Microsoft seems to be rushing to address a discovered bug within their Internet Explorer web browser that was discovered by security researchers back in 2007. Hackers are using this bug to attack Internet Explorer users but was something that was uncovered some time ago which could have been addressed back then. Microsoft credited two researchers for reporting the bug, Alex Wheeler and Ryan Smith.

Both Wheeler and Smith worked at IBM’s ISS X-Force together at one point and time while Wheeler moved on to 3Com’s TippingPoint DVLabs. Smith was confirmed by Wheeler as to having uncovered the vulnerability in IE. Both have not confirmed any details on when the bug was actually reported to Microsoft.

Could it be a case where the issue was ignored by Microsoft?

For the actual reporting date of this vulnerability in Internet Explorer, the CVE (Common Vulnerabilities and Exposures) number was CVE-2008-0015 which may point to a 2008 date.

Regardless of when the bug was actually first reported, the vulnerability remains to be very serious. It allows hackers to easily and consistently exploit their system via Internet Explorer 6 and 7 on computers running Windows XP.

Some computer experts have taken apron themselves to resolve the situation by recommending that users simply switch browsers.

Do you have any fears in using Internet Explorer and whether it is the “safer choice” for a web browser? Which web browser do you use?

Once again, Twitter users are being tricked into providing their username and password details to a website that originally spammed the users for this information. The offending website is called TwitterCut, which sends out a message that appears to be from a Twitter users friend or follower. The TwitterCut site, at one time, closely resembled the real Twitter.com website allowing users to enter login credentials.

If a user visits this site, via a bogus message, and enters their Twitter account login details, they could be compromised. Sounds like fun getting your Twitter login stolen? Not much fun when the hackers user that information to get a bunch of followers with the intent to spam them. That does not sound very nice does it?

The way that TwitterCut sends messages to followers does not count as spam. It sends them as a “friend” of another user. Also, TwitterCut acts similar to that of a computer Worm infection. Because this tactic acts like a phishing issue, it can be considered to have worm-like characteristics by automating a so-called spamming campaign.

For now Twitter is pushing through a password reset on accounts that they believe have been compromised by the scam. Users are asked to use their best judgment when considering releasing their username and/or password.

A new threat of Conficker Worm has surfaced and many researchers are scrambling to not only prepare for it but remove it. Of course you could run into spending a lot of money by purchasing all types of antivirus programs that promise to be able to remove the latest worm and virus threats but that is not feasible in this current state of the economy.

Some companies such as Panda Security and Symantec have developed free Conficker/Downadup removal tools. Many security firms and researchers are steadily warning the public about the expected dangers and resurfacing of Conficker. You do know that you can take action now to remove it before it starts causing issues? Yes, Conficker.C, the newest variant of Conficker worm may have already infected many computers around the world but it is hard coded to start connecting to it’s “controllers” the week of April 1st. Not until then will many researchers and security firms know what damages Conficker.C will cause.

Conficker Worm was known to have affected several millions of computers around the world and the latest Conficker.C could do the same. Some of the free removal tools offered by various security companies may offer a solution to you for removing Conficker before it has a chance to do any damage. Below is a list of a few free Conficker removal tools that we have found over the internet.

Panda Security’s Free Conficker Vaccine – It seems to cut off Conficker at the USB level preventing it from auto-executing USB files blocking the AutoRun function.

Microsoft’s Free Windows Malicious Software Removal Tool – On the website it specifies Win32/Conficker as a parasite that it is able to remove.

Enigma Software Group’s Free Conficker Removal Tool – Uses a multiple step process to block certain files in order to remove all variants of Conficker from your computer.

Symantec’s Free W32.Donadup Removal Tool – Specifies that it removes different versions of Conficker including the aliases W32.Downadup, W32.Downadup.B and W32.Downadup.C (Conficker.C). *Downadup is an alias for Conficker.

Note: We have provided information and links to several free Conficker removal tools. These links are provided for informational purposes only. Use at your own risk.

Some time ago the Koobface worm was known to be a serious parasite that may result in your system being compromised. Now a new Koobface strain surfaces back onto Facebook and MySpace that spreads through messages that appear to be sent from a friend on one of these popular social networks.

