Malware made its way into space! The International Space Station (ISS) has to fight against a trojan on some of the computers. Fortunately, no vital systems are affected; it remains yet unclear though how the malware made its way into space. Rumours have it that some astronauts may have had the virus on a USB-stick or some memory card. It is also unknown, from which nation the astronaut stems.

Even if there is no direct internet connection on the ISS, the trojan tries to steal gaming passwords. Its already nearly a year old. Avira detects it generic as a member of the Vundo-family of trojans, TR/Vundo.Gen. Even Avira AntiVir Personal would have kept the ISS clean of that malware! It’s time to think about further security mechanisms in space, it seems.

Dirk Knop
Technical Editor

Tonight, we encountered an odd problem. Four MD5-sums displayed on our homepage didn’t match the “fingerprint” of the actual files on the servers. As precaution, we took our servers offline to analyse the servers and to see what has happened.

To our relief this was a false alarm. While uploading new installer-files to the servers, the responsible person forgot to properly update the checksums that help verifying that noone tampered with the files. We thoroughly checked every file on every server and could verify that all of them are in the state they’re supposed to be. Everything is back to normal operations now.

Dirk Knop
Technical Editor

On this August patchday Microsoft released 6 critical patches for Microsoft Office, Windows and Internet Explorer. All of them can be abused by criminals to inject malware into victims’ computers. Please patch ASAP!

Source: Microsoft Security Bulletin Summary for August 2008

Dirk Knop
Technical Editor

In a “fake Interview” Symantec’s Stefan Wesche (original article) shot against free antivirus solutions like Aviras AntiVir Personal – FREE Antivirus. Symantec claims that a functionally reduced free version doesn’t offer enough protection, especially compared to products where you have to spend plenty of bucks for. We see this different, of course. In  our oppinion, Avira AntiVir Personal – FREE Antivirus is a second protection layer around companies: Malware doesn’t make its way into the company network e.g. on USB-Sticks, Digicams or MP3-Players anymore.

In the interview Wesche states that users need to be protected by a world wide network of researchers and specialists as well as plenty of sensors (like honeypots) that monitor the moves of the crime scene on the internet – just like Avira has. He approves that a free antivirus solution offers a basic protection. We state nothing more and nothing less. Of course for special features and more comfort users need to pay, but Avira helps making the internet a safer place by preventing over 50 million PCs of users of Avira AntiVir Personal from getting infected by and with malware out there.

Symantec doesn’t offer anything like this, and of course also not for free. They try to discredit our honest efforts, and to push people into buying their products.

If you look at all of the recent tests of major PC magazines you’ll find that Aviras detection performance is some significant percent points better than that of other companies products (see for example the signature-based detection of millions of samples of the recent PC Welt-Test); Also we’re always very close to 100 percent, usually over 99 percent. Our reaction time upon new threats is also great.  Avira has no noticeable performance impact while offering such good detection rates. Just ask your friends out there which use Symantec about their computer performance.

This publicity stunt from Symantec wasn’t their best idea. Nearly everyone saw through that.

Dirk Knop
Technical Editor

We all hoped this is over: After email-spam advertising penny-stocks, improved spam-campaigns using images, then trials to beat OCR detection with noise in and angle changes of the images, and finally closing with PDF-based penny-stock-spam, the gready individuals found a new way to spread their dump. Now we’ve seen first penny-stock-messages spread via the MSN messenger service.

The messages look like this:

06.08.2008 12:14:45 Graciela: aipepwabemHot Stock Alert
Global Agri-Med Technologies Inc.
Symbol – GAGO
This New and Undervalued bio tech IPO has huge potential with their new product BreastAlert
Read their latest PR and get in on GAGO
It’s an easy doubler from this point

Needless to say – don’t fall for this scam. Penny-Stocks are falling too fast when you buy them, so only the criminals behind the campaign will earn money; you will always loose your investment.

Sorin Mustaca, Manager International Software Development at Avira Source: