beYond SecuriTy [leet X nTry]: March 2012

Monday 12 March 2012

The World's Top 10 Spammers Countries

The world's top 10 spamming countries account for 55 per cent of the total global spam volume, says Secure Computing, a public company that provides enterprise security solution, in its Internet Threats Report.

Spam is the unwanted e-mail messages that you find in your mail box. It is primarily electronic junk mail sent to your e-mail account or even your cellphone.

Spammers are continuing to use pop culture and current events (US elections, Olympics, etc) to entice end users into responding or clicking on links whose sole purpose is to download malware.

So which countries are the world's biggest spammers?

10. South Korea, 2.87%

South Korea sends slightly less spam than India, but with a contribution of 2.87 per cent to global spam it is the world's 10th largest spammer.

9. India, 2.99%

India is one of the top 10 spammers in the world and it accounts for 2.99 per cent of global spam.

The country is the world's 9th largest spammer, and as its Internet infrastructure improves with rising prosperity the amount of spam or unsolicited e-mails emerging from India too is likely to multiply.

8. Colombia, 3.09%

Colombia takes the 8th spot amongst the world's biggest spammers and accounts for per cent of global spam.

Here's how to curb spamming:

When you send e-mails to many people at the same time, use the BCC (blind copy) field so that the recipients are unable to see the other addresses. This also helps curb spamming.

The government too can help curb spam by enacting legislation that punishes offenders.

Don't give out your e-mail ID on instant messengers, chat rooms, et cetera.

7. Great Britain, 3.37%

Great Britain accounts for per cent of global spam and is ranked 7th largest spammer.

Tips to be secure:

Being aware of spam and of ways to secure yourself too helps curb the menace.

You should never buy anything through an unsolicited e-mail. By buying through such messages, you help keep such business economically viable.

Instantly delete unsolicited e-mails, for such messages can also harm your machine by spreading viruses or worms.

6. China, 3.49%

China ranks 6th among the The world's top 10 spammers and accounts for per cent of global spam.

More ways to fight spam:

Upgrading your Internet security to ensure that spammers can't send spam via your computer.

Never reply to a spam message and never click on any links, especially 'unsubscribe' links in such messages because then you give yourself away as a real user and thus leave yourself open to be spammed even more.

5. Italy, 4.32%

Italy, the world's 5th largest spammer, accounts for per cent of global spam.

How to secure yourself from spam:

Various methods to save yourself from incoming spam exist. These include:

Using spam-filtering software. Trend Micro, Symantec, Computer Associates, Sophos (Satcom), McAfee, Netscreen, Prime Infotec, GajShield Infotech and Websense provide specialised anti-spam solutions in the Indian market.

A spam filter is a piece of software that sorts incoming e-mail messages and blocks those that it thinks are spam. While filtering can be very useful, it's not perfect as sometimes filters fail to identify spam-and they mistakenly block a genuine, non-spam message. Adjusting the filter settings can help minimise these risks. To prevent this one can also choose to direct spam into a special folder set aside for reviewing all messages that the software filter tags as spam.

4. Brazil, 5.29%

Brazil, with per cent of global spam, ranks 4th in the world.

Spammers continue to use pop culture and current events like the Olympics or US elections to lure users into responding or clicking on links whose sole purpose is to download malware.

3. Turkey, 6.51%

Turkey ranks number 3 in the world when it comes to spamming. It accounts for per cent of global spam.

Among the types of spam, male enhancement, product replica, prescription drugs, gambling, pornography, debt job offer, phishing were the major contronutors.

2. Russia, 6.71%

Over 6.7 per cent of global spam emerges from Russia, making it the world's second largest spammer.

The Secure Research report says that there was a 45 per cent increase in the average number of porn sites found daily since January 2008.

50 pre cent of all Web sites' content is now in non-English languages, and this too is adding to the growing spam volume.

1. United States, 16.56%

The United States is the world's largest spammer and accounts for more than 16.5 per cent of global spam.

Spam is up 280% from last year (at this time). This year's peak on spam volume was March 27 at 185 billion spam messages. Since March we have seen spam steadily decrease.