What does Koobface Worm do?

The newest Koobface worm variant is part of a phishing scam where an invitation from a user’s friend invites the recipient to click on a video link. The malicious actions happen when the recipient clicks on the link to the video and asked to install an Adobe Flash plug-in to view the video. If you are at-all familiar with fake Adobe Flash players then you know this is a well-known way for spreading malware onto computers. The fake plug-in will then install a Trojan that gives the user Koobface which in return gives the author or hacker control of the infected computer.

Koobface may result in illegal activity on your computer that you may be ultimately responsible for. Just as bad, Koobface may result in identity theft or theft of money from a banking account because the attacker is able to steal banking information from your system.

Not only is Koobface limited to spreading among Facebook and MySpace but new reports have confirmed that this dangerous worm is spreading through Friendster.com, myyearbook.com, bebo.com, lifejournal.com and hi5.com.

It is evident that Koobface is back with a serious vengeance and may be an even greater threat than any previous versions. Practicing use of caution when using any social network may help you avoid the Koobface worm infection. It is highly advisable that you never download a fake Adobe flash player from any site other than Adobe.com. Also, do not provide too much personal information on social sites which may give attackers a reason to send you a spam message containing the Koobface worm.

Have you ever opened a message on Facebook, MySpace or any other social network was suspicious? Did it contain a link to view a video? Did you get the Koobface Worm?

Reports have confirmed that right after the Gmail outage issue was resolved by Google Inc. a few days ago, users of the hosted e-mail service’s instant messaging tool were hit with a phishing attack.

Sophos’ Graham Cluley posted a blog post about the attack spreading through the Gmail’s Google Talk chat system. The phishing came about through an instant message sent to Gmail users asking them to “Check out this video” accompanied by a TinyURL link leading users to a phishing web site called ViddyHo. The ViddyHo phishing site was one designed to ask users for their Gmail usernames and passwords.

Cluley wrote on his blog post, “The hackers behind ViddyHo could use the credentials they have stolen via their site to break into accounts, grab identity information and impact your wallet.” Essentially when a hacker obtains your Gmail password he or she could access all of your email information including contents and any type of correspondence that could actually lead to identity theft. Since the attack the TinyURL has blacklisted the ViddyHo site so that it is no longer operational.

Security researchers including Graham Cluley have advised those who may have fallen for this scan to update their passwords immediately. A Google spokesman also noted that users should update their Gmail security questionnaire. These are good initial steps to take regardless if you fell for the phishing attack or not.

As of now Google is still working with its engineers to identify the cause of the outage. It is obvious that the outage disrupted many people through the working day and Google ultimately apologizes. As far as the phishing attack, it may have been an opportunity for the attackers that opened up and they just took advantage of the situation where they could phish customers right after an outage.

Attacks like these are on the increase and it may be very unfortunate that we expect to see more attacks like this in the future. Where you effected by the outage? Did you get a phishing message?

A vertical search engine that provides a service for people looking for business products and services called SourceTool.com, is operated by TradeComent.com. As reported by the NYTimes.com, TradeComent.com is accusing Google of raising their advertising rates considerably after Google found out that SourceTool.com was a potential competitor. If you ask me, that is just wrong and dirty for anyone to do such a thing.

TadeComet has also said that Google had settled on an anticompetitive agreement with Business.com which is a SourceTool competitor but was offered better advertising terms despite Business.com having a similar business model to that of SourceTool.

The history of TradeComet will reveal that Google welcomed SourceTool who purchased ads on Google with the intent of growing traffic. The traffic then reached around 650,000 visits a day and that is when on the following year Google increased the prices that SourceTool had to bid for its ads by upwards of 10,000 percent. That is completely outrageous considering if you raise the value of only $5 by 10,000 percent it would be $2500.

Stories like this have not received much attention in the past mainly because no one wants to battle with the “so-called” big dog, Google. Even in such drastic circumstances, Google does have a proprietary algorithm to assign a type of quality score to advertisers’ sites where a low scoring site may have to pay more for ads vs. a higher scoring site. Many have complained about this in the past especially when it meant for certain site owners to dish out extra money when their competitor got a “lucky break”.

