ESET Threat Blog

Cyber Monday is the Monday that follows Thanksgiving in the USA. This is said to be the busiest online shopping day of the year. Does that mean that there is more risk of cybercrime? The answer is yes and no. There is more risk simply because more people are shopping online so malicious web pages, fake holiday specials, and other attractions are bound to get more traffic.

 In reviewing our threat statistics for the past couple of years what we discovered was that we do not see an increase in the number of threats, so as an individual your risk is pretty close to the same as any other time of year, but that means there is some risk and there are steps you can take to minimize your chances of becoming a victim of cybercrime. Here are a few tips to consider.

1)    Beware of the unsolicited emails for promotions that seem too good to be true. Things like “We’ll give you a free copy of Windows 7 for filling out this survey”, or “Get $100 for filling out this survey”. Often times these are ploys to get your credit card information and other personal information. It may be for the purpose of sending you spam or it may be for financial or identity theft.

2)    Watch out for anything related to banks, PayPal, and other online financial providers. NEVER click on a link in an email having to do with financial institutions. For some really simple tips on protecting yourself from phishing see my “Antiphishing Made Easy” tip on the San Diego Chamber of Commerce web site at http://www.sdchamber-members.org/TechTip.htm.

3)    Shop at reputable websites. Do not believe things like a BBB logo, check with the Better Business Bureau to see that they say the company is a member. It’s best if you know somebody who has done business with the company before. Crooks will post fake positive reviews of their web sites

4)    When you go to enter payment information, make sure the address in the browser starts with https, and not just http. Https encrypts the information, such as your credit card number. It isn’t enough to see the https, the bad guys can use that too, but you want to use a reputable site and verify they are encrypting your data.

5)    You might want to consider getting a credit card with a low spending limit and using that exclusively when you shop online… especially if you can’t resist that offer that is too good to be true!

6)    Do not click on the links in emails. If you want to shop at Fry’s online, type in www.frys.com and find the item you are looking for.

Following these tips will greatly improve your odds of safely shopping on line on Cyber Monday and every other day of the year.
 
If you believe that you have become a victim of a phishing attack, contact your bank immediately.

Randy Abrams
Director of Technical Education

Recently I blogged (Once Upon A Cybercrime…) about a survey ESET commissioned which indicated that Mac users are victims of cybercrime as often as PC users. This finding was not the main point of the survey, but was an interesting finding. The survey is titled “Securing Our e-City National Cybercrime Survey” and was commissioned to gather more information about how we can better target education as part of our Securing our e-City project. You can learn more about Securing Our e-City at http://securingourecity.org/

I want to share with you some additional findings of the study over the coming days and weeks. Extrapolating the losses of those surveyed it appears that cybercrime has cost Americans 11 billion dollars.

First I’ll give you a breakdown of the educational levels of our survey participants.

5% had less than a high school education. 25% had a high school education. 29% had some college. 27% had a college degree. 14% had advanced degrees.

Now let’s look at the victimization rates.

2% of those with less than a high school education had been victims
2% of those with a high school education had been victims
9% of those with some college education reported being victims
7% of those with a college degree reported being victims
18% of those with advanced degrees reported being victims

Given this data, the logical conclusion is that the number one way to avoid cybercrime is to avoid college!

But seriously, I don’t really think it is education that makes one stupid, or makes them a victim. A more likely explanation is that those with higher earnings make more attractive targets. It is also quite possible that those with higher education feel they are smart enough to avoid being tricked. A PhD in psychology does not translate to internet security knowledge. A degree in dentistry does not afford a higher level of computer security knowledge. Even people with computer science degrees often fail to learn enough about computer and Internet security.

I am a firm supporter of education, but when it comes to computers there is specific education required if you wish to avoid becoming a victim of cybercrime. Knowing tips and techniques, such as I describe at  AntiPhishing Made Easy  can make a big difference. Education won’t always protect you. When a TJ Maxx or Heartland compromises your credit card information, your computer savvy isn’t going to help. When you receive and email claiming that information is needed to secure your web mail account, then security knowledge is quite useful. When something tells you that you need a codec to view a movie, just a little bit of security knowledge protects you. When you see something that says you need a new flash player, knowing to go to Adobe for the update and not accepting it anywhere else on the web is what is going to prevent you from infecting your computer.

Yeah, you might have a lot of college education, but if you do, you probably have more money and are a much more attractive target to the cyber criminal. If you have more to lose then you have more to gain by becoming a savvy computer user.