The World’s Top 10 Spammers

A monitoring group says these are the world's worst e-mail abusers.

Gangs of hackers make money not only by stealing from electronic accounts but also by spamming. The Spamhaus Project, an 11-year-old British and Swiss-based nonprofit that works with global law-enforcement agencies, regularly updates the list of the most persistent spammers.

1. Canadian Pharmacy
(Ukraine/Russia)
Pharmaceutical spamming has intensified during the worldwide swine-flu pandemic—for the most part, it is advertising for counterfeit Tamiflu. Zombie computers infected with a Trojan virus are now sending out tens of thousands spam messages a day.

2. Leo Kuvayev a.k.a. BadCow(Russia)
The 36-year-old Russian is being sought by the FBI and the British police. He is called the king of world spam: he was the first to hide messages in graphic files to circumvent filters and use viruses to create zombie networks. Kuvayev allegedly deals primarily in pharmaceutical and porn spam.

3. HerbalKing(India/New Zealand)
A gang that sent out one third of all spam in the U.S. last year operated through a botnet of more than 35,000 computers, advertising medications from India and porn Web sites. HerbalKing's operations were suspended, and its leader, New Zealander Lance Atkinson, declared that he was prepared to pay a fine of $92,715.

4. Vincent Chan a.k.a. yoric.net(Hong Kong)
Chan and his comrades from China specialize in medical messages, but also promote watches, printer cartridges, and mortgages. In 2004–2005 they worked through the free Web-hosting service Yahoo Geocities, by automating the creation of pages that forwarded visitors to advertised Web sites.

5. Aleksei Polyakov a.k.a. Alex Blood(Ukraine)
No one knows whether the Ukrainian's name is really Alex Polyakov or he took a pseudonym from John Le Carré's book Tinker, Tailor, Soldier, Spy. He is widely described as a specialist in child pornography and one of the biggest distributors of Trojan viruses.

6. Nikhil Kumar Pragji a.k.a. Dark-Mailer(Australia)
This Australian is a major spammer and author of the Dark-Mailer program, which enables the dispatch of 500,000 messages per hour and, according to users, is distinguished by a convenient interface. It is recommended that the program be downloaded for money—$499—since the free versions contain Trojans.

7. Pyotr Levashov a.k.a. Peter Severa(Russia)
The creator of Trojans and author of spam programs became known to the public last year during a trial of Alan Ralsky's spam gang from Detroit, the largest in the U.S. Nine others were arrested with Ralsky, but not Severa, who is believed to be living in Russia and still working with hackers.

8. Yambo Financials(Ukraine)
The large spam organization deals in practically everything, including sending out pornography involving children and animals, promoting pirated software and medications. In addition, the Ukrainians provide "financial service" through a phony bank.

9. Ruslan Ibragimov a.k.a. send-saf.com(Russia)
The author of viruses and spamming software. Works through Russian servers. In addition, sells spammers lists of recently infected computers.

10. Rove Digital(Estonia/Russia)
This partnership was founded in Tartu in 2002, and four years later it was recognized as the best IT firm in Estonia. Last year the firm was shut down, and its director, Vladimir Chashchin, was convicted of bank fraud. The Estonian press wrote that Rove Digital has spammed "by the millions." Chashchin tried to shift blame to a Muscovite named Mikhail, but he was not found.

The Top 10 Spam, Malware and Cyber Security Stories of 2011

Well, here we are, the start of 2012. If you’re like me, you’ve read a bunch of stories online about the top news stories, movies and books of 2011. But what about the top 10 cyber security stories of 2011? That’s what I am here for, to give you the rundown!

This is a very condensed version of an article that will appear in this month’s Virus Bulletin. To get the full details rather than my snippets here, you’ll need to refer to that.

Oh, yeah, in full disclosure, this is really the top 10 stories of January through the first half of November – in order to meet my editing deadline. Now without further ado, here they are.