SourceTool urged the Justice Department to block the advertising partnership proposal between Google and Yahoo last year. Shortly afterwards Google dumped the partnership after the Justice Department notified both Yahoo and Google that they planned to file a suit to stop the agreement. Sounds like the typical dog tucking it’s tail when he knows he has crossed the line and done something out-of-the ordinary.

Some others may be skeptical of this situation where other antitrust cases against Google have been dismissed. Maybe this will give the little guys out on the internet something to work with if they want to have any chance of standing up against Google. We might have a David and Goliath story in the making, what do you think?

Some people say that Firefox is the ironclad of web browsers when it comes to security. Maybe they are right after this recent Firefox update that addresses many security and stability issues. The newer Firefox version 3.0.6 fixes six bugs that were found within a previous version of the browser. One of the six was a JavaScript issue that affected the browser’s layout engine that was labeled as critical by the developers. This vulnerability that was discovered could allow an attacker to run unauthorized code on exploited systems.

This new update makes Firefox users feel all warm and fuzzy inside in knowing that Mozilla really cares. Kind of reminds you the many days that Microsoft patched Internet Explorer’s security issues over the years. With any new browser application update comes improvements not only with security but other faults such as display issues within Firefox.

With the competition and web browser war heating up it is no wonder that each web browser company is staying on top of their A game releasing new versions and updates as needed to address “issues”.

It is said that Internet Explorer now only has about 67.5 percent of global browser market share with Mozilla having a strong 21.5 percent share. Considering other browsers such as Google Chrome and Safari are still hanging in the game with very small percentages we will not be surprised to see several more enhancements brought to you through more updates and patches in the near future to both IE and Firefox. Either way, Firefox seems to be in-the-know of addressing security issues and capitalizing on gaining market share. Firefox does this at such a volatile time where a computer user could switch over to another browser faster than people currently losing their jobs in America.

If so, you may be in for a shocker. A Flaw discovered by security researchers exposes Chrome and Firefox to clickjacking. Clickjacking is a process where hackers trick web users into revealing confidential information through having them click on an innocuous web page button/link. Essentially clickjacking takes place when a form of embedded code of script is executed without knowledge to the user when a button or link is clicked on. This process may be used with a legitimate iframe laid over a page where the computer user thinks that they are clicking on one particular button but underneath is a hidden function that the user is not aware of.

Google is aware of this new vulnerability and have claimed to be working on a patch for effected Chrome versions 1.0.154.43 and earlier when running on a system with Windows XP SP2 installed according to Security researcher Aditya K Sood of SecNiche.

Sood discovered the flaw on January 27th which was only a couple days ago and has then since posted proof on the concept on a forum called the Bugtraq vulnerability disclosure forum. Sood said within this disclosure, “Attackers can trick users into performing actions which the users never intended to do and there is no way of tracing such actions later, as the user was genuinely authenticated on the other page.”

Researchers will agree that clickjacking in general does effect all web browsers. While there is no easy fix for this issue or discovered vulnerability Google is working with others to come up with a standardized long-term mitigation approach as explained by an Australian Google source.

Nishad Herath, chief executive of Australian security consultancy Novologica, said “Clickjacking means that any interaction you have with a website you’re on, for example like clicking on a link, may not do what you expect it to do.”

Let this be a caution notice to computer users when you may be clicking on a link or button and it does something totally different from what you expected it too. Use caution in any situation and it is best to keep your web browser up to date applying any and all security patches available.

Security researchers have found where Google Video Search Results were used to trick users into visiting malware sites that spread the W32/AutoTDSS.BNA!worm infection through adult web sites. This new campaign relays solely on Google Video traffic where they hope to get server inquiries for legitimate videos.

The bogus content is currently being crawled by Google where the search results are shown on Google video search queries which leads users to a malicious site to spread a worm infection. In this case the number of search queries has reached 400,000, which is the number of queries that have been hijacked to trick users into visiting the same adult website that serves malware. You can only imagine the number of computer users who may have landed on a certain malicious page through a Google Video search in hopes of viewing a particular video.

