1. Find Out Who Has Been Looking at your Profile: this scam claims that it will show you who has been viewing your profile and who has blocked you from theirs, but none of these apps work because Facebook doesn’t provide such information to developers.

2. Free Items and Gift Cards: don’t expect to get anything for free just by completing a survey.

3. New Facebook Features: some apps promise to change your Facebook color or to provide you with a dislike button, but make sure you install them only from trusted and well-known developers.

4. Free iPads & iPhones: messages stating that you can win a free iPad or iPhone are usually just a thought-out marketing trick.

5. Free Facebook Credits: basically you shouldn’t trust anything that offers something for free. When it sounds too good to be true, you can be pretty sure it’s a scam, just like free credits for Facebook games like Farmville, Cityville etc.

6. Breaking News: scammers know that most users will click on a link promising exclusive coverage, so stay alert and if you are not sure, check with online media websites for the story first.

7. Help, I Need Your Help And Money: if you get a message from a friend saying he has been robbed somewhere abroad and he is left with no phone, passport or money and then asks you for help, beware – his Facebook account has probably been hijacked by scammers. You can verify this also by asking your mutual friends if they received an identical message.

8.Shocking Headlines and Fake Celebrity Stories: scammers also often use sensational news or false stories with a headline including words like “shocking” because Facebook users tend to share them without verifying the news.

9. False Privacy Settings: scammers mainly want to get your login

The post Facebook Scams appeared first on HelpMyPC.

A malicious screen locker scam is doing the rounds posing as a Fine from An Garda Shiochana. It is professionally designed and distributed by cyber criminals. Most commonly such infections are spread using Trojans and misleading websites which exploits your computer’s security vulnerabilities. After infiltrating your computer this ransomware will completely block your desktop with a message stating that you have to pay a fine of 100 euro for watching child pornography, storing pirated content etc.

GARDAÍ ARE WARNING the public to be wary of a computer virus which locks computers displaying a police logo and asks users to pay a fine.

The scam has been in operation in other countries and Gardaí say that the virus detects the country in which the computer is located and downloads the appropriate police logo and locks down the user’s screen.

A Garda spokesperson has said that “members of the public would never be contacted in this way and that users should not share their bank details or pay out any money. If a computer user is deceived into paying a fine they should contact their local Garda station as soon as possible.”

If you have a problem with this or know of anyone with this issue call one of our Team today on freephone 1800 543 543

The post Garda Virus Hoax appeared first on HelpMyPC.

100 dollars for just 9 dollars? Crumbs.. that’s generous. It’s a wonder that Apple makes any money with marketing campaigns like this! (Or rather it would be, if the email could be trusted).

The message body of the email reads as follows:

Dear Apple Customer,

Apple is rewarding its long-term customers. Your loyalty for our products made you eligible for buying an Apple Discount Card. With this only 9 AU$ Discount Card you will have 100 AU$ credit at any Australian Apple Store or on http://www.apple.com/au/ .

To acquire your Apple Discount Card please download and complete the attached form.

100 AU$ Credit Bonus

( You will receive your Apple Discount Card via e-mail in the following 24 hours after your payment has been made.)

Attached to the emails is a file called:

Apple Discount - Complete this form to get your discount.html

If you make the mistake of clicking on the attached file, you will be presented with a form which asks for a surprising amount of information: your name, your address, date of birth, driver’s license, your mother’s maiden name.

That information is bad enough to hand over to the online criminals – but it gets worse.

The form goes on to ask for your credit card details – including your security code, what password you use for Verified by Visa / Mastercard SecureCode and even (rather cheekily) your credit limit!

Of course, the emails don’t really come from Apple – and users should never hand over such information. Just because an email is nicely formated and attractively presented with a friendly corporate logo and a too-good-to-be-true offer doesn’t mean that it should be trusted.

Take care folks – don’t let your lust for the iPhone 5 blind you to the risks of responding to unsolicited emails like this, or you could become the victim of identity theft.

Graham Cluney Naked Security

The post Bogus Apple Store discount card offer attempts to steal users’ identities appeared first on HelpMyPC.

A number of Naked Security readers have been in touch in recent days regarding a variety of direct messages that have been spammed out from compromised Twitter accounts.

The aim of the messages? To trick the unwary into clicking on a link.. and ultimately infect computers.

