of cybersecurity: IBM lets students loose on Watson

IBM is teaming up with eight North American universities to further tune its cognitive system to tackle cybersecurity problems. Watson for Cyber Security, a platform already in pre-beta, will be further trained in “learning the nuances of security research findings and discovering patterns and evidence of hidden cyber attacks …
John Leyden, 12 May 2016

Brexit campaign group fined £50k for sending half a million spam texts

Pro-Brexit group Leave.EU has been fined £50,000 for sending up to 500,000 unsolicited text messages urging people to support its campaign, the Information Commissioner’s Office (ICO) said today. The group, registered as Better for the Country Ltd and funded by millionaire UKIP donor Arron Banks, broke the law by not having …
Man in a suit drinking tea out doors reading from his tablet

Twitter block Oz Greens talk

Trying to end a case of hashtag spam, Twitter instead briefly censored political discussion in Australia. Political enthusiasts had started using the #Greens16 hashtag to discuss the Australian Greens in the context of Australia's 2016 election campaign. The trouble started when some idiot in charge of herding porn-bots …
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Suck on this: White hats replace Locky malware payload with dummy

Pranksters have infiltrated the control system behind the infamous Locky ransomware and replaced the malware’s main payload with a dummy file. Locky normally spreads using malicious and disguised JavaScript inside email attachments supposedly containing an invoice or similar. Malicious messages are sent to prospective marks in …
John Leyden, 05 May 2016

LG: Stop focusing on Apple and Samsung. There's us. And our G5. Look at it. Look at it

Review Every year LG threatens to steal the flagship crown, but the press pauses briefly only on the device before returning to speculating about Samsung and Apple. LG’s flagships have featured ground-breaking screens (Quad HD), unusual banana shaped glass and consistently good imaging. But still no breakthrough. No wonder LG got fed …
Andrew Orlowski, 26 Apr 2016

Net scum lock ancient Androids, force users to buy iTunes gift cards

Blue Coat researcher Andrew Brandt says ancient Androids can be hijacked with persistent ads that force victims to buy US$200 worth of iTunes gift cards. Brandt considers the spam as ransomware since it traps infected Androids in a locked screen state until victims buy attackers gift cards which would presumably be later …
Darren Pauli, 26 Apr 2016
Angry man yelling on phone while reading vintage printer paper report. Photo by SHutterstock

What a difference a year makes: ICO tele-spam fines break £2m barrier

The Information Commissioner's Office (ICO) has issued £2m in fines since a change in the law allowing it to crack down on nuisance marketing, an increase of more than 565 per cent on the preceding 12 months. As the law stands, companies intending to make marketing phone calls without prior permission must first check the …
Google UK office logos

Google unleashes TensorFlow 0.8 for your distributed machine learning needs

Version 0.8 of Google's open source machine learning library, TensorFlow, has been released, adding support for distributed computing so you can get your whole Beowulf cluster infected with its Skynet. TensorFlow is an open source software library for numerical computation using data flow graphs, and was released under the …
Man with head in the cloud

Symantec.cloud portal limps back online after day-long TITSUP

Symantec.cloud’s portal is back online following a day-long outage. However, sysadmins report a continuing inability to perform basic functions such as adding new email accounts for new starters at the corporate firms they manage. Problems with the system followed a database crash on Monday morning that dragged on until …
John Leyden, 13 Apr 2016
Zuckerberg

Zuck: You're still using non-Facebook websites ... I'll put an end to that

At the opening keynote of the Facebook F8 developer conference, Mark Zuckerberg has outlined his company's plan to get everyone online and hooked on Facebook within the next decade. "Instead of building walls we can help people build bridges, instead of dividing people we can bring people together – one connection at a time, …
Iain Thomson, 12 Apr 2016

Costa Rica launches investigation after reports hackers ‘rigged’ 2014 election

Costa Rica is to investigate whether hackers interfered with its 2014 elections. The investigation comes days after jailed hacker Andres Sepulveda claimed he had used black propaganda and other tactics in order to influence many electoral contests across Latin America over a run of eight years for 2005 until 2013. Sepulveda …
John Leyden, 08 Apr 2016
No junk mail. Pic: gajman, Flickr

