I've been hanging around Download Squad HQ enough to know that our readers love hearing about Twitter ad nauseam, and that none of those readers fear being RickRolled or ever click on links originating from profiles they wouldn't trust. But just in case you should happen upon this post from an outside source, and you aren't a regular DLS reader (gasp), there's something you need to know.

The BBC reported today that the first Twitter-specific attack has been discovered by the fine folks at Kaspersky. The fake profile uses the name "Pretty Rabbit" in Portuguese -- and it's frustrating me to all ends that I can't seem to find a reference or semi-accurate translation of what that user name might actually be -- and claims that clicking the tweeted link will take the viewer to YouTube for some adult video action.

But because there is so much wrong in this world, errant clickers don't get to see the adult video -- at least, not without paying the price. Instead, a fake version of Flash is downloaded, which has the hidden skill of harvesting all sorts of data and transforming your beloved Twittering machine into a zombie node, allowing bad men, women and rabbits to wreak criminal havoc all over the web.

Similar worms have been discovered on MySpace and Facebook, so please, choose your friends wisely.

The offending malicious applications only affect Windows-based systems. No word on whether the faux-Flash works with Linux or Mac, so while those users (who are over 18, of course) are safe from the malware, they will probably not get to see the exciting video Pretty Rabbit in Portuguese was referring to.

UPDATE: On behalf of everyone at DLS, I'd like to give a big thanks to Ed Mercer for the heads up that though the Portuguese username literally translates "Pretty Rabbit," the word "coelhinha" is often associated with Playboy Playmates/Bunnies. "Pretty Playmate" may be a more accurate translation in this case.

The Flash security flaw that we recently wrote about has been addressed by Adobe and a new version is being offered.

This security flaw was affecting PC and Mac users and allowed hackers to redirect you to nasty .SWF files which could then potentially execute malicious code on your machine.

You can feel secure (as well as warm and fuzzy) by downloading a Flash update with the fix here.

It's a pretty fast response to a pretty serious issue, so Adobe gets the pass this time.

Special thanks to commenter daniel free for the heads up!

[via cnet]

It has come to our attention that there's an Adobe Flash player vulnerability in the wild that may affect your PC.

Simply by visiting a naughty website, the unsuspecting web visitor will be attacked with a piece of code that redirects you to an evil .SWF file that can then execute nasty code on their PC.

Adobe has blogged about the issue, but hasn't issued any releases, or patches to take care of the problem as of yet. Security firm Symantec says that 20,000 web pages may be affected by this style of attack.

Since there's no real way around getting hit with this one, you can either disable your flash player altogether, or get the No-Script add-on for your Firefox browser.

[via webmonkey]

UPDATE: Adobe has issued a fix, click here to update. Read here for more info.

The internet is a scary place. No, we're not talking about predators out to rob you or offer candy to your kids. We're talking about malware like viruses, worms, and trojans. According to security company Symantec, the amount of malware on the internet has reached an all-time high, with over 1 million malicious programs in circulation.

A surprsingly large number of those threats were developed in the last year, with 711,912 new pieces of malware coming out in 2007 compared with 125,243 in 2006.

The good news for Linux and OS X users is that most of these threats are targeted at computers running Windows. And the good news for Windows users is that most of these applications are variations of older threats, which means if your anti-virus software is up to date, you should be relatively safe.

Of course, Symantec puts reports like this out there in order to sell its own security software. But there are several excellent free anti-virus suites that will also help protect your computer from most threats.

[via BBC News]

If you're not sure whether or not it's safe to download that email attachment your nice new friend from Nigeria sent you, odds are you shouldn't. But if you want a second, third, and 14th opinion you might want to forward your email to VirusTotal.

All you have to do is hit the forward button, and send your message to scan@virustotal.com. Change the subject line to SCAN and delete anything in the body of the message you don't feel like sharing. Note that there's a 10MB file size limit, and if you forward a message with multiple attachments, VirusTotal will only check one.

VirusTotal will scan your file using a variety of anti-virus tools including AVG, ClamAV, Kaspersky, and McAfee. When it's done, VirusTotal should send you an email letting you know the status of your file. But it may take a while to get that response if the server is busy.

You can also upload files directly to VirusTotal's main page for a quicker scan. But that only works if you've already got the potentially infected file on your computer.

[via Digital Inspiration]

Have you been so busy sending angry letters to Saturday Night Live about their choice of actors to portray Barack Obama that you've fallen behind on your Download Squad reading? Not to worry. Here's a roundup of some of the stories you might have missed this week:

Download Squad at Future of Web Apps

Download Squad's Grant Robertson hit up the Future of Web Apps 2008 conference in Miami this week. And he's been kind of busy. Here are just a few of the topics he's covered or live-blogged:

• Scaling Web Applications
• Google's Kevin Marks and the future of APIs
• Bringing a Web App to the masses
• Adding new features to existing applications
• Leah Culver of Pownce on the future of web services
• Launch an app in 40 minutes
• How to grow a community in the future

DivX shuts down Stage6 online video site

This week DivX shut down the online video sharing site Stage6. The web service never got as much attention as YouTube, DailyMotion. But it was a favorite among online video connaisseurs for its excellent video quality. DivX is now directing users to check out online video site Veoh.