Here is one example:

your in this <Link to page on Facebook.com> LoL

And here’s another. Note that there are many different combinations of wording that can be used.

you even see him taping u <Link to page on Facebook.com> thats awful

Users who click on the link are greeted with what appears to be a video player and a warning message that “An update to Youtube player is needed”. The webpage continues to claim that it will install an update to Flash Player 10.1 onto your computer.

In this example, the program you are being invited to download is called FlashPlayerV10.1.57.108.exe, and is detected by Sophos anti-virus products as Troj/Mdrop-EML, a backdoor Trojan that can also copy itself to accessible drives and network shares.

Quite how users’ Twitter accounts became compromised to send the malicious DMs in the first place isn’t currently clear, but the attack underlines the importance of not automatically clicking on a link just because it appeared to be sent to you by a trusted friend.

If you do find that it was your Twitter account sending out the messages, the sensible course of action is to assume the worst, change your password (make sure it is something unique, hard-to-guess and hard-to-crack) and revoke permissions of any suspicious applications that have access to your account.

Graham Cluney, Naked Security

The post Twitter DMs from your friends can lead to Facebook video malware attack appeared first on HelpMyPC.

One example is the third most-Liked Facebook page, Texas HoldEm Poker, which had a weekly count that was down 275,352 as of Saturday, according to an independent page metric site, PageData.

If you drill down into pages’ growth charts, you’ll see that the drops began on Monday, 24 September.

Other pages that suddenly lost some warm and fuzzy include celebrity pages of Lady Gaga (down 104,125 for the past week), Eminem (-5,572) and Rihanna (-50,610).

Facebook confirmed to CNN that the slipping Likes numbers are part of a site upgrade (perhaps in response to the site’s admission that it has over 83 million fake profiles?), but it wouldn’t give details beyond pointing to a 31 August statement regarding improvements to site integrity systems.

The posting states that Facebook has recently increased automated efforts to remove Likes that may have been gained by means that violate Facebook Terms, including malware, compromised accounts, duped users or purchased bulk Likes.

The move shouldn’t make most pages deflate too much, Facebook says:

On average, less than 1% of Likes on any given Page will be removed, providing they and their affiliates have been abiding by our terms. … While we have always had dedicated protections against each of these threats on Facebook, these improved systems have been specifically configured to identify and take action against suspicious Likes.

One source of Like inflation are networks of zombie accounts run by bot masters.

Researchers at the University of British Columbia last year created a network of some 100 Facebook bots and found it was easy to evade Facebook detection, convincing thousands of real Facebook users to friend their lifeless fabrications – particularly when they employed photos of attractive women.

Another source of fake Likes is a phenomenon known as a tagging session.

A Valentine’s Day page, bleating about Love and Like, adorned with red and pink hearts, is an example.

That Facebook page conducts frenzied, 10-minute Liking and Sharing sessions, the rules of which state that it will ban participants who don’t tag 99% of the sites being promoted.

But just who, exactly, gets hurt by fake Likes? Those who are trying to accurately measure how well their marketing efforts are doing.

Jon Loomer, a social media consultant, is one of those people.

In January, he posted about being targeted by Like scams.

Loomer happily watched his Likes grow, only to find that much of it came from tagging-session participants who didn’t have a clue who he was or what his page was for.

As such, he was left in the dark regarding what real relationships he’d managed to form:

An inflated number is not reality. It doesn’t give me an accurate reflection of how I’m doing. So if I’m doing poorly, I want the numbers to reflect that. I don’t want a lie that will deflect the truth.

Regardless of what Facebook does to weed out fake Likes, the black market will evolve. We’ll continue to see bots that add friends, spam messages and Like pages.

But people who buy into these offers for bogus page promotion, such as “500 Likes for $5!”, will get what they paid for: junk.

They’ll get 80% bots and 20% people who’ve been spammed to death, notes Quora submitter Massimo Chieruzzi.

And as Loomer points out, some perfectly well-meaning people may well participate in tagging sessions:

They are struggling. They don’t want to spend the money on ads. Maybe they simply don’t know how to build a page honestly. Or they think this will lead to wealth.

But fake Likes are just smoke. They won’t help struggling businesses grow in any real sense.

So kudos to Facebook for popping the bubble, even if it’s only a temporary stop-gap before the black market evolves and finds more ways to rig the system.

Lisa Vaas, Naked Security

The post Facebook cracks down on fake “Likes” – Lady Gaga, Eminem and Rihanna lose out appeared first on HelpMyPC.