Mumblehard spam-spewing botnet floored

Security researchers have teamed up with authorities in Ukraine to take down a spam-spewing Linux-infesting botnet. Security firm ESET teamed up with CyS-CERT and the Cyber Police of Ukraine to take down the Mumblehard botnet. A year ago, ESET analyzed the Mumblehard botnet, which was made up of thousands of infected Linux …
John Leyden, 07 Apr 2016
Internet email sign. Pic: @mattw1lson, Twitter

US government updates secure email guide for first time in a decade

The US government's technology agency has updated its secure email guide for the first time in a decade and put it out for a month of public comment. The National Institute of Standards and Technology (NIST) guide [PDF] is 81 pages long and provides a surprisingly useful rundown on what to do to get your email secure. Its top …
Kieren McCarthy, 01 Apr 2016

Cunning scam: Mobe app stalks victims then emails booby-trapped bogus speeding tickets

Here's a smart scam that's cropped up on the US East Coast. It appears people have installed a free smartphone app – quite possibly a traffic monitoring tool – that keeps an eye on their whereabouts, and then emails them fake speeding tickets. Victims are tricked into thinking the messages are legit and have come from the cops …
Shaun Nichols, 28 Mar 2016
wham_bang by Roy Lichtenstein

Cyberthreat: How to respond...and when

Spotting threats in cyberspace is like star gazing. There are lots of them out there, but telling them apart and working out which ones are about to go supernova takes experience and skill. You don’t want to pour the same resource into protecting yourself against every single perceived threat, because no budget can support …
Danny Bradbury, 23 Mar 2016

German lodges todger in 13 steel rings

A Munich man has set what may prove an unassailable record for the number of steel rings lodged on a penis after presenting himself at a local hospital with no less than 13 engorgement aids encircling his swollen member. Die Welt explains that the unnamed 52-year-old had endured four days of entrapment when he rolled up at …
Lester Haines, 10 Mar 2016
Wall of Spam. Pic: freezelight

State should run power firm spam database, says... competition watchdog

The UK’s competition regulator wants to see a new database of utility customers set up so they can be bombarded with “targeted marketing”. The Competition and Markets Authority wants the personal data of energy customers who fail to switch from the default tariff for three years – what the CMA calls “Disengaged Domestic …
Andrew Orlowski, 10 Mar 2016

Zynga CEO resigns – again – after terrible results

The CEO of mobile games company Zynga, Mark Pincus, has resigned – a second time – following bad results. The decision to replace Pincus with a veteran games industry exec is Groundhog Day for the troubled company after it did exactly the same thing in 2013. Back then, Pincus was replaced with former Electronic Arts exec Don …
Kieren McCarthy, 02 Mar 2016

Ofcom should be the BBC's ultimate overlord, UK.gov told

Telcomms regulator Ofcom should also regulate the BBC, a review for the Ministry of Fun has found. An independent review into the governance and regulation of BBC governance by Sir David Clementi, commissioned by DCMS, reported back yesterday. Astonishingly, Clementi came up with the result that the government had wanted in …
Andrew Orlowski, 02 Mar 2016
Laurel and Hardy on the phone

ICO fined cold-call firm £350k – so directors put it into liquidation

A Brighton-based robo-call spam operation has been hit by a record £350,000 fine by data privacy watchdogs. Since the firm has been closed down and entered liquidation, however, even the Information Commissioner admits the fine is unlikely to be paid. Prodial Ltd, a lead generation firm responsible for more than 46 million …
John Leyden, 29 Feb 2016

ADpocalypse NOW: Three raises the stakes

Analysis It’s WAR. CK Hutchison’s Three network will become the first UK mobile operator to block ads, threatening to undermine the $100bn mobile ad business, and app developers and publishers who depend on them. Three confirmed to us that apps will be starved of ads once the blocking is turned on. Although Three is the smallest of …
Andrew Orlowski, 19 Feb 2016
Tommy Lee Jones delivers implied facepalm. From No Country for Old Men  Copyright Miramax Pictures. 2007.