1. Microsoft shuts down Rustock

For years, the spamming botnet with the biggest footprint was the Rustock botnet. Its characteristics were to “wake up” at a specific time each time day, send tons of spam messages, and go back to sleep. But on March 16, 2011, the US Department of Justice, working with Microsoft, Shadowserver, and some other partners obtained a court order to seize command-and-control servers that were responsible for running the Rustock botnet in the United States. Virtually overnight, spam from Rustock plummeted and has never recovered:

2. Spam volumes go way down

Starting in late 2010 and continuing throughout 2011, something odd happened: spam started to decline. And it didn’t just decline a little, it declined a lot:

What caused this steep decline? The answer: nobody knows for certain. But what we do know is this: the battle against spam isn’t over, it’s just shifted from one form to another.

3. RSA hacked

In March, some disturbing information leaked out of RSA, the company that has long been associated with security. These are the guys that make the key fobs that many of use to get onto our corporate network using two-factor authentication.

Somebody, somewhere, sent an RSA employee – not a high level employee, just a regular ham-and-egger like you and me – an email with an attachment. The subject line read something like “2011 Recruitment Plan.” The employee opened opened the attached Excel file, and their computer became infected with a piece of malware when it exploited a previously undocumented Flash vulnerability. The intruders were now inside.

RSA wouldn’t be the last big-name corporation to get hacked using a sophisticated attack. Large government contractors like Lockheed Martin and Seagate Technology were hit, as well as the Internal Revenue Service and Freddie Mac.

4. Operation ShadyRAT

In September 2011, McAfee released a report, in conjunction with Vanity Fair magazine, about Operation ShadyRAT.

In the report, McAfee studied a bunch of cyber intrusions where numerous victims were targeted – government agencies in the United States, Taiwan, South Korea, Canada; large corporations in a number of countries; and non-profits such as the International Olympic Committee.

Why were these entities targeted?

“All the signs point to China,” says James A. Lewis, director and senior fellow of the Technology and Public Policy Program at the Center for Strategic and International Studies, adding, “Who else spies on Taiwan?”

Regardless of whoever is behind the attacks, 2011 saw a huge increase of the detection of APTs – Advanced Persistent Threats. You could classify 2011 as the “Year of the Hack.”

Especially when it comes to story #5.

5. LulzSec hacks the world, so does Anonymous

Anonymous is an international hacking group, spread through the Internet, initiating active civil disobedience, while attempting to maintain anonymity. CNN has said that they are one of the successors to WikiLeaks.

In April, Sony announced that it had been victims of a hack where a whole bunch of user information was stolen from their servers and posted online. In June, a suspected splinter group of Anonymous – LulzSec – launched their own hacking attacks. They went after the websites of the CIA, Sony, Fox News, PBS, and others. During the summer, it seemed like there was a hack attack each week and what was newsworthy was not that a company was hacked, but that a week went by without an attack.

The hack attacks of LulzSec and Anonymous eventually quieted down but Anonymous still continues to operate (as I talked about in another post).

We’ll see what happens in 2012.

6. Malware appears for Macs

For years, Microsoft has devoted plenty of resources to stamping out the problem of malware that infects its operating systems. Fair or not, Windows has earned a reputation that it is insecure and susceptible to malware. By contrast, Apple has historically prided itself on the belief that it is not prone to malware. They even released television commercials implying that very thing.

But this year, something odd happened – malware appeared for the Mac. And users were falling for it.

It’s not that malware never existed for the Mac, it has. It’s just that this year it became really obvious malware exists for the Mac because of its prevalence.

The good news in all of this is that Apple did respond to the problem fairly quickly and is now starting to get into the rhythm of security releases. Like anything, once you become popular, you start to become a target for online criminals.

7. Mobile malware gains traction

Mobile malware is still in its infancy and hasn’t yet taken off, but it is growing. And just like the PC became a target of malware writers because of its ubiquity and open systems (anyone could write applications), smartphones are becoming targets of malware writers where the systems are ubiquitous and the platform is open. And the fastest growing target of malware writers is Google’s Android.

Does this mean that smart phones, particularly Android, are especially vulnerable? Not exactly. The smartphone space is still fairly new, but luckily, that still works in its favor. As long as you buy or install applications from reputable places, you are not going to have much of a problem (most of the time).