The scary part about this new malware campaign is that the cybercriminals have been syndicating legitimate YouTube video titles from all types of topics so the number of legitimate or non-adult video search queries is around the high number of 400,000. Researchers have identified that this number is increasing in real-time due to the fake content being crawled by Google Video.

The cybercriminals maintain a portfolio of 21 publisher domains that have bogus video content being crawled. Through some of those 21 publisher domains, if a user comes across content from them they are then taken to a redirection point found to be porncowboys .net/continue.php. Then it they may be taken to a well known adult site template at xfucked .org/video.php?genre=babes&id=7375 where you get the infamous “Flash Player versions is out of date” notification and this is where the malware can be ported directly onto your machine in the form FlashPlayer.v3.181.exe from trackgame .net/download/.

Google’s security team knows of this situation and they will be taking action to rectify the matter. Until that happens you are armed with this bit of information to avoid infection of the W32/AutoTDSS.BNA!worm Worm.

The Conficker or Downadup worm is basically a nasty virus infection that can easily spread from computer to computer through USB devices, mainly USB flash drives. USB flash drives or what some call, USB thumb drives, are very widely used devices. Usually USB flash drives are used without the danger of a virus being spread because it seems people have the conception that viruses are only spread online over the internet or through networks. Not so, Conficker has made a serious impact on spreading throughout the world through hundreds of thousands of USB flash drives.

How do you know if you have Conficker or Downadup Worm infection?

Many people have inquired to us as to how do they know they have Conficker worm or how do detect Conficker worm. It is not so much a matter of detecting the Conficker worm initially but looking out for the tell-tell signs of a virus infection in general.

Conficker worm may disable Windows cleanup and detection services. If you ever attempt to run disk cleanup and it does not operate correctly then this may be a sign of the Conficker infection. Conficker is also known to delete system restore points and block internet access to Microsoft.com and various other security service related web sites. Another sign that you may have Conficker worm is your network drives having a hidden autorun.inf files. Conficker will lock you out of network logins possibly displaying a message of too many failed attempts.

Many security firms are working on solutions to the Conficker worm for detecting and complete removal processes. For now you are able to remove Conficker worm manually if you are a technically inclined person and know your way around the Windows operating system.

Are you getting popups from Conficker Worm? Have you identified that you have Conficker Worm installed on your computer? Do you wish to remove Conficker Worm completely from your computer?

Why should you remove Conficker Worm?

If Conficker Worm resides on your computer, it can potentially damage your personal files or you may end up losing data stored on your system. Research has shown that Conficker Worm may have the ability to make your computer vulnerable to remote attacks which could result, initially, in loss of money, possibly identity theft, and, eventually, a painstaking Conficker Worm removal process.

How can you manually remove Conficker Worm

Manual removal of Conficker Worm may not be for everyone. Each manual Conficker Worm removal step must be followed delicately to completely remove all related files and registry entries from your computer. If you are unsure or have doubts about editing your system registry, then we recommend that you use the automatic Conficker Worm removal process.

Conficker Worm can be removed manually by following the steps below.

1. With all programs closed, click the Start Menu and go to the Control Panel.
2. Locate the Add/Remove Programs icon and double click it.
3. Locate Conficker Worm in the list of programs. If you find it, select it and remove it. If you cannot find Conficker Worm, you can continue to step 5.
4. Restart your computer.
5. Close all open programs and windows on your desktop.
6. Open your registry editor (regedit) program by going to Start Menu, type in regedit, and click OK.
7. Find all of the following registry entries and delete them. If you do not know how to do this, then you can read how to edit the registry in Windows.
   "TcpNumConnections" = dword:0×00FFFFFE

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{random}\"ImagePath" = %SystemRoot%\system32\svchost.exe -k netsvcs

   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{random}\Parameters\"ServiceDll" = "Path to worm"

8. You may need to return to this removal process for removing Conficker Worm. You can do this easily by bookmarking or adding a favorite to this page by clicking here. If you are using the FireFox web browser you can press the keys Ctrl and D simultaneously to bookmark this page.

   Image 1. Bookmark PCHubs removal process

   

9. Delete all of the following files that are associated with Conficker Worm from your computer.

   %All Users Application Data%\[Random].dll

   %Program Files%\Internet Explorer\[Random].dll

   %Program Files%\Movie Maker\[Random].dll

   %System%\[Random].dll

   %Temp%\[Random].dll

   If you need a better understanding on how to search for these files then you can read how to find and search for files and folders here.

   If you have issues deleting any of the previously listed files that are associated with Conficker Worm, you can try rebooting your computer into safe mode. Booting into safe mode may allow certain malicious files to be deleted. If you are wondering how to boot into safe mode, you can read our process for starting a computer in safe mode here.

   Image 2. Select "Safe Mode with Networking"

   

10. After locating and deleting the previous files you must remove all directories associated with Conficker Worm by going to the C:\ProgramFiles\Conficker Worm folder, select it, and delete it. In some cases you may not be able to find this directory. You can still continue to the next step.

11. Restart your computer. You do not need to boot into safe mode at this point. You should have removed Conficker Worm completely from your computer. If you find that Conficker Worm is still on your computer, you can repeat the steps again or go to the automatic Conficker Worm removal process.

Automatically Remove Conficker Worm

Automatically remove Conficker Worm for free. Free automatic Conficker Worm removal process.

Do you wish to automatically remove Conficker Worm from your computer? Are you looking for a free method to remove Conficker Worm from your computer? If so, you can utilize the free automatic Conficker Worm removal process below. Each step is designed to aid in the use of the program SmitfraudFix, which is a free tool created by S!Ri to remove parasites such as Conficker Worm. Just so you know there's no guarantee that SmitfraudFix or any other spyware remover will remove Conficker Worm completely. These instructions are provided as a guide and are to be used at your own risk.

1. Download the SmitfraudFix tool to your computer by using our free download link here. Save the downloaded file to your desktop.

   Image 1. Save SmitfraudFix.exe

   

2. Restart your computer into safe mode. Safe mode will allow malicious files that are normally loaded into memory to be easily deleted by the SmitfraudFix program. Do you want to learn how to boot into safe mode? If so, you can follow our process on how to boot into safe mode here.

3. After booting into safe mode, double-click on the SmitfraudFix.exe icon that should be located on your desktop. Follow the on-screen instructions. Option number 2 should be selected once the program starts.

   Image 2. Click on SmitfraudFix.exe icon

   

4. After SmitfraudFix performs the initial removal processes it will ask you "Do you want to clean the registry?" Select Y for yes.

   Image 3. For "Do you want to clean the registry?," select Y for yes

   

5. Once SmitfraudFix has finished the registry clean you can restart your computer now.
6. Conficker Worm should be removed from your computer. If not, you can start the automatic removal process over. It may take more than one try in some rare cases.

There's no guarantee that SmitfraudFix will remove all files due to the complex nature of new spyware files that are ever-changing. If necessary, you may need to get help from a person who knows about computer and spyware.

(Disclaimers: These instructions are provided to you for free and to be used at your own risk. The free removal process for Conficker Worm is not guaranteed to work in all circumstances. We are not responsible for any damages.)

A new discovery including the iOffer site which is known to by sell and trade items online has been one of the latest sites caught up in a phishing attack linked through a spam message. Spam messages are currently circulating the internet that appears to be a question from iOffer about an item that you are supposedly selling. If you are not familiar with iOffer it is similar to EBay or craigslist where items may be sold by you or purchased from someone else online.

The mxlab blog mentioned this incident as well as other security sites where they reported an email message that may be titled “You have a question from maildirect1 regarding the item Brand New Nikon D80 Package, 2 Lens,4GB and more….”. The body of the spam message reads:

Dear member,
You have a question from maildirect1 regarding the item Brand New Nikon D80 Package, 2 Lens,4GB and more….!
Click below to see the question and respond:
View the dispute thread to respond hxxp://222.124.199.98/icons/small/login?SignIn&co_partnerId=2&pUserId=&siteid=0&pageType=******
**THIS IS AN AUTOMATED EMAIL – PLEASE DO NOT REPLY**

If the link provided within the message is clicked on it will redirect you to a page that appears to be an iOffer.com website page asking for your username and password. This is the typical trait of a phishing page where your username and password may be stolen. It is also reported by mxlab blog that the Firefox browser failed to detect this page as a phishing site. The browser recognized this page as a legitimate security login page. Somehow the creators have made it so this new type of phishing site goes undetected by the current phishing filter in some popular web browsers. That poses a serious security threat. Our advice is to avoid clicking on links provided in suspicious email messages. If you are someone unsure about any message it is best to delete it instead of letting curiosity get the best of you.