Randy Abrams
Director of Technical Education
 

Recently ESET commissioned Competitive Edge Research and Communications, Inc. to conduct a study about attitudes, beliefs, and experiences of Americans with respect to cybercrime. There were some interesting results.

One of the findings is that most American’s are not aware that cybercrime is linked to organized crime. Viruses and Trojans are no longer the purview of pimple-faced punks who never see the sun. Malware has become a tool of the organized crime, but only about one out of 5 Americans realize it is not the lone wolf who is biting them.

Not at all surprising is the fact that both PC and Mac users perceive the Mac as being safer, but the statistics show that Mac users are victims of cybercrime just as frequently as PC users. The most probable explanation for this would be confusing viruses as being cybercrime. 57% of Mac users feel it is safe to use their computers without antivirus software where only 27% of PC users feel it is safe to do so. Much of the losses associated with cybercrime are related to phishing attacks. Phishing attacks are just as effective on Macs, Linux, Windows, Solaris, and any operating system since they rely on tricking the user and not upon malicious software or any software vulnerabilities. The Mac offers no immunity to phishing attacks and so we see a virtually equal percentage of victim representation across the board.

A significant part of the phishing problem is ignorance. The survey found that less than 50% of Americans even know what phishing is. It is difficult to defend against something one is not aware of.

An interesting finding was that it appears that when a Mac user is a victim of phishing they tend to lose more money on average than a PC user. I’m not ready to proclaim this as fact since we can’t explain the finding, but that was the undeniable trend found by this specific study.

With respect to online banking, 84% of the general public feels it is at least somewhat safe to bank online. When you look at the reasons given for not banking online then you see that well of over half of those people who shun online banking do so because of security concerns.

Of note, we did find a lower rate of cybercrime victims among people who use both a Mac and a PC. This is probably due to a higher level of computer and internet knowledge. Being educated to the threats and defenses is a quite effective in decreasing the odds of a user becoming a victim of cybercrime.

Randy Abrams
Director of Technical Education

I recently learned a new acronym: SODDI (Some Other Dude Did It). What this refers to is the defense that criminals routinely use (plausible deniability) – and even more so when it comes to illicit activities on the Internet.

On Sunday, November 8th 2009 the Associated Press published an article regarding an individual that was accused of possessing child pornography. After 11 months, and at a personal expense of $250,000, computer forensics proved that the computer had become infected with malware that was designed to download illegal content. Malicious software was the culprit at work behind the scenes.

This activity is a topic that had been discussed for quite a few years as a potential liability for any computer that has been infected. Software that is designed to conduct remote operations can surreptitiously download any kind of digital material to a person’s machine or establish connections (or probe/attack) any target. This would cause the owner of the infected computer to appear to have broken one, or more, of many laws including illegally accessing a network, theft of intellectual property (IP) and child pornography – to name a few. Basically, any action that an attacker or criminal can directly perform on the Internet, can also be duplicated and executed from a victim’s computer. The end result is truly horrific for the victims who have to defend themselves when the trail leads to them – and seemingly stops at their computers.

There are numerous examples of this occurring. For instance, substitute school teacher Julie Amero’s life was undeniably, and tragically, altered after the school computer she was using in a 7th grade classroom started displaying pornographic images to her students. After significant expense, loss of a teaching career and other losses she was finally convicted of a lesser charge (in 2008) and a reduced fine.

Cases like these are where several (of many) cybercrime issues converge:

• Laws: many legal systems still struggle to catch up with cybercrimes
• Plausible deniability: the challenge of proving that a person is the one that used their computer to commit an act (usually a criminal act)
• Attribution: lack of attribution across the Internet impairs the ability to accurately, and with a high degree of confidence, trace internet connections/packets back to their source(s)

When two or more of these elements are combined, the end result is typically a confusing, and potentially indefensible, gathering of forensic data that can both let a criminal “walk” or cause an innocent person to be charged, tried and sentenced.

In any war there is a term known as “collateral damage”. In the war against cybercriminals, the collateral damage is clear and unmistakable. As a society, when we  gain more overall forensic analysis experience and systems are capable of providing more accurate attributable information, we should see a diminishing number of cases of innocent victims and more/stiffer convictions for the bad guys.
   
Jeff Debrosse
Senior Research Director

As usual, ESET has released its monthly Global Threat Trends Report, which will be available in due course at http://www.eset.com/threat-center/index.php.