The latest campaign we have seen involves messages which, to all intents and purposes, look like they have come from Twitter.

Certainly, without close inspection, there’s nothing much to be suspicious about in regards to the email (although maybe they would have been more convincing if they had managed to reference your Twitter name if you have one).

Subject: Because you have more to show

We have something for you...

New Twitter profiles

Make your profile beautiful with a header image. Browse your new photo reel. Check out what other people are doing with their profiles.

The emails invite you to update your Twitter profile, to include the new format profile images that the micro-blogging site is attempting to push onto a slightly underwhelmed userbase.

But in this case the emails don’t come from Twitter at all. Because if you click on the links you are actually taken to a “Canadian pharmacy” website claiming to sell sexual enhancement drugs.

My guess is that the emails have been stolen lock-stock-and-barrel from a genuine Twitter communication, and just the links have been changed.

You should always be careful to check where a link is taking you, especially when contained in an unsolicited email, before you click on it.

In this case, it could just have easily linked to a bogus Twitter login page – asking you to enter your username and password – or a website hosting malicious code designed to infect your computer.

Graham Cluney, Naked Security

The post Invited to change your Twitter profile’s header image? Beware, it could be drug spam appeared first on HelpMyPC.

But which one is the best? We put the three major Windows browsers—Google Chrome 21, Microsoft Internet Explorer 9, and Mozilla Firefox 15—through their paces and crowned an overall winner.

Browser performance

When we looked at the browser contenders previously, we concluded that all the major browsers loaded webpages at similar speeds.

But many new Web apps and services rely heavily on HTML5 and JavaScript, so the browser makers have been spending a lot of development time making sure that their programs render such apps and services quickly and efficiently.

To gauge how well browsers handle HTML5 and JavaScript code, we subjected Chrome, IE, and Firefox to the Sunspider JavaScript benchmark and to the WebVizBench benchmark for HTML5. In addition, we tested on a PC with switchable Nvidia graphics hardware to see how each browser exploited the extra processing horsepower in the graphics card.

Our test PC was an Acer Aspire Timeline Ultra M5 laptop with a 1.7GHz Intel Core i5 processor and 6GB of memory. The switchable graphics system consisted of an integrated Intel HD Graphics 4000 chipset and a dedicated Nvidia GeForce GT 640M graphics card with 1GB of video memory.

In our WebVizBench HTML5 benchmark test, Chrome and IE 9 saw large increases in performance when we switched to the dedicated graphics card instead of the integrated graphics chip.

Chrome achieved an average score of 5502 when we used the integrated graphics system, and hit an average of 5825 when we used the Nvidia graphics card. IE 9 came in second with average scores of 4797 and 5642, respectively; Firefox finished third after posting average scores of 4492 and 5600. Notably, Chrome did almost as well on this test using the integrated graphics hardware as the other browsers did using the more powerful Nvidia graphics card. So if your PC has a weak graphics card, you’ll probably get better performance from Chrome than from Firefox or IE.

Our tests for JavaScript performance were less conclusive, with all three browsers rendering the benchmark’s JavaScript code within 15 milliseconds of one another. Internet Explorer 9 eked out a narrow victory, completing the Sunspider benchmark in 200 milliseconds. Chrome 21 finished in second place at 206 milliseconds, and Firefox 15 rounded out the three at 214 milliseconds.

Winner: Google Chrome. Browser performance will vary some depending on your PC, but Chrome was a solid all-around performer in our testing.

Ease of use

Current browsers continue the less-is-more trend that began with Google Chrome’s introduction in 2008, sporting thin toolbars and minimalist designs so that the page content takes center stage.

Internet Explorer 9: In IE 9, Microsoft chose a hyperminimalist approach with an extremely narrow toolbar and few on-screen controls. By default, IE 9 shows the address bar and tabs in the same row, which can make things a little too tight, especially if you frequently have a lot of tabs open at once (you can choose to show the tab bar in a separate row, though). On the far-right edge of the toolbar lie three buttons that take you to your browser homepage, show your favorites, or toggle various settings.

One nicety in IE 9 is its unobtrusive method of providing notifications: Instead of popping up an alert box that interrupts your browsing, it displays the message in a bar at the bottom of the browser window, where you can address it when you’re good and ready. In addition, IE 9 shows you a download’s progress via its taskbar icon, which fills in with green as you download a file.

Chrome 21: Google has stuck with the same basic look and feel for Chrome since releasing it in 2008. It has no title bar, and by default it shows only the back, forward, and reload buttons, as well as the combined search/address bar and a button on the far right that opens a tools menu. The start screen helps you reach your most visited sites, as well as any Web apps you’ve added via the Chrome Web Store. When you download a file, it appears in a gray bar that lives at the bottom of the window.

Firefox 15: While most other browsers now feature a combined search and address bar, Mozilla keeps the two separate in Firefox 15. Whether separate fields are better than combined ones is a matter of personal preference. (Note that Firefox does let you search from the address bar and remove the separate search box is you prefer.)

One convenient feature of Firefox allows you to switch between search engines readily: If you want to use Bing instead of Google, for instance, you can do that with two clicks. Chrome permits you to switch between search providers, too, but requires a quick tweak in the Settings screen. With IE you need to install an add-on for each search provider (other than Bing) you want to add.

Like other current Windows browsers, Firefox doesn’t show a menu bar by default; the various menu options live in a single menu that pops up when you click the orange ‘Firefox’ button in the upper-left corner of the window.

Winner: Tie. In truth, you won’t find much differentiation between browser interfaces these days. All the prominent ones work the same, save for a few fairly minor differences.

Security and privacy features

To say that security and privacy concerns are a big deal for browser makers would be a gross understatement. All of the major browsers have some baseline security and privacy features, such as pop-up blockers, protection against phishing attacks, and some sort of cookie blocking and filtering.

Internet Explorer 9: IE 9 is easily the most flexible browser out there with regard to privacy settings. Its advanced security settings let you block or allow all sorts of things, but those granular controls are a bit much for most users. For the rest of us, IE 9 offers a choice of various preset security and privacy levels.

IE 9 also includes a reputation-based download checker: If you download a questionable or previously unknown file, the browser will warn you about it. If the file is safe, it’ll download the file, no questions asked. That last bit is useful because it reduces “warning fatigue”—you’ll get a warning only when necessary.

In addition, IE 9 will let you see a privacy summary of the site you’ve just visited to learn whether it tried to use cookies to track you, among other things. IE 9 also features Tracking Protection, which allows you to set the browser to automatically block participating websites from setting a third-party cookie to track your movements online.

Firefox 9: Firefox’s privacy and security settings cover all of the basics. It can block phishing sites and other malicious sites, and it permits you to turn on Do Not Track to block third-party cookies. Beyond that, Firefox 9 will clearly show you whether a shopping or banking site is safe, questionable, or unsafe via a badge in the address bar. And it includes a link to a Firefox-specific plug-in checker site so you can see if any of your plug-ins are in need of updating.

Chrome 21: Chrome’s claim to security fame is the sandboxing feature, which quarantines each webpage you open so that it can’t interfere with other pages you already have open, or with anything else on your PC. For example, if a page you visit tries to download a piece of malware to your PC without your knowledge, the sandboxing feature should prevent that site from carrying out its evil deeds.

Chrome does tie into a number of Google services, though; for instance, it uses Google services to autocomplete your search queries, predict which site you meant to visit if you mistype the address, and so on. If you don’t trust Google, you’ll want to look through Chrome’s privacy settings carefully.

Winner: Chrome…with a catch. Chrome’s sandboxing feature still makes it the browser to beat, but you should be mindful of its tie-ins with Google’s other services.

If you could pick only one…

Google Chrome comes out ahead of its rivals, but the competition is closer than you might think. Although Chrome’s simplicity, speed, and good security give it the edge over Internet Explorer and Firefox, both IE and Firefox still have a lot to offer in those areas. But hey, they’re all free! Try them all, play with them, and get a feel for them, and soon you’ll be able to select the one that works best for you.

Nick Mediati

The post Web browser showdown: Which Windows app is really the best? appeared first on HelpMyPC.

The bug, which was publicly reported on the Full Disclosure security mailing list Tuesday by Adam Gowdiak, the founder and CEO of Polish security firm Security Explorations, can be leveraged to hijack a machine equipped with Java, letting attackers install malware on the system.

Windows PCs and Macs are equally at risk if their users have installed Java, or in the case of OS X, are running 10.6, aka Snow Leopard, or earlier. Snow Leopard was the last edition where Apple bundled Java with the operating system.

All currently-support versions of Java, including Java 5, Java 6 and Java 7, contain the bug.

Gowdiak has found other Java vulnerabilities in the past: Earlier this year he reported more than a dozen to Oracle. Months later, hackers independently uncovered one of the bugs, then began using it in widespread attacks during August.

On Aug. 30 Oracle shipped one of its rare emergency, or “out-of-band,” security updates to patch the exploited Java bug.

The vulnerability Gowdiak revealed Tuesday was both potentially more serious than the already-exploited flaw and less of a risk to users at the moment.

“The potential impact is bigger when it comes to the number of Java desktops,” said Gowdiak in an email reply to questions. “The vulnerability affects up-to-date installs of Java 5, 6 and 7. We even tested the developer preview of Java 7 Update 10, a build from Sept. 20, 2012, [and] verified it was also vulnerable.”

The Java zero-days exploited by cyber criminals last month were in Java 7 only—the newest edition—and because of that, Gowdiak and other experts recommended users downgrade to Java 6, which was safe.

Not the case now, as all editions of Java harbor the flaw.

Gowdiak, using installed-base statistics cited by Oracle, argued that approximately 1 billion computer users are at risk because of the unpatched vulnerability.

On the other hand, there is much less urgency with this vulnerability than the one exploited last month for the simply fact that there’s no evidence it’s in the hands of hackers. “We are not aware of any active attacks that would exploit this vulnerability,” Gowdiak said.

While Gowdiak said that he found the new Java bug last week—and took the weekend to create and test a proof-of-concept exploit—he only reported it to Oracle on Tuesday. In a follow-up email to Computerworld, Gowdiak said, “We just received confirmation of the issue from Oracle.”

The company also told him that the bug will be patched in a future Java security update, but that it did not name which. The next on Oracle’s quarterly schedule will ship Oct. 16.

That was one of several reasons Gowdiak used to explain why he went public with the bug—albeit sans technical details—rather than privately reporting it to Oracle and waiting for the company to quietly patch Java. “There are still three weeks until the scheduled Java October Critical Patch Update [CPU], so it might be possible that Oracle manages to address the bug [on Oct. 16],” he said.

Gowdiak also said it was “simply our obligation to provide users with a proper warning,” especially in light of recommendations last month to shift from Java 7 to the then-safe Java 6.

The fact that Java 6 is vulnerable will be of special interest to anyone using a Mac that runs OS X 10.6 (Snow Leopard) or OS X 10.5 (Leopard). Although Apple stopped bundling Java with OS X starting in 2011, 2009’s Snow Leopard and 2007’s Leopard included the software. If hackers have found—or do find—Gowdiak’s vulnerability on their own, and exploit it before Oracle patches, Snow Leopard and Leopard users will be at risk, just like those running Lion or Mountain Lion.

The publicity of the newest Java zero-day—several media outlets reported it yesterday—will, of course, put some pressure on Oracle to act quickly, a reason often cited by security researchers who broadcast the existence of a flaw before a patch is available.

Gowdiak had an answer for that, too.

“We [make] public announcements, so that users are aware that there are some risks associated with given software or a technology, and can plan their actions accordingly,” he said. He also declined to share more information about the nature of the vulnerability than the vague description in the Full Disclosure message.

Gowdiak confirmed that his proof-of-concept exploit worked against the Java plug-in used by the current versions of Chrome, Firefox, Internet Explorer 9, Opera and Safari on Windows 7.

As virtually every security professional has done when a Java vulnerability or exploit surfaces, Gowdiak yesterday urged users to disable the plug-in in their browsers until Oracle issues a patch.

Security Explorations keeps an up-to-date account of the vulnerabilities it reports to vendors, and their reactions, if any, on its website.

Instructions for disabling Java in the major browsers can be found on the US-CERT (United States Computer Emergency Readiness Team) website.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg’s RSS feed . His email address is gkeizer@ix.netcom.com.

The post Windows PCs and Macs at risk of another zero-day Java bug appeared first on HelpMyPC.

More than a week before, Microsoft had backed away from an earlier position that held it would not patch Flash until late October. Instead, the company promised to update the media player “shortly.”

Microsoft, not Adobe, is responsible for patching Flash Player in Windows 8 because the company mimicked Google’s Chrome by building the software into IE10, the new operating system’s browser. Microsoft announced that move in late May, when its top IE executive, Dean Hachamovitch, said, “By updating Flash through Windows Update, like IE, we make security more convenient for customers.”

But the Redmond, Washington developer ran into trouble from the get-go. Although Adobe shipped a pair of security updates in August that patched eight vulnerabilities, Windows 8 RTM, the finished code that began reaching users that same month, lacked those fixes.

