news aggregator

An Estonian virus writer has been sentenced to jail in Harju, Estonia.

The author of the Allaple virus family, 44-year old Mr. Artur Boiko pleaded not guilty.

Nevertheless, he was found guilty and sentenced to 2 years and 7 months in prison.

Allaple is a complex worm using polymorphic encryption. It spreads over network shares and by modifying local HTML files. When such HTML files are uploaded to public websites, they spread the infection further.

Apparently Mr. Boiko had been in a car accident and had ended up in dispute over his insurance claim with If Insurance. As a result, his worm launches DDoS attacks against these sites:

    www.if.ee             (website of the insurance company)
    www.online.if.ee    (customer online interface of the insurance company)
    www.starman.ee    (website of a local ISP)

The DDoS attacks were quite serious — see this post from ISC Diary in 2007.

We detected several variants of Allaple during 2006-2007. The problem is that this is not a botnet — these worms have no command and control channel. The infected machines will attack their targets until they are cleaned. There are still thousands of active, infected computers today around the world, and they are still attacking. And the worm is still spreading further.


Snapshot from F-Secure interface showing new samples on 11th of March 2010

Boiko was sentenced to prison, where he has already been awaiting his trial for 19 months. He was also sentenced to pay the following sums to cover losses:

To If Insurance: 5.1 Million Estonian Kroons (about 330000 Euros or 450000 USD)
To Starman ISP: 1.4 Million Estonian Kroons (about 91000 Euros or 130000 USD)

More info (in Estonian) from ERR Uudised

On 11/03/10 At 11:20 AM

The article introduces an innovative approach to develop web forms in enterprise software rather than either ASP.NET or MVC through step by step comparison on development complexity, reusability, performance and maintainability. The approach is implemented as an important UI component of RapidWebDev

The article introduces an innovative approach to develop web forms in enterprise software rather than either ASP.NET or MVC through step by step comparison on development complexity, reusability, performance and maintainability. The approach is implemented as an important UI component of RapidWebDev

This is an FAQ for the Code Project Mentor Program. It can be modified by any platinum member.

Build a Start Page similar to Google IG in 7 nights using ASP.NET AJAX, .NET 3.0, LINQ, DLinq, and XLinq.

This is an FAQ for the QuickAnswers section. It can be modified by any platinum member.

This is an FAQ for all member related questions. It can be modified by any platinum member.

F-Secure has an additional blog that launched today. It's called Safe and Savvy.



You'll notice that the name is pink. That's part of our new brand but it also reflects the authorship. Safe and Savvy's contributors are the female employees of F-Secure (mostly).

Hetta, Marja, Annika, Alia, Melody-Jane, (and Jason) have already gotten started.

Read more of Hetta's latest post to learn about six free months of our Internet Security 2010.

On 10/03/10 At 05:29 PM

I wasn't sure I'd see this Browser Choice update:



I set my computer's Regional Options for the United States even though it's physically located in Finland (I'm an American after all).

Regional settings might trump my IP address, I thought… but it seems not. I manually ran Microsoft Update and was provided access to KB976002. Cool.

If you're located outside of Europe and are wondering what's this is all about, read this from the BBC.

Microsoft is offering alternative browser options to European Windows users to settle an anti-trust lawsuit. The update component points users to browserchoice.eu — from where they can select from 12 different web browsers.

On a somewhat not completely unrelated note: Microsoft Security Advisory (981374) was published yesterday.

"Microsoft is investigating new, public reports of a vulnerability in Internet Explorer 6 and Internet Explorer 7."

The vulnerability could allow for remote code execution.

Once again, that browser choice link is browserchoice.eu. Share it with your family and friends.

Signing off,
Sean

On 10/03/10 At 05:00 PM

A method to look for a small Bitmap that is contained inside a bigger Bitmap.

In this article I will describe about some new features of Visual Studio 2010 which I explored till now. These features are really very useful in terms of productive development. This article is mainly targeted for beginners of Visual Studio 2010 but everybody can get benefit on the same.

Flexibox is an alternative to Lightbox, displaying multiple resolutions of an image without needing a popup overlay. Flexibox shows how a Silverlight app can resize itself with a page.

SQL editor with syntax parser, direct editing, code execution, database backup, table comparison, script generation, time measurement

In this article I'll present how to change the ribbon colors.

DataGridViewTextBoxCell derived cell that can be merged with cells of the same type

ATM skimmers are installed like this:



Video source: Spiegel.de & German Federal Criminal Office (Bundeskriminalamt)

On 10/03/10 At 12:06 PM

An Article that hopes to Function as a Primer for Algorithms

generic object wrapper for delayed type selection.

Use the new PLA interface to monitor performance counters and triggers Alerts.

Learn how to marshal compound types (structures, unions, etc.) with C#.