There are no surprises in the top five malicious programs, which have the same rankings as in the September report. Clearly, not enough people are taking our accumulated advice on reducing the risk from Conficker, INF/Autorun and so on.

Something I didn't anticipate though is the dramatic upsurge in Win32/Flystudio detections. This class of threat has been around for a while. It did feature strongly in our July report, when it came in from nowhere to number 5, and then hovered around the lower reaches for a while. Well, this month it shot back from 46 to 6. Here's the description from the latest report.

6. Win32/FlyStudio
Previous Ranking: 46

The Win32/FlyStudio threat is designed to modify information inside the victim's Internet browser. This threat will modify search queries, with the intention of delivering advertisements to the user. Win32/FlyStudio seems to be targeting users located in China.

What does this mean for the End User?

FlyStudio is a popular scripting language, much used as a development tool in China. However, the malicious code is being reported in other regions too, including North America. This may mean that it has been deployed by other malware.

Win32/TrojanDownloader.Swizzor, however, has dropped out of the top ten.

Other items discussed include:

• The AMTSO workshop in Prague, which inspired lively debate about when, if ever, it's acceptable to create samples for testing, and the thorny issue of AMTSO compliance – what is it, and who can legimately claim it?
• An interesting exercise conducted by Christopher and Samir at the First International Workshop on Aggressive Alternative Computing and Security, in which they installed a number of scanners (including NOD32) then logged in as administrator and tried to disable them. We're pleased to note that our product was one of those fairly resistant to such tampering, but we're not convinced that this is a very useful way to test the efficacy of a product. I'll return to that shortly in a separate blog.
• The Halloween Search Engine Optimization (SEO) poisoning issue already blogged here.

Perhaps the most interesting, though, is the first sight of some statistics garnered from a cybercrime survey conducted by Competitive Edge Research and Communication Inc. on behalf of the Security Our eCity initiative, which ESET sponsors. We'll be talking more here about some of the data points from that report in the near future, but an issue that the October report focused on was the find that 63% of adults seem to think cyber criminals are mostly individual computer hackers, whereas only 21% regard organized crime as primarily responsible for cybercrime.

As the report suggests, In the last quarter of 2009, that’s a pretty frightening statistic. It may not matter to the individual computer user who is responsible for specific threats, as long as he takes the right countermeasures. But if people don't understand the nature of the threat properly (and the security industry is apparently failing to convey that information), it seems likely that they don’t understand what constitutes an appropriate countermeasure, either.

Someone asked me today to hazard a guess at the ratio of individuals to organized crime in the current threatscape. I don't really have information that specific, and automatically mistrust it when other companies offer it, unless I know it comes from someone who spends a lot of time interacting with people I wouldn't want to meet in a dark alley.

It depends on your definition of organized crime, I guess. There are plenty of horror stories about various flavours of mafia, but there are certainly also one-man-band criminals out there, not to mention the amateurs still  throwing out Proof of Concept malware and probing systems for the hell of it, or the kudos of discovering a poorly protected site.

However, most attacks are profit-driven, and most profit-driven attacks appear to be made by gangs.  On the other hand, a lot of what crosses my radar is freelancers offering specific services to anyone who’ll pay for banking Trojans, or 0-day exploits, or credit cards, or whatever. So the market is certainly “organized” but some of the players aren’t necessarily aligned with one group in particular: Having said that, though, if their services are “good” enough, I’d assume that they’ll catch the attention of the major gangs. 

David Harley BA CISSP FBCS CITP
Director of Malware Intelligence

ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter: http://twitter.com/esetresearch
ESET White Papers Page: http://www.eset.com/download/whitepapers.php

Securing Our eCity community initiative: http://www.securingourecity.org/

For many years banks and credit card vendors have accepted that there will be some amount of fraud and built those costs in to the operational model. The thinking goes that if the loss is small enough then it isn’t worth pursuing so they simply pass the cost on to the public through fee structures, such as return check fees, ATM fees, and differentials in the rate that they borrow money at and the rate they loan money at.

Perhaps this was a viable model before the internet gained popularity, but today it accounts for significant losses, perhaps in the billions of dollars if the polls are to be believed.

The lack of an aggressive stance against phishing means that banks are clearly not the enemy of the cyber criminal and facilitate their nefarious deeds.

The fact is that many financial institutions actively teach their customers to become victims through insanely ignorant worst practices. American Express sends a monthly statement with a link to your account. Financial institutions should not be sending links to pages that require a login… this is what phishers do and reinforces unsafe cyber habits.