One of the eight Flash bugs has been exploited by hackers, perhaps for months. An elite hacker gang known for finding and leveraging unpatched vulnerabilities has been among those hijacking Windows PCs with the flaw.

Friday’s Flash update will be offered to Windows 8 RTM, and to the final public beta, Windows 8 Release Preview. That sneak peak, which users downloaded free of charge, does not expire until Jan. 31, 2013.

Computerworld confirmed that the update boosted IE10′s Flash Player to version 11.3.374.7 on Windows 8 RTM. On Friday, Adobe confirmed that that edition contained the patches for the eight vulnerabilities it patched Aug. 14 and Aug. 21.

Yunsun Wee, director of Microsoft’s Trustworthy Computing team, also clarified how the company will treat future Flash updates for IE10 in Windows 8.

“On a quarterly basis when Adobe normally issues Flash Player updates, we will coordinate on disclosure and release timing,” pledged Wee.

Her reference to an Adobe quarterly Flash schedule was odd; although Adobe tries to adhere to an regular cadence for Adobe Reader — not always successfully — it has never set something similar for Flash Player.

Thus far during 2012, in fact, Adobe has issued seven Flash updates: One in February; two in March; one each in May and June; and two in August. If Adobe is adopting a quarterly patch process for Flash Player, it has kept that under wraps.

Wee also admitted that Microsoft will need to deliver “out-of-band” updates — those outside its usual monthly Patch Tuesday — to keep IE10′s and Windows 8′s Flash in sync with the Flash plug-ins Adobe maintains for other browsers.

“When the threat landscape requires action outside of Adobe’s normal update cadence, …we will issue updates outside of our regular monthly security bulletin release,” Wee said in a Friday post to the Microsoft Security Response Center’s blog.

Those out-of-band Flash updates could quickly pile up. If Windows 8 had been available from the start of 2012, in the best circumstances Microsoft would still have had to deliver emergency Flash updates in February, March and August.

Even then, Microsoft would have had to hustle to work the other four Flash updates into its next Patch Tuesday: In one instance, Flash was updated on Patch Tuesday, while in two others, Microsoft would have had just four days to prepare. The fourth Flash update was released eight days before the next Patch Tuesday.

More information on the Flash Update to IE10 and Windows 8 can be found in Microsoft’s security advisory.

Windows 8 users can obtain the Flash update via the Windows Update service, as well as through the enterprise-grade WSUS (Windows Server Update Services).

Microsoft’s made good on a September 11 promise to patch Windows 8′s baked-in Flash Player.

PC World Blog.

The post Microsoft fixes Windows 8 Flash bugs appeared first on HelpMyPC.

Here at SophosLabs we have looked at previous incarnations of the ZeroAccess rootkit in depth, describing how it enslaves victim PCs, adding them to a peer-to-peer botnet which can receive commands to download further malware.

Most recently, Sophos’s researchers explored how ZeroAccess took a major shift in strategy, operating entirely in user-mode memory.

Due to the continued high profile of this malware family we felt it was necessary to examine the threat in greater detail, not only the latest version of ZeroAccess, but also the ZeroAccess botnet as a whole.

SophosLabs researchers can reveal that the current version of ZeroAccess has been installed on computers over nine million times with the current number of active infected PCs numbering around one million.

ZeroAccess uses a peer-to-peer network to download plugin files which carry out various tasks designed to generate revenue for the botnet owners. Our researchers monitored this network for a period of two months to discover where in the world the peers were located and what kind of files the botnet was being instructed to download.

We found the IP addresses of infected machines from a total of 198 countries ranging from the tiny island nation of Kiribati to the Himalayan Kingdom of Bhutan, as can be seen when the infected machines are plotted on a world map:

The largest numbers of infected computers were found in the USA, Canada and Western Europe:

Our research has discovered that the ZeroAccess botnet is currently being used for two main purposes: Click fraud and Bitcoin mining.

If running at maximum capacity the ZeroAccess botnet is capable of making a staggering amount of money: in excess of $100,000 a day.

We have also reverse-engineered the mechanisms by which the ZeroAccess owners keep tabs on the botnet, and discovered an array of techniques used that are designed to bury the call-home network communications in legitimate-seeming traffic.

James Wyke, Naked Security

The post Over 9 million PCs infected – ZeroAccess botnet uncovered appeared first on HelpMyPC.