Remember WordPress' Pingbacks? The W3C wants us to use them across the whole web

Something called Webmentions – which looks remarkably like the old WordPress pingbacks, once popular in the late 2000s – is grinding through the machinery of the mighty, and slow-moving, World Wide Web Consortium (W3C). But don’t be deceived. Lurking behind that unassuming name lies something that might eventually offer users …

This is what it looks like when your website is hit by nasty ransomware

Malware appears to have hijacked the British Association for Counselling and Psychotherapy (BACP)'s website – and held it to ransom. The front page of the site has been replaced with instructions on how to pay off the extortionists: $150 (£100) in Bitcoin must be coughed up by February 22, or the association's web data will …
Chris Williams, 12 Feb 2016

Net narks phishing AlphaBay drug logins in clever redirect attack

Netcraft security man Paul Mutton says net narks have spun up a fake version of Alphabay Market, a popular darknet venue, in a bid to steal login credentials. AlphaBay is the brainchild of Russian carders that emerged in 2014 following the fall of drug haven Silk Road. The HTTP site is cleverly assembled to mimic the login …
Darren Pauli, 12 Feb 2016

Firemen free chap's todger from four-ring chokehold

Firemen from the Spanish town of Dénia, in Alicante, enjoyed an entertaining shout last week when they were called to remove four steel rings from the base of an unfortunate chap's todger. An unnamed 40-year-old foreigner rolled up at the local hospital in the early hours of Friday morning, unable to extract his member from …
Lester Haines, 10 Feb 2016

Moscow raids could signal end of global Dyre bank trojan menace

One of the worst examples of financial malware appears to have fallen silent after operators were reportedly arrested in Moscow after a rare raid by the Federal Security Service of the Russian Federation (FSB). Reuters reports Russian police raided Moscow film studio 25th Floor and a neighbouring office in November. Western …
Darren Pauli, 10 Feb 2016
Virgin Media content searching on TiVo

Virgin Media spoof email mystery: Customers take to Facebook

Customers of Virgin Media who are increasingly convinced their service provider has been victim of a security breach have formed a Facebook group to share their experiences and push for answers. Virgin Media is firmly denying any breach of its systems but users are equally adamant that the cause of a widespread and ongoing …
John Leyden, 09 Feb 2016
Crashed plane, photo via Shutterstock

Let's play immutable infrastructure! A game where 'crash and burn' works both ways

If you’ve ever had the misfortune to work as a systems administrator (and it doesn’t matter if it’s a Windows or Linux shop) you’ll know the feeling of logging on on Monday morning, checking a few log files and noticing something’s not quite right. It might be file systems filling up, a spam attack has filled the log …
Andrew Cobley, 08 Feb 2016
Headshot of Trojan horse

Mystery hacker hijacks Dridex Trojan botnet... to serve antivirus installer

Part of the distribution channel of the Dridex banking Trojan botnet may have been hacked, with malicious links replaced by installers for Avira Antivirus. Avira reckons the pwnage is down to the work of an unknown white hat hacker. The Dridex botnet has remains a menace even after a high profile takedown operation in late …
John Leyden, 04 Feb 2016
Super-villain Dr Evil puts finger to lip in scheming manner, asks for one million dollars. Pic: New Line Cinema

Lincolnshire council IT ransomware flingers asked for ... £350

Lincolnshire County Council's IT is back up and running after the council shut everything down last week following a ransomware attack in which the attackers turned out to have asked for a mere £350. Despite the BBC reporting that the council had been hit by a £1m ransom, a spokesperson told The Register that it had only been …
An angry mob

Devs complain GitHub's become slow to fix bugs, is easily gamed

More than 1,100 maintainers of GitHub projects have put their names to an open letter expressing frustration that the famous software hub is ignoring them. Their letter, here, centres on what they say is inadequate support. “We’ve gone through the only support channel that you have given us either to receive an empty response …
steam_dota_character_648

Video game retailer GAME in email marketing FAIL

Hundreds of UK video game fans became unwitting recipients of each others’ email addresses this week following a messaging cock-up at online retailer GAME.co.uk. El Reg learned of the snafu through reader David, who seems to have been something of a patient zero in the minor privacy flap. Human error meant that “To:” field …
John Leyden, 14 Jan 2016

Exploit kits throw Flash bash party, invite Crypt0l0cker, spam bots

Criminals behind some of the most potent exploit kits, Neutrino and RIG, are ramping up attacks slinging the latest ransomware and hosing users who have not applied recent Adobe Flash patches. The patched vulnerabilities permit code execution and allow the dangerous hacking kits to compromise user machines. The two above- …
Darren Pauli, 11 Jan 2016
"REEM" robot carries cardboard box. Pic by Pal Robotics SL  Licensed under CC BY-SA 3.0 via Commons

How to feed and raise a Wikipedia robo-editor

Wikipedia is to put artificial intelligence to the enormous task of keeping the free, editable online encyclopaedia up-to-date, spam-free and legal. The Objective Revision Evaluation Service uses text-processing AI algorithms to scan recent edits for signs that they may be spam, an effort at trolling, part of a revert war ( …
Value pack of two tins of Spam

Hapless Virgin Media customers face ongoing email block woes

Virgin Media has admitted its new spam filters are continuing to block the legitimate emails of various people and companies, and says it is working with individual businesses to unblock their comms. The problem appears to be centred upon customers who hold legacy email accounts that moved over to Virgin. The Register first …
Kat Hall, 16 Dec 2015
Royal Marine snipers practicing with AI .338 rifles

Are second-hand MoD IPv4 addresses being used in invoice scams?

Crooks appear to be taking advantage of the recent sale of the UK Ministry of Defence’s IPv4 address space to run more convincing scams. They have purportedly bought blocks of IP addresses with previously pristine records to distribute scams. This malfeasance was enabled, in part, because the relevant Whois database entries …
John Leyden, 14 Dec 2015

Pirate Bay domain suspended thanks to controversial verification system

The Pirate Bay's .org addresses have been suspended as part of a controversial verification process run by domain name overseer ICANN. Visitors to "thepiratebay.org" are greeted with the message: "This domain name has been suspended. This domain name is pending ICANN verification and has been suspended. If you are the owner of …
Kieren McCarthy, 07 Dec 2015

White hats, FBI and cops team up for Dorkbot botnet takedown

Operations of the Dorkbot botnet have been disrupted following an operation that brought together law enforcement agencies led by the FBI, Interpol and Europol, and various infosec firms. The Dorkbot infrastructure, including command and control servers in Asia, Europe, and North America, has been knocked sideways and domains …
John Leyden, 04 Dec 2015
Baseball Stars Professional in-game action

14 strikes and you’re out. Or not. Emails reveal how Cox lost Safe Harbor

Analysis We now know why US cable ISP Cox Communications lost the "safe harbor" DMCA liability protection afforded to those who disconnect high volume P2P file sharers. It appears to be down to its failure to take infringement notices sufficiently seriously, a US court has ruled. Last week in an East Virginia court, a judge stripped …
Andrew Orlowski, 03 Dec 2015
Cat 5 cable

Conficker, back from the undead, dominates malware threat landscape

Conficker was the most common malware used to attack UK and international organisations in October, accounting for 20 per cent of all attacks globally, according to security vendor Check Point. When it first appeared in November 2008, the Windows-affecting Conficker worm caused all manner of problems mainly because of its …
John Leyden, 01 Dec 2015

Nuclear exploit kit seen chucking CryptoWall 4.0 at late patchers

The Nuclear exploit kit has been spotted throwing ransomware CryptoWall 4.0 at innocent netizens' machines, according to a security researcher Brad Duncan, who stated it is the first time he's noticed that particular nasty being distributed by an exploit kit. While not as vicious a beast as Angler, the Nuclear kit remains …