TotalEdit 4.1: Text editor for programmers

TotalEdit is an advanced text editor with programs that could come in handy for coders, including syntax-coloring, code-folding, and line-numbering. There's also a portable version you can run from a USB drive. But one of the best things about this article is the fact that a bunch of readers weighed in with their favorite text editors in the comments.

There's nothing special about Windows Mobile, Palm, or Symbian devices that make them virus-resistant. It's just that for the most part malicious hackers haven't tried to target mobile devices because there hasn't been that much information worth stealing. But as people put more and more valuable data on their cellphones and PDAs, those devices are becoming more attractive targets.

And so we probably shouldn't be surprised that McAfee released an alert this week that a virus targeting the Windows Mobile operating system is making the rounds. The WinCE/InfoJack trojan has been packaged with several Windows Mobile programs, including a version of Google Maps, and a game collection.

McAfee has traced the program back to a single web site, whose maintainer says it was designed to track what type of devices people are using to run applications. But it has a ton of properties of a virus. For example, if it's on a memory card it will automatically install itself on a Windows Mobile device when that memory card is inserted. It backs itself up to protect itself from deletion. It installs itself as an autorun program, and allows unsigned applications to install without asking for permission first.

While there are a handful of anti-virus applications for Windows Mobile out there, something tells us we're about to see a lot more of them soon.

[via TechBlog]

We were at a major electronics retailer a few days ago, gazing lovingly at the little ASUS Eee. We were not alone. There were three other people poking, prodding, and tapping the tiny machine.

We watched as a couple approached the little machine with a salesman. They jiggled the keys. They ran their fingers on the touchpad. They asked why the user interface wasn't as familiar as their home machine.

"Linux," said the salesman. (He was ever so helpful.)

The next question, "Does it come with anti-virus?"

That certainly stumped the salesman. He answered a non-answer, really. "Linux," he said, "It has Linux anti-virus."

For the record, the Eee, which runs a form of Xandros, does in fact have anti-virus. We are pretty sure the reason for this is two-fold. One, it puts some people's minds at rest to have something called "anti-virus" on their computer. Two, it does isolate and quarantine viruses -- viruses that might not affect Linux itself, but could easily be passed on to a Windows machine.

That's not to say there aren't viruses that can target Linux. Historically, there have been some. And there are browser exploits, of course, that no operating system is completely immune from. However, viruses, as we think of them in the Windows world, are highly unusual.

We know what you want to ask, so here's the answer right away: Runscanner is not a sequel to (or, heaven help us, a prequel to) the movie Blade Runner. So what is it?

Runscanner is a free windows system utility which scans your system for all configured running programs. Runscanner will detect all programs that start automatically, including spyware, adware, and homepage hijackers. In other words, if opening your web browser makes your screen blow up like the fourth of July fireworks show, you'll probably want to download and run Runscanner.

Runscanner offers a lot in its small package: Google search integration, Authenticode signature analysis, VirusTotal integration, and FileAdvisor and CastleCops integration, which allow you to compare the MD5 hash of your files with their respective online databases.

With three modes: beginner, classic, and expert, you can wade in slowly or jump right into the deep end. The Beginner mode is particularly unique: you can't make any changes to your system when in beginner mode. However, you can save the Runscanner log files and upload them to a Forum Expert. They in turn can mark the items that need fixing, send the file back to the beginner, and have them run only the fixes the expert has designated as necessary. Creepy, but with good execution; kind of like Michael Jackson's "Thriller."

Classic mode's primary use is to eliminate malware, and offers easy one-click fixes. Expert mode includes startup tweaks, with more scanning, reporting, and filtering options.

Runscanner is freeware, and currently in beta.

[Via gHacks.net]

If you thought the Y2K bug had a lot of world ending potential, you might want to skip this post right now. If we don't blow ourselves up by 2038, the end of the world is going to have little to do with nukes and a lot to do with Unix because Unix systems can't keep track of the date past January 19, 2038.

According to Y2K38.info, Unix keeps track of the date and time using a four byte integer that represents the number of seconds past January 1, 1970. The integer can only get so big before having to restart from zero. If a machine can't restart it's time, which may be the case for many Unix systems, it will crash. Hackosis confirms this problem has the potential to affect Linux boxes too. Unfortunately, machines running on *nix operating systems act as the backbone for much of the cyber-world, meaning we may see anything from planes falling out of the sky to the internet shutting down when this hits.

Are you scared yet? Probably not, and neither are we. 2038 is far, far away, and it's very unlikely that we'll be using the same technology for pretty much anything when the year comes. Also, there's way too much money to be lost to a simple little bug, and no company's going to stand by and let that happen. Finally, keep in mind that Y2K38.info has been around since before the year 2000, meaning the author wrote much of the content on the site without seeing the results of the Y2K bug. However, the site is still up, so the author must believe it's still a problem. For those interested, the site is headlined by a countdown timer in binary, decimal, and date forms, which are definitely worth checking out if you're into ones and zeros.

The gaffe came in the form of a routine virus update this past Wednesday night. Kaspersky mistakenly identified Explorer as an infected file. For those not familiar with Windows' internals, Explorer serves as the core of the Windows interface, handling the Desktop, Start bar, and file management. Without this core component, Windows becomes inoperable.

Realizing their mistake, the company pulled the flawed definition about two hours later. However, untold numbers of customers were already experiencing the quarantