Posts Tagged ‘Information Website’

black hole

Suspected Malware Criminal Arrested

Blackhole malware exploit kit suspect arrested

Russian police have reportedly arrested a man on suspicion of masterminding two infamous hacking tools.

He is suspected of being the man behind the alias Paunch – the nickname used by the creator of the Blackhole and Cool exploit kits, sold to cybercriminals to infect web users with malware.

The Russian authorities have not confirmed the details.

But security firms said they had already detected a decline in the programs’ use.

A spokesman for the law enforcement agency Europol told the BBC: “Europol and the European Cybercrime Centre has been informed that a high-level suspected cyber criminal has been arrested.

“We can only refer you to the Russian authorities, they are the ones who should speak about this topic.”

The Russian police’s press office said it had nothing to add at this time.

However, Alexander Gostev, chief security expert at the Moscow-based internet protection provider Kaspersky Lab, said the arrest had been confirmed to him by “anonymous sources”.

Blackhole software The Blackhole kit offered an interface used to manage malware attacks

 

Spreading malware

The Blackhole kit, released in 2010, dominated the crimeware market throughout 2012 and the start of 2013, according to Fraser Howard, a researcher at the anti-virus company Sophos.

He said the code had been sold for an annual licence of $1,500 (£940) or could be rented from its creator for $200 (£125) for one week’s use, among other price plans.

The software targeted a range of vulnerabilities in the Java programming language, Adobe’s Flash media player, Windows software and PDF files.

It had two ways of doing this:

  • adding malicious code to hundreds of thousands of legitimate websites, which then copied malware to visitors computers
  • creating links in spam messages to specially created sites that infected PCs
Blackhole email
Sophos said that Blackhole was used to send links that directed users to sites that downloaded malware

Among the malware downloaded was:

  • fake anti-virus software that falsely claimed the PC was infected and urged the user to pay a fee to remove viruses
  • Trojans that attempted to steal financial records stored on the PC
  • the ZeroAccess rootkit, which downloaded other software that hijacked the PC for use in a botnet – a facility used to overwhelm websites with traffic and force them offline
  • key loggers that took a record of what was typed on the PC
  • ransomware that attempted to blackmail the PC owner

Although Mr Howard said Blackhole was once the biggest threat of its kind, he added that in recent months it had been overshadowed by rival kits, including Sweet Orange and Neutrino.

According to the researcher, the Blackhole and Cool kits put together were only involved in about 4% of all malware detected by Sophos in August, down from 28% the previous year.

The figure had since dropped to 2% in recent days, he added.

Another independent security blogger stressed that the arrest was still significant.

“If it’s true that the brains behind the Blackhole has been apprehended it’s a very big deal – a real coup for the cybercrime-fighting authorities, and hopefully cause disruption to the development of one of the most notorious exploit kits the web has ever seen,” said Graham Cluley.

“However, it’s worth remembering that nature abhors a vacuum, and there would surely be other online criminals waiting to take their place, promoting their alternative exploit kits and malicious code.”

Mikko Hypponen, chief research officer at F-Secure, agreed.

“If indeed it is Paunch that they arrested, that is a major arrest – he is a big deal,” he told the BBC.

“He was clearly the biggest player in providing exploit kits – not just by selling them, but also renting and leasing them to online criminals.

“Both Blackhole and its successor Cool have been very popular.

“Users didn’t have to be very technical to operate them – there was a manual that came with them – they just had to get them running and be able to break into a high-profile website, or create a new one from scratch, to install something bad on your computer.”

This story appeared on the BBC News Technology Section

Suspected Malware Criminal Arrested – Irish Web Design

Gremlins poster

The dreaded Blackhole Exploit Kit is back

The dreaded Blackhole Exploit Kit is back!

Gremlins attack websites

The last week has seen a resurgence of this malicious software appearing on websites around the globe.

Visitors to the sites who have AVG Anti Virus software installed on their systems receive a warning about the infection.

Website owners who do not act quickly to deal with the infection and clean up their websites may find Google blocking access to their websites.

The Blackhole Exploit Kit and it’s many variations was developed by some of the most skilled computer criminals in the world.

It is thought that these gangs originate in Russia or Eastern Europe.

The Blackhole exploit kit is now the most prevalent web threat globally.

The criminals make the software available as a kit on an outright sale or licence basis and each version is tweaked to suit the ‘end user’ criminal’s particular purposes.

In general, the kit uses hidden code to analyse the software on the computer it attacks to find any vulnerabilities.

When it finds some software which can be exploited, it will then run another piece of software, which often in the form of a pop up window.

This appears to be a warning about a malware or virus infection when in point of fact, it is a malware!

The  computer is now under ‘remote control’ by the hackers, who can return and take over running the machine at any time.

What is particularly worrying about this infection is that there is at present no ‘magic bullet’ or simple cure.

Irish Web Design – the dreaded Blackhole Exploit Kit is back AKA Black hole exploit kit.

ireland website security

Solutions for Website Security

Irish Web Design are please to announce that they have created a series of packages to provide a high level of security to small to medium business websites.

The packages are designed especially for WordPress based information, blog, news and e-commerce on-line shop websites.

 

barbed wire pattern

 

Irish Web Design described the packages as consisting of the three S’s: Scan, Secure Survey.

The website security measures involve scanning the websites for issues, securing the site and finally setting up a surveillance system to monitor the website in the longer term.

It is estimated that hundreds of thousands of websites around the globe that are running the WordPress software have been infected by malicious software.

Some of the software infects the computers of visitors, who may find a realistic looking ‘Anti Virus Scanner’ pop up on their computer.

The owner is informed that his machine is infected and this software will remove the threats and provide on-going security.

This ‘peace of mind’ only costs a very modest amount, typically $10 to $20.

This is a scam, the programme is not real.

What the criminals who are behind the scam want are your credit or debit card details.

They may wait a long time before they use the information gained to empty your account of funds.

There are many variation on these scams, including straightforward blackmail: you want your site back, you will pay.

Irish Web Design have researched the issue and designed a solution to ensure that website owners can sleep at night.

While there can never be an absolute guarantee as situations can change very rapidly the system is designed to provide alerts to any suspicious activity.

Contact Irish Web Design if you want your website audited and secured.

 

 

 

 

 

 

Solutions for Website Security

Irish Web Design work on Dragons Den

At Irish Web Design we were delighted to have one of our long standing clients appear on the Dragon’s Den recently.

The original Log Holder Company website was purely an information site, and served the business well in its early days of trading.

When Seamus Connolly decided to step up a gear he decided to have an e-commerce website where customers would be able to choose and purchase their log holders online.

log-holder-company-dragons-den-V5-960x330

Irish Web Design designed, printed and mounted the sign that appeared with Seamus in the Dragon’s Den, and featured prominently in the final film.

The Log Holder Company logo was created by Irish Web Design based on an idea by the client.

log-holder-company-hand-crafted-in-ireland-V5-960x330

Despite tight deadlines the website was ready to deal with orders as the show was screened, and was delivered on budget.

New ranges of Log Holders have been introduced and a photo shoot has been booked so that Irish Web Design can create a new set of professional standard photographs.

The new product photos will be used on the online shop and for other promotional purposes such as a new edition of the Log Holder Company’s electronic brochure or e-brochure as they are called.

The site has been well designed when it comes to Search Engine Optomisation, or SEO and began to feature highly on Google straight away.

It was very gratifying to see the Irish Web Design work on Dragons Den, and know that it would serve our client  well.

Visit the Log Holder Company Website Here

Irish websites attacked

A report from the BBC News website reported:

WordPress website targeted by hackers

Wordpress website
WordPress users are advised to change their user names

WordPress has been attacked by a botnet of “tens of thousands” of individual computers since last week, according to server hosters Cloudflare and Hostgator.

The botnet targets WordPress users with the username “admin”, trying thousands of possible passwords.

The attack began a week after WordPress beefed up its security with an optional two-step authentication log-in option.

The site currently powers 64m websites read by 371m people each month.

According to survey website W3Techs, around 17% of the world’s websites are powered by WordPress.

“Here’s what I would recommend: If you still use ‘admin’ as a username on your blog, change it, use a strong password,” wrote WordPress founder Matt Mullenweg on his blog.

He also advised adopting two-step authentication, which involves a personalised “secret number” allocated to users in addition to a username and password, and ensuring that the latest version of WordPress is installed.

“Most other advice isn’t great – supposedly this botnet has more than 90,000 IP addresses, so an IP-limiting or login-throttling plugin isn’t going to be great (they could try from a different IP [address] a second for 24 hours),” Mr Mullenweg added.

Matthew Prince, Chief Executive and co-founder of Cloudflare, said that the aim of the attack may have been to build a stronger botnet.

“One of the concerns of an attack like this is that the attacker is using a relatively weak botnet of home PCs in order to build a much larger botnet of beefy servers in preparation for a future attack,” he wrote in a blog post.

“These larger machines can cause much more damage in DDoS [Distributed Denial of Service] attacks because the servers have large network connections and are capable of generating significant amounts of traffic,” he added.

Hi-tech crime terms

  • Bot – one of the individual computers in a botnet; bots are also called drones or zombies
  • Botnet – a network of hijacked home computers, typically controlled by a criminal gang
  • Malware – an abbreviation for malicious software ie a virus, trojan or worm that infects a PC
  • DDoS (Distributed Denial of Service) – an attack that knocks out a computer by overwhelming it with data; thousands of PCs can take part, hence the “distributed”
  • Drive-by download – a virus or trojan that starts to install as soon as a user visits a particular website
  • IP address – the numerical identifier every machine connected to the net needs to ensure data goes to the right place.

Many Irish websites attacked, and further information provided by Blacknight revealed that:

Last Tuesday they began to see high load on a small number of their shared hosting servers, upon investigation they saw the cause was an unusual number of login requests to the admin section of WordPress sites.

It quickly became obvious the scale of this attack was far greater than the usual attacks seen on self-hosted WordPress sites and was the work of a large botnet.

Our technical team work around the clock to ensure servers and services remain online and work as expected. While many hosting companies began reporting the attack and took action at a server level, including in some cases blocking access to wp-login, we worked to mitigate the issue at a network level. This was due mainly to the large number of servers involved.

The attack slowed down on occasions during the week and then increased again with some characteristics changing to overcome the defence mechanisms that were put in place.
By Friday afternoon the attack was no longer growing and the number of new IPs we were seeing had reduced greatly, the attack continued to slow at the weekend.

So here are some numbers and statistics that we are happy to share.

Over the week our Engineering team recorded over 10 million login attempts originating from over 190,000 IPs, of that we blocked 65,000 IPs from over 183 countries, from our network during the attack.

Top 30 – blocked IPs by country

13866 : BR, Brazil
6313 : TR, Turkey
2909 : MX, Mexico
2419 : IN, India
2252 : PL, Poland
2171 : ID, Indonesia
1862 : VN, Vietnam
1795 : AR, Argentina
1751 : KR, Korea, Republic of
1568 : RS, Serbia
1431 : GR, Greece
1392 : PT, Portugal
1366 : FR, France
1319 : TH, Thailand
1281 : EG, Egypt
1185 : VE, Venezuela
1118 : MA, Morocco
1035 : DZ, Algeria
907 : RU, Russian Federation
873 : CL, Chile
801 : BA, Bosnia and Herzegovina
796 : UA, Ukraine
775 : SA, Saudi Arabia
769 : ES, Spain
754 : RO, Romania
752 : IT, Italy
728 : CO, Colombia
569 : MY, Malaysia
527 : PE, Peru
475 : US, United States

 

Athy Tyre Service Website

Athy Tyre Services Home-Page

Athy Tyre Services Home-Page

Athy Tyre Service Website is now live.

Created in restful greens this project was recently completed for Brendan Loughman.

Brendan runs Athy Tyre Services along with M and L Autoparts on the outskirts of Athy at Bennetsbridge, on the Kilkenny Road leading to Ballylinan.

This long established business has a fine reputation for all things automotive.

Tyres from all major brands including Pirelli, Dunlop, Goodyear, Firestone, Michelin, Continental and Bridgestone are supplied, fitted and balanced for all makes of cars, commercials and agricultural vehicles.

The website also has a section on servicing and repairs.

Irish Web Design are responsible for the information website design, copyrighting, graphic design and original professional photography.

Link to the Athy Tyre Service Website

Athy Tyre Services Home Page in full

Athy Tyre Services Home Page in full

Athy Rowing – Canoeing Club

Athy Rowing – Canoeing Club Winners

athy rowing canoeing club member in skiff

 

 

Athy Rowing & Canoeing (ARC) club have been selected as winners of our recent website competition held in conjunction with What’s On Athy magazine.

A large number of applications were received from all sectors of the community but ARC was unanimously picked by our judging panel.

What’s On Athy caught up with Chairman of ARC, Clifford Reid, upon receiving the news.

“We are extremely delighted that our application was selected. The website will open up a whole new avenue for us in terms of promoting not only our club but also advocating the use of Athy’s unique waterways system.

We established the club back in June and since then membership has exploded.
The website will further help us to develop and grow our organisation.

We now have over 60 members participating in the many various disciplines of Rowing or Canoeing and the Club continues to grow rapidly.

The Website will aid us greatly in attracting new members and help highlight what Athy has to offer in terms of outdoor pursuits and water based activities”.

Since its inception, ARC has placed a strong emphasis on safety, training and personal development. Currently, 16 members are training to receive their Level 3 Canoe Skills qualification with the assistance of Outdoor Tourism and Go With The Flow River Adventures.

“I’d like to thank Patricia Berry and the team in Outdoor Tourism for their help over the past few months.

Our club is not just about getting people on the water and having fun.

It is also involves providing people with technical skills, physical training and personal development.

Patricia and the team have recognised this and have been extremely helpful in assisting us”.

“By next summer we hope to have several of our members gaining a recognised Canoeing Instructor qualification from Canoeing Ireland.

This will not only be highly beneficial to our club but be of great benefit to them in their personal lives.

It will open up employment opportunities for them with the many Outdoor Adventure companies and centres spread throughout the country”.

Mr Reid continued to explain that the club also currently has members pursuing qualifications as Lifeguards and that a Kayaking skills course is commencing in December.

This will then be followed by a Sports First Aid course expected in the new year.

If you are interested in joining Athy Rowing & Canoeing, the club trains 3 times a week.

This consists of Saturday morning on the River at the Boat Slip form 10 am and two week-night sessions in the Gym and Pool.

“The Club is currently open to over 18’s only but it is hoped to extend this to under-age next summer when we have enough qualified people to facilitate it”.

Those interested in joining the can contact Cliff Reid on 087 206 1999 for more information.

Their club website is expected to be up and running within the coming weeks and we would like to wish Athy Rowing & Canoeing the very best for the future and congratulations once more from What’s On Athy.

Athy Rowing & Canoeing Club Athy County Kildare winners of the Irish Web Design ‘win a website competition’.

Visit the Athy Rowing Canoeing Club Website

The website has been constructed with Search Engine Optomisation SEO in mind.

What’s On Athy Magazine Website Relaunched

Whats On Athy magazine website under maintenance interactive web page

What’s On Athy magazine website relaunched

The What’s On Athy website relaunched recently. This was in time to showcase the August issue of the magazine.

An Athy business directory is now part of the website. Businesses and organisations in the area can create a free listing.

The business directory listing can include photographs and links to a website. There are the usual usual address, telephone and email contact details.

There is room for a full description of the business. This should show up well in Google and other search engine results.

A new look and new features for a popular website.

Irish Wed Design Site a hit Down Under

Map of Australia from Irish Flooring Academy website
We are delighted to hear that our clients The Irish Flooring Academy have had contact from a company in Australia looking for suitably qualified carpet and vinyl fitters.

The company was sufficiently impressed by the Academy’s website to ask them to process the applications, carry out preliminary interviews and draw up a short-list of candidates.

Here are the details published on the website which can be visited here: Irish Flooring Academy

The Irish Flooring Academy has been aware for some time that there are many people in the industry who see further training as essential to gaining employment in the difficult economic circumstances that Ireland is currently in.

In an exciting development the Irish Flooring Academy has just received a request from a carpet fitting business in Australia to supply suitably qualified staff for their operation.

Known as ‘Floor Finishers’ in Australia the company, which is located in Queensland, is looking for people who are experienced in dealing with installing a range of materials to a high standard.

The company is part of the largest carpet retailers in Australia with branches in every part of the country.

Floor Finishers are one of the occupations found in the latest Australian Government Department of Immigration and Citizenship Consolidated Sponsored Occupation List issued on the 1 July 2012.

This means that Floor Finishers with recognised skills seeking to work in Australia can apply for a working visa as long as they are being sponsored by an Australian employer.

Maurice Flinter of the Irish Flooring Academy said “It’s a tribute to the reputation of the Irish workforce and recognition of the part played by the Irish Flooring Academy in delivering world class training”.

The Irish Flooring Academy has been asked to facilitate the Australian company by supplying a short list of suitable candidates.

Maurice continued “We are confident that we will be able to deliver the right candidates for this employer and this may well lead to many more vacancies becoming available in the future.”

Those interested in taking part in the process are asked to forward their CV to:

Irish Flooring Academy, Unit Athy Business Campus, Kilkenny Road, Athy, Co Kildare.

Those wanting email should send it to: info (at) irishflooringacademy (Dot) com

CV’s may also be faxed to 059 863 4832.

Free Website

win-a-free-irish-web-design-websiteCOMING SOON!

A competition not to be missed.

Irish Web Design in conjunction with What’s On Magazines are offering one lucky individual, business or organisation the opportunity to have a professionally designed website created free of charge.

Click here for more information

Visit Us On TwitterVisit Us On FacebookCheck Our Feed