8. The threat of zero-day malware is overstated

Microsoft decided to examine the threat of zero-days and examine whether the fears were justified; and also as important, to put it into context relative to all of the other threats that are out there.

The analysis revealed that zero-day threats account for much less than 1% of all malware threats out there. The fact of the matter is that for all of the hype that exists about it, the vast majority of threats have defenses already in place. You can protect yourself if you just follow basic steps like keeping your computer software up-to-date, running a firewall, and running antivirus software.

9. The University of California: Go after the banks to stop online crime

The University of California performed an experiment where they started buying spam from spam campaigns and then started looking at credit card transactions. Like most people on the planet, you and I are only vaguely aware of how this process works. You go to a website, enter in your credit information, and like magic you get your stuff a few days or weeks later. You then happily pay your credit card bill where said transaction ends up on the statement.

Instead of going after users or using technology to keep users safer, the UC proposed pressuring banks to clamping down on fraudulent banking transactions. They discovered that three banks are responsible for 3/4 of spam payments, then shutting those down represents a real disruption to the spam business.

Moving the online abuse infrastructure is relatively easy. It’s not difficult to register domains or set up botnets. However, it is time consuming and costly to negotiate payments with banks. Spammers cannot simply pick up and move banks the way they can with domains. It is a human process that has checks and balances.

10. Operation Ghost Click

In November, the FBI announced the arrest of six Estonian nationals in what some call the biggest cyber heist arrest in history. Responsible for the DNSChanger malware, which redirected unsuspecting users to rogue Internet pages, the botnet that they operated was over 4 million computers (!).

Similar to what occurred with Rustock, the rogue command-and-control servers were seized infected requests to DNS servers were replaced with legitimate ones.

Not a bad Christmas present for law enforcement.

Well, that’s the way I saw 2011. From APTs to hacking to malware to spam, there was a little something for everyone. I’ve now written a couple of these Top Ten articles, and while there is a lot of overlap, I’m always surprised by the new stories that appear and make the list.

Who knows what I’ll think is important enough to add to my 2012 list!

Beware -Top 10 Spam Subject Line

According to Symantec Intelligence report of July 2011 The most common category of spam was pharmaceutical related 47%, but the second most common was related to adult/dating spam contributing 14.5%. Examples of many of these subjects can be found in the subject line analysis, below

Top 10 Spam Subject Line :-

r u online now ?
hi darling..
new email
found you
i m online now
my new pics
my new email
I’m waiting for ur reply
need ur profil details
I like ur profile i like to meet u

Google’s New Privacy Policy

Google is revising its Privacy Policywhich will be effective from 1st March 2012.Google has also placed a note on theirhomepage, allowing users to compare and contrast new and old policies and will send an e-mail message to users explaining the change.

What information we collect and why we collect it.
How we use that information.
The choices we offer, including how to access and update information.

Under the new policy, users will be governed by a single set of privacy policies. Users will be unable to opt-out of Google’s new method of data gathering, so those who object to the policy consolidation may need to take their information elsewhere.Under the new policy all information entered by users via Google will be indexed together. Google is claiming the shift will help its users search and offer spelling and contextual suggestions. They plan to include shares from users’ Google+ friends in its search results. Posts from users’ Google+ friends are now included in searches regardless of whether those who initially shared the post wanted them to beGoogle Books, Wallet and Chromewill be excluded from the policy makeover for legal reason.

Friday 9 March 2012

How to "Delete administrator Password" without any software

Method 1

Boot up with DOS and delete the sam.exe and sam.log files from Windows\system32\config in your hard drive. Now when you boot up in NT the password on your built-in administrator account which will be blank (i.e No password). This solution works only if your hard drive is FAT kind.

Method 2

Step 1. Put your hard disk of your computer in any other pc .Step 2. Boot that computer and use your hard disk as a secondary hard disk (D'nt boot as primary hard disk ).Step 3. Then open that drive in which the victim’s window(or your window) is installed.Step 4. Go to location windows->system32->configStep 5. And delete SAM.exe and SAM.log
Step 6. Now remove hard disk and put in your computer.
Step 7. And boot your computer :-)

All (Ctrl+Alt+Del) Permanently deleted files Recovery solution

Sometimes we delete the files permanently, and realize that deleting them is like a Blunder...

