Earlier this week, Czech security experts led by Jan Vykopal, head of the security project of Masaryk University released a report describing “Chuck Norris”,  a BoTnet they discovered running on compromised broadband routers that attempts to intercept sensitive information such as user passwords, bank account details and private email account information.

Once installed, the bot blocks remote communication ports and begins to scan the network for other vulnerable machines. Controlled via IRC, the worm itself can be terminated by restarting the router as it is installed in RAM. However, variations may exist that install itself into NVRAM that may not be so easily removed.

While the Czech experts identified the BoTnet’s footprint only to have extend across Europe, China & South America, North America may not be far behind. Earlier last year, DroneBL – an organization that monitors abuse of infected machines identified a potential PoC (proof of concept) BoTnet called Psyb0t that was soon shut down.

According to this white paper on Psybot, ADSL modem/routers based on the Texas Instruments TNETD7300, similar to the NB5 modem/router manufactured by NetComm were exploitable using their web interfaces that were exposed on the WAN side.

DroneBL team summarized the Psybot characteristics as:

• was the first botnet worm to target routers and DSL modems
• contained shellcode for many mipsel devices
• was not targeting PCs or servers
• used multiple strategies for exploitation, including bruteforce username and password combinations
• harvested usernames and passwords through deep packet inspection
• could scan for exploitable phpMyAdmin and MySQL servers

The DroneBL blog on this botnet estimated about 100,000 Mipsel – a port of Debian Linux for MIPS processors – devices as infected. While the BoTnet is no longer supposed to be active, the short time it took to spread to 100,000 devices is certainly cause for alarm.

The average gateway device used by small-businesses and/or individual users does not enjoy the typical protection the user’s computers may have on the internal network such as virus and malware scanners or periodic software updates. This makes it all the more appealing to potential attackers. In addition, as any external traffic gets routed through the device, it’s the ideal location to intercept sensitive information to/from all network resources.

Guidelines to protect your Gateways & Routers

To reduce potential risk of compromise to your network, ensure the gateway devices at least have;

1. No administrative interfaces (Web, Shell) exposed to the WAN side
2. Strong password policies
   • Use alphanumerically complex passwords
   • Change passwords regularly
   • Do not reuse passwords
3. Changed default user/admin names (Such as ‘admin’)
4. Latest firmware/patches applied
5. Logging enabled and monitored routinely.

Flexispy Ltd – A Seychelles based company, just launched an iPhone version of their flagship product intended to facilitate spying on unsuspecting mobile users.

The company claims its iPhone version of the software supports

• SMS Logging to intercept all incoming and outgoing SMS messages.
• Reviewing Call History & Sent Emails
• GPS Location monitoring
  
• Remote Control using SMS commands
• Monitoring via secretly calling the iPhone and listening in using the iPhone’s Microphone
• Remotely uninstalling the software
• … and more

The company sells five flavors of its software varying in features and prices that start from USD 39.00.

Luckily, the product only works on Jail-Broken iPhones for now. Physical access to install the spying software is also needed. However, once installed FlexiSpy can hide all signs of the phone being jail-broken.  The best defense against FlexiSpy at this time seems to be physical security controls.

This week, we have been looking at the open source job board application – jobberbase. Originally derived from the successful Romanian IT job board jobber.ro, the current version (ver 1.6) of this job board package is very flexible and leverages smarty templates for customization. Head over to www.jobberbase.org for a standard jobberbase installation example.

Jobberbase’s main features are:

• Allows job posts with a simple one time e-mail verification
• Allows applying to jobs without requiring an account
• Browse / Search based on type (Full-time / part-time), category (E.g: Programmer) and locations of jobs
• RSS feeds of latest jobs
• Counter indicating # of applicants for each posted job
• Clean and crisp UI
• Admin control panel for maintaining jobs & stats
  Continue reading "Jobberbase – the open source job board reviewed" →

Success in Internet Marketing:

Internet Marketing is probably the most effective and easiest way to make your product a great success ,globally. However a number of companies have not realized the potential of Internet Marketing and are yet to tap the potential of  the Internet to market their products and services. Success in Internet Marketing is relatively easy to achieve when compared to other modes of advertising, provided this is done in a systematic manner and implemented in a planned and phased manner.

With the number of tools available on the net, it is possible today to test and measure the effectiveness and hence the success or failure of your internet marketing campaigns and fine tune the campaigns to greater success and attain a greater ROI. (Return on Investment).

The following are the essential ingredients for one to succeed on the Internet.

1. A Good Product /Service
2. A Search Engine Friendly Website that describes your product/services professionally
3. An Effective Online Marketing Campaign
4. An Efficient testing and tracking mechanism  by which you can test and track the effectiveness of your campaigns.

Each of the above four disciplines is a huge subject in itself and I plan to talk about each one of then separately in my next few posts.

Half my advertising budget is wasted. Trouble is, I don’t know which half.

said American retailer John Wannamaker. With the availability of a number of tools that help you to measure the test the effectiveness of your Internet marketing campaigns, it can be safely said the battle in half won.