This website, Obamastimulusprogram.com, seems to be a serious misunderstanding where a service is offered but never really fulfilled or carried out. This just isn’t any phishing site, it is one that is exploiting the talked about Obama stimulus plan that has been in the news recently. What some may fail to understand is that no definite specifics have been made about Obama’s stimulus plan but this website seems to make you think that they have all of the answers. If you pay your $2.95 you will get an abundance of information on the new plan including government loans and grants. Sounds too good to be true. Too bad it is.

Obamastimulusprogram.com is an outright scam but to many it may seem like a dream come true when they can get information on a grant where they could pay off their home or pay down some debt. In the struggling economy sites that offer “help” to those in need become popular but some can be a nightmare if it takes your money in return for nothing.

Details on Obamastimulusprogram.com will reveal that it was registered anonymously and very creative in that it is very deceptive. You may find CNN logos and other graphic seals that make it look authentic. You must remember that deceptive sites have a main objective and that is to trick you out of money. $2.95 may not seem like a lot but if you add up hundreds to thousands of people that may become victim to this trick it will come to a considerable amount. $2.95 may turn into a years salary for someone hurting during this tough economic time yet they may also get caught for fraud. It may be said, it does not pay to commit crime.

Below are text paragraphs and two images of the Obamastimulusprogram.com web page.

images source: security labs blog

“Immediate Action To Help You

Tax cuts are one means of providing economic relief to those in need and will be part of the recovery plan for America. However, Government Grants will also play a vital role as a means to swiftly provide assistance to those who could use financial assistance. Unlike a loan these Government Grants provide funds which do not need to be repaid and can be used for virtually any purpose including:

* pay off many forms of debt
* consolidate debt
* provide mortgage assistance or prevent foreclosure
* purchase a new home
* start a new business or assist with an existing business
* pay off student loans or assist new students with obtaining a degree

If there is a bill out there that needs to be paid there is most likely funding now available that will be able to cover it.”

Have you even heard of the Obamastimulusprogram.com web site? If so, make sure you do not fall victim to the tricks offered by this deceiving site.

A computer worm that was known to attack Windows PCs was discovered a while back where Microsoft released a patch to prevent infection. It has been noticed by security researchers that this worm attack is increasing greatly affecting unpatched computers running Windows.

In the past we have warned computer users of the dangers of running a system with out-of-date software or operating system. This worm infection called Conficker.c or what some call Downadup.b, prompted an emergency patch by Microsoft to the Windows operating system back in October of 2008. The behavior of the Conficker.c worm is to perform a process that pings machines with malformed Remove Procedure Call (RPC) packets so that it may find computers running Windows that have not been patched with the October update. Other instances of the worm spreading include attacks through USB devices including flash drives or even digital cameras.

Other dangers of the Conficker.c worm is the ability to update itself where it blocks many known security software programs and install additional malware onto the affected system. Downadup.b, which is the name that Symantec Corp. uses for the Conficker.c worm, warned just recently through tracking that this infection is on an increase. Panda Security reported the same infection on December 31st of 2008. It is known that the Conficker.c worm affects unpatched versions of Microsoft Windows including Windows 2000, Server 2003, XP, Sever 2008 and Vista.

PCHubs.com recommendation to all Windows PC users

It is essential to get all updates and patches, including emergency patches, from Microsoft at any chance that you get. It is recommended that you utilize automatic updates for Windows where any security patches are downloaded automatically.

Security researchers can only do so much to warn computer users of the newly discovered dangers that present themselves over the internet. It is always a good idea to keep all of your software up-to-date running the latest version while staying abreast of all updates and security patches. Symantec already estimated that 3 million PCs were infected with the Conficker.c worm. With the discovered increase of Conficker.c it is only a matter of time before an additional 3 million computers are infected all because they failed to apply a security patch.

A discovery has been made from many fake downloader sites where they spread the malware file that appears to be tubeplayer.ver.6.exe which may install Trojans. The Trojans that these sites may install were identified as being in the family of Trojan.Fakealert and Trojan-Downloader.Renos. One of these infections is known for running AV2009 (Antivirus 2009) which is a rogue anti-spyware program.

Through the process of fetching a rogue anti-spyware program such as AV2009 (Antivirus 2009) it displays numerous popus and alert messages. Several downloader sites have been identified to spread these infections onto computers over the internet through fake codec installers.

We compiled a list of these fake downloader sites from ThreatFire Research Blog, a security research site, and listed them below. Remember, do not visit any of the following sites for any reason. If you find that you have downloaded any files from the following sites then it may be in your best interest to follow a removal process for Trojans.

hxxp://2009download-best-soft.com
hxxp://2009download-best-soft.com
hxxp://best-ps-download-4pc.com
hxxp://best-ps-download-4pc.com
hxxp://downloabsecurehere1.com
hxxp://downloabsecurehere1.com
hxxp://downloabsecurehere2.com
hxxp://downloabsecurehere2.com
hxxp://downloabsecurehere3.com
hxxp://downloabsecurehere3.com
hxxp://downloabsecurehere4.com
hxxp://downloabsecurehere4.com
hxxp://download-all4free.com
hxxp://download-all4free.com
hxxp://downloadallsoftnow.com
hxxp://downloadallsoftnow.com
hxxp://download-allsoftnow.com
hxxp://download-allsoftnow.com
hxxp://downloadallsoft-now.com
hxxp://downloadallsoft-now.com
hxxp://downloadall-soft-now.com
hxxp://downloadall-soft-now.com
hxxp://download-files-bak.net
hxxp://download-fls.com
hxxp://download-fls.com
hxxp://download-softarch.com
hxxp://download-softarch.com
hxxp://download-top-software.com
hxxp://download-top-software.com
hxxp://download-top-software.net
hxxp://download-top-software.net
hxxp://download-top-software.net
hxxp://dwnld-files.com
hxxp://dwnld-files.com
hxxp://fast-download-base-free.com
hxxp://fast-download-base-free.com
hxxp://files-upload-21.com
hxxp://files-upload-21.com
hxxp://get-files-4free.net
hxxp://get-frsh-files.com
hxxp://get-frsh-files.com
hxxp://go-downloadz-pc-soft.com
hxxp://go-downloadz-pc-soft.com
hxxp://load-software-dowload.net
hxxp://load-software-dowload.net
hxxp://pure-download-new.net
hxxp://pure-download-new.net
hxxp://soft-4-you-download.net
hxxp://soft-4-you-download.net
hxxp://top-best-software-area.net
hxxp://top-best-software-area.net

(xx) put in place for of (tt) to help prevent you from visiting the sites listed above.

Have you ever visited any of the above sites to download any files? If so, you may want to remove the Antivirus 2009 program or Trojan files that may have been installed on your system.

Lately the phishing attacks have targeted high profile Twitter accounts such as those of Britney Spears, Barack Obama and Fox News. With this new wave of phishing attacks the action of resetting many compromised users accounts has taken place by Twitter. Just over the weekend we reported where Twitter users were plagued with phishing spam attacks but they have continued to take place through Monday.

You may ask the question: what can a hacker do with your Twitter username and password. Our answer to that is a lot. Many computer users use the same username and/or password for multiple accounts that they access online. It is very easy to keep only one or two passwords memorized when you are accessing online accounts such as social networks, email or banking accounts. It should not be a surprise that hackers use this information to potentially steal money from your bank account or access additional personal information online. This could lead to other serious issues for you and others such as identity theft.

It is important to be aware of these new threats and take the necessary precautions to protect yourself. You can start by changing your password to something different from other passwords that you use online. Other steps that you may want to take is limiting the amount of personal information that you share on social networks. The Twitter phishing incidents may continue to happen and spread to other social networks so use caution and common since on all sites that you visit.