For all those folks,

Here is the solution

Software called "Kissass Undelete" , can bring those files from the hard disk or your flash drive.

Conditions : Only if the data on that drive is not re-occupied(or written). that means the space which was available after the deletion is not been occupied after the deletion.

Click Here to download the .

To start searching for the files,

Select the drive from the Left panel of the Windows and Click the scan button.

the Scan might take upto 10 secs.

When the files search has been completed, it will show you the results with the name, typ, size and the last modified date of the searched file.

3) Now you can select the file to be recover. This is an Open source application and available for All Windows OS(Windows XP/Vista/ 7).

Thursday 8 March 2012

Use General-Files To Download Free Movies, Games And Sofware

We should thank the inventors of Internet technologies that made it possible to send a large file to faraway machines in no time. There are lots of file sharing sites out there on the Internet that helps you to share unlimited number of files with your friends and family. A lot of people search for movies, songs and games on the Internet and they download all of them for free.

Sites like Rapidshare and Megaupload allows you to upload files for free and as soon as the file uploads, an URL will be created for you to give to others. But these websites lack search engine functionality, that means you can’t search for files on these websites. There is a better alternative available named as General Files, a file search engine that displays results from all major file sharing websites like Rapidshare, 4shared etc at one place.

When you visit General Files, you’ll see a search box across the top of the page. Clicking on the ‘Options’ next to the search box will open a drop down menu where you can select which website you want to search in, which type of file you’re looking for. You can also specify the file size and sort the results by most popular and most recently added.

You can run an advanced search to quickly find the stuff you’re looking for to get rid of irrelevant search results. Simply click the ‘Advanced Search’ link at the top right corner of the webpage. You can download free Movies, Games, Software, Music and much more from General Files search engine.

When you use websites like Bittorrent to download big files, sometimes you end up downloading a corrupted file. You try hard to download the exact stuff you’re looking for so that you will not regret later. Things like this will not happen again if you use General Files search engine, as it allows its users to remove invalid files to keep the database clean.

General Catalog is another website created by the same group, which is a free software directory that allows you to look for music, movies, software, games and all kinds of stuff easily. All downloads are segregated into sections in a complete and careful manner. This website provides just another way to look for the stuff you want by browsing the catalog. Take a look at both websites and do share your views.

20+ Excellent Sites To Send National And International SMS For Free

Mobile technology has an greater impact on our life. Since mobile phones came in our life, the way of communication has totally changed. From letters to text messages and trunk calls to STD calls from mobiles. I still remember when there were charges for incoming calls too and see now – mobile call rates are so cheap that we talk with our friends for hours and hours.

Mobile technology has not changes only but there is a drastic change in mobile handsets too. Now mobiles are sleek and sexy in comparison to big black colored cellphones of all time. These days touch smart phones are on the roll. Everyone has touch phones in their pockets.

I like touch phones too because of its immense features and display but one thing always annoys me to type text messages on such kind of phones. I am sure it is annoying for you too. How adverse you become with typing in the touch screens, you can’t compete with the physical keyboard phones. Personally, when I have to send SMS to anyone I mostly use websites that allows me to send SMS from computer.

The main advantages of sending SMS from such sites are -

It saves your time because typing on keyboard is much faster than typing on cell phones.
They allow you to send SMS free of charge while you have to pay your cellular phone service to send messages from phone.
You can send messages to anywhere in the world and even get replies directly on your mobile phones.
Some sites allow you to send more than 160 characters long messages while your phone allow only 160 characters and charge rate for 2nd sms if that limit exceeds.

I hope you too convinced with above advantages and want to know sites that allow you to send free SMS worldwide to your near and dear ones. Though, free word comes with some gimmicks and same applies with these sites such as some websites needs registration to send sms while other have some limitations over sending free SMS per day. But, I hope these small limitations will not make you turned back on using these services.

So, here’s the list of 20+ sites to send national and international SMS for free from your computer.