My own credit union, First Technology Credit Union accepts complaints/feedback on line, but when they reply they send a link that the customer must use to provide more information or comments, etc. Granted this link does not ask for log on information, but it is also teaches customer to follow the same practices that lead to successful phishing attacks.

The Industrial Credit Union (http:icu.org) recommends “If you receive an email from the IRS requesting information, we recommend you simply delete or ignore it.” but the IRS wants you to report the emails. http://www.irs.gov/privacy/article/0,,id=179820,00.html?portlet=1. The Marine Federal Credit Union offers similar advice to that misguidedly given by the Industrial Credit Union

Recently the FDIC recommended that Banks step up efforts to spot money mule related activity http://www.wired.com/threatlevel/2009/10/money_mules/. A money mule is a person who is recruited to illegally transfer stolen money from the victim’s account to the criminal’s account. Many, perhaps even most, money mules do not know they are participating in an illegal activity until they also become a victim.

That the FDIC has to recommend this course of action shows how completely out of touch the financial services industry is with their responsibility to assist in online security.

Currently the banking and credit card industry are the educational and operations arms of cyber crime. It is long past time for banks, credit card companies, and credit unions to stop sending links in email and to step up to the plate when it come to fighting cyber crime. Until the financial institutions stop teaching people to be phishing victims and start playing a proactive role in fighting cybercrime, they are finding cyber crime through apathetic and ignorant complicity, much as a misguided money mule does.

Randy Abrams
Director of Technical Education

I was quoted last month in an article at PC Retail (http://www.pcr-online.biz/features/305/The-truth-about-cyber-crime), which is nice. However, I just came across the notes I made at the time of the original enquiry/interview, most of which wasn’t used, so here are my full responses to the questions Andrew Wooden asked, in case they’re of interest. (Actually, they’re slightly expanded and I’ve made a few corrections: I sent my original responses by Blackberry, as I was on vacation at the time, and there were some minor typos.)

1. Where are the majority of threats coming from, geographically?

Location is often hard to determine. Brazil and eastern Europe  seem to be particularly associated with ID theft and phishing (and mule recruitment for moneylaundering). The Far East too, but China also seems to be cited as a hotbed of industrial and military espionage, though the amount of military involvement is moot. West Africa remains well-represented on advance fee fraud (419s, certain kinds of job scams, lottery scams). Stock fraud and some forms of spam are commonly perceived as originating in the US. But any state with reasonable connectivity can originate or relay threats. A lot of the actual code seems to comes out of S. Asia.

2.  Is it becoming more organised? 

Cybercrime is already very organized on business models analogous to legit models. There are still amateurs and lone operators but they’re more profit-driven now and often offer freelance services on the same lines as the more "professional" cybercriminals.

3. Many have described an ‘underground economy’ creating the bulk of the malware around the world. Could you describe the tiers of this and how they interact with each other, from programmer, to commissioner, to end benefactor?

There’s a lot of specialization: coders, kit providers, moneylaunderers, botherders, cardfraud specialists. Much of it is negotiation between freelancers but cooperation often mirrors (roughly) free economy models. In general the top tier "service provider" either rents access to a botnet to a "customer" or manages attack services for them in return for fee.

4. The people designing these malicious programs must have an extraordinary amount of technical knowledge. Presumably they have also been educated to a high standard. Why don’t these people end up in legitimate programming careers rather than digital crime? Are the creators getting that much money?

A lot of code is actually workmanlike rather than sophisticated but that’s often enough. Most of the R&D goes on detection evasion. That and the problem of sheer sample glut are enough to keep a gang under the radar much of the time. Some social engineering attacks are creative, but many are actually very stereotypical. Much of the problem is a failure in educating victims, not technical brilliance on the part of criminals.

As for motivation, education hasn’t eradicated sociopathy in Western culture and some other cultures and economies almost enforce what we see as criminal behaviour. On the other hand, even in the West many people find it hard to extrapolate ethical norms to an online context.

Yes, a lot of money is being made, but most people are getting a thin slice of the salami. In many cases they don’t discriminate between ‘good’ and ‘bad’ behaviour even if they realize that participating in click fraud or being a money mule hurts others because they can’t afford to… Sometimes or often there’s an element of duress.

Maybe I should expand on that in-joke about salami: salami-slicing is a name sometimes given to fraudulent activities where tiny sums are misappropriated from many people rather than large sums from a few people (or organizations). The term goes way-back, but the approach is often used by banking Trojans.

5. How much more sinister is malware getting?

Malware is sinister by definition but today’s threats tend to do more damage to the victim’s financial and general wellbeing. Older threats usually compromised (or, more rarely damaged) systems rather than people’s offline health and wealth. They probably hurt corporates more dramatically than individuals – not that it isn’t grim to have your hard-disk trashed, but there are collateral forms of damage such as loss of reputation and legal complications that were less likely to affect home users than corporate organizations.

There’s a trend these days to threats that also compromise national security: overstated right now maybe but definitely a trend upwards.

6. Is it being taken more seriously by police organisations? How differently is banking theft considered to a mugging?

Less a matter of perception than resources. Local law-enforcement tends to manage "traditional" crimes better than cyber-crime, and more centralized, specialized units are under-resourced for the size of the problem and concentrate on crimes entailing massive financial damage. Local forces tend to use different performance metrics.

As it happens, resourcing and expertise is an issue that’s been highlighted again this month by the Wall Street Journal: see Randy’s blog here.

7.  Do you think more needs to be done by organisations like Interpol?

Law enforcement agencies are limited in resources and expertise, as well as mandate. More attention from LEAs (Law Enforcement Agencies) to one area impacts negatively on others. However, cooperation with other groups (vendors, security services, other researchers) fills some of those gaps.

8. There has been reports of governments coming under attack by malicious software. Is there a growing problem of cyber terrorism?

Many attacks that affect governments aren’t targeted. Spear phishing, where an individual -is- targeted, sometimes originates with the military or espionage services rather than terrorist groups, though sometimes the distinction is fuzzy. I’d say that out-and-out terrorism is more often associated with other kinds of disruptive attacks such as website defacement and denial of service, though any group might try to steal credentials with malware or by social engineering, in order to effect an attack. However, terrorism-related spear phishing and other cyber-attacks are likely to rise rather than diminish.

9. Some have speculated that rather than individuals, states could be at the heart of some malicious attacks recently. Is there any truth in this, and could a type of malicious programmes become part of a military’s arsenal in the future?

The military have been looking at cyberwarfare for many years. It’s not possible to say authoritatively how often it’s been used offensively. For instance, the "Iraqi Printer Virus" of the first Iraqi offensive is usually assumed to be a hoax, but I’ve been told by surprisingly authoritative sources that there is some truth in it. (But not how much!) 

Many of the attacks that are ascribed to states attacking other states are certainly actions by individuals or informal groups.

10. The years ago are very different to today. What type of threat can we expect to emerge in the future?

I’d expect more professionalization with regard to quasi-terrorism. More cybercriminals will masquerade as legit businesses, as happens now with fake security software. Attack technology tends to be somewhat cyclic, so we tend to see new twists on old scams. The most effective threat is still social engineering, and I don’t see that changing. Major shifts in the threatscape like the diminishing proportion of worms and viruses occur quite slowly, and old techniques are often revived.

David Harley BA CISSP FBCS CITP
Director of Malware Intelligence
ESET LLC

ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter: http://twitter.com/esetresearch
ESET White Papers Page: http://www.eset.com/download/whitepapers.php

Securing Our eCity community initiative: http://www.securingourecity.org/

The Wall Street Journal recently ran an interesting article at http://online.wsj.com/article/SB125487044221969127.html.

Of note, was a quote from Los Angeles District Attorney Steve Cooley who said “These days, "practically every crime, from drug dealing to murder, involves digital evidence" .From the invention of the knife, to the gun, to the telephone and car, criminals have always used the latest technologies to aid them in their crimes. Living in San Bernardino, California in the 1980’s I remember the police had a problem with criminals in Porches, etc. escaping because they could drive up into the mountains much faster than the patrol cars could go. The police got some hot new cruisers with beefy engines and evened the game.

The current situation is that criminals have been leveraging cyber space and law enforcement has not been able to apply the right tools quickly enough. As we can see from this report, it isn’t a matter that is can’t be done, but the resources have not been allocated.

Increased expertise and resources in the digital crimes area will result in more convictions for crimes such as identity theft, but it will be quite a while before this is a significant deterrent, especially since so many of these crimes are committed across international boundaries.

Just as law enforcement needs to improve their cyber capabilities, users need to become more aware of their cyber surroundings, the tricks used by the criminals, and the tools they can use to help protect themselves. The arrest of a person who steals your identity does not help you recover from the hassle of the experience. Prevention is far better than clean up.

October is National Cyber Security Awareness month and the great folks at www.staysafeonline.org have a list of events for the month of October at http://www.staysafeonline.org/content/events. You can also check www.securingourecity.org for cyber security information. Take the CyberCrime Pre-assessment quiz at http://securingourecity.org/resources.php and see how you fare.

Law enforcement is making gains in the cyber capabilities, but for the foreseeable future your cyber security is going to be more dependent upon your actions than anything else.

Randy Abrams
Director of Technical Education

"Now may I suggest some of the things we must do if we are to make the American dream a reality. First, I think all of us must develop a world perspective if we are to survive. The American dream will not become a reality devoid of the larger dream of brotherhood and peace and goodwill. The world in which we live is a world of geographical oneness…" - Dr. Martin Luther King, from a speech delivered at Lincoln University, Pennsylvania, June 6, 1961

If Dr. King had still been alive today to see the wonders of the global connectivity of the Internet, he would probably consider the quoted portion of his speech as a "statement before its time."

Today the current global Internet penetration rate stands at approximately 24%. With a global population of 6.7 billion, that equates to roughly 1.6 billion users on the Internet across the globe. At the current penetration rate, cybercrime has become pervasive, pandemic and increasingly connected with other parts of the criminal ecosystem. It ranges from the theft of an individual’s identity to the complete disruption of a country’s Internet connectivity due to a massive distributed attack against its networking and computing resources.

With the remaining 5 billion users to connect to the Internet, there are significant challenges – one of which is cybercrime (via its many methods). There are technological preventative measures that help mitigate cybercrime attacks, but technology alone is not the answer.

The next one billion users on the Internet will not come from developed countries, but rather mostly from developing countries. Awareness, even simple levels of awareness, of various types of risks and cybercrime attacks can yield positive results. This is primarily due to the fact that the weakest link in the “security chain” is, correctly, always quoted as being the end user. The additional one billion users on the Internet will be considered “fresh targets” by the cybercriminals.

The target of cybercrime centers on information – the data that is electronically stored for retrieval and subsequent use. For instance, even with varying levels of per-capita income, the amount of money that stands to be lost to a cybercrime called “phishing” (one of the most common online attacks where a person is socially engineered to provide personally identifiable information by someone posing to be a trusted source) has the potential to be quite significant due to the sheer number of users at risk (unaware).

A real-world example of the scope of the threat: cybercrimes, like phishing and data breaches, are a scalable threat to the United States. These threats are so severe they are detailed as national security threats in the 2009 Annual Threat Assessment Intelligence Briefing to the Senate Intelligence Committee. This representes the scope of one cybercrime problem in a single country, whose users have had several years of exposure to the Internet. New Internet users will face the same difficulties – but from cybercriminals that have had also years of experience and that have optimized their attack and evasion techniques. 

Infrastructure build-out, deployment and subsequent end-user connectivity should be coupled with effective cybersecurity awareness training – in addition to application usage training. It is the ignorance of on-line risks that poses the greatest threat to the new generation of global Internet citizens. Coordinated global efforts in effective awareness training will transform these new Internet citizens from potential victims to increasingly aware, and less vulnerable, people as a whole.

Jeff Debrosse
Senior Research Director

Securing Our eCity community initiative: http://www.securingourecity.org/

Bonjour mes amis!

Well, I am in Switzerland, and very close to the French border, for the Virus Bulletin conference – perhaps the most eagerly anticipated event in the anti-malware researcher’s calendar. How sad is that?

I also thought you might like to further extend your French skills on an article here, about a presentation Pierre-Marc made at our offices in Bratislava: http://www.globalsecuritymag.fr/Voyage-au-coeur-du-Cyber-crime,20090918,12795.html.

I think that means "A voyage to the heart of cyber-crime", but my French is about forty years rusty. If you’re here (or will be when the conference proper starts tomorrow), come and say hello!

David Harley BA CISSP FBCS CITP
Director of Malware Intelligence

ESET Threatblog (TinyURL with preview enabled): http://preview.tinyurl.com/esetblog
ESET Threatblog notifications on Twitter: http://twitter.com/esetresearch
ESET White Papers Page: http://www.eset.com/download/whitepapers.php

Securing Our eCity community initiative: http://www.securingourecity.org/