Don’t forget to

subscribe to our RSS-feed and

follow us on Twitter for recent updates.

1. 160by2 : 160by2 endeavors to revolutionize the very concept of sending SMS – from a PAID service to a FREE service. You can now send free SMS messages, 80 characters long, within India to all your near and dear. It allows you to send 500 messages in a day with 100 messages to one particular number in a day.

2. Way2SMS : Way2SMS.com offers SMS communication totally cost free to mobile users. More than four lakh users visit Way2SMS every day, and they are just not from India alone, but come from as many as 126 countries globally! There are many other features that makes users to love their site such as email notifications to your mobile, instant messaging services within the site and many more.

3. SMScity : This site allows you to send free SMS every day internationally. You will get 12 free credits for an SMS to send international sms. You can also send SMS via MSN service. This site offers both free and paid plans to its subscribers.

4. Jaxtr : A leading site that allows you to send SMS worldwide has an coverage of nearly 38 international countries including UK, US, Canada, India and many others. IT allows message recipients to reply your SMS directly from cell phones or through a web link.

5. AtroChatro : If you looking for a service that lets you send text messages of full 160 characters, this site is for you but only allow you to send only 2 sms per IP and that too only in India.

6. BizHat.com : This site allows you to send free text messages upto 140 characters long to all Indian mobile numbers.

7. Email2SMS : Don’t worry you dont have to send email for texting. This site allows you tosend free SMS worldwide without any registration required.

8. FreeSMSNetwork : The only website that allows you to send free SMS worldwide up to 197 characters.

9. FreeTextMessager : Send text messages to your friends, family or co-workers in the US, Canada and the rest of the world. You can send as many ‘Free’ sms text messages as you like, faster and easier than using your wireless phone without any restriction over character limit.

10. Ibibo iSMS : A free service to send SMS anyone in India to individuals and groups up to 90 characters.

11. JungleSMS : This site allows you to send 50 free SMS all over the world up to 178 countries. You have to register the site to send message and character limit is up to 150 characters.

12. KrifySMS : Send Free and Instant Short Messages to the Cell phones in India from any where in the world up to 100 characters long.

13. mjoy : Send unlimited FREE Text Messages to any mobile phone in the world. You need to register in the site and you will get your personalized dashboard to send and sort out the messages.

14. IndyaRocks : By using this website, you can send free SMS to any Mobile in India. You can also schedule free SMS for Future dates. It has also has an feature to send free group SMS with fast SMS delivery in just 30 seconds or less.

15. SpiceSMS : Send SMS to anyone in India without registration with 160 characters limit.

16. SMS Loop : This site allows you to send SMS to Indian numbers from anywhere in the world up to 100 character limit. You need to do a quick registration but you can try the service before registering too.

17. Send SMS Now : This site allows you to send free SMS to US and Canada up to 100 character long messages after registering on site.

18. SeaSMS : Send Free SMS Worldwide. Enter the message you wish to send, the phone number to which you wish to send the SMS (without 0s and +s), select the name of the cellular provider of the destination number and click on the |Send| button. As simple as that. It supports up to 450 characters long SMS and user can send unlimited SMS all day.

19. SMSIX : Send a message to all mobile phones worldwide for free.No registration required. No login. Send a free SMS text from your computer to any mobiles. It allows you to send 13 characters long SMS.

20. Text4Free : Send free text messages using Text 4 Free. Send free SMS messages from the computer. You can send free text messages from this website to almost anywhere in the world.

21. txtDrop : TxtDrop enables users in the United States and Canada to send text messages with instant delivery. No more need to pay your cellular provider up to 25 cents for sending your friend a text. Just enter your email (for replies), your friends mobile number and your message and we’ll send your text instantly. Completely free of charge.

22. Text By SMS : Text By SMS is an awesome fast, free way to send text messages to your friends, co-workers, and family worldwide. The message is usually received by their cellphone within seconds and won’t cost them anything.

23. txt2day : This site allows you to send free SMS worlwide 100% free with no gimmicks. It does not require any registration and you can send 140 characters long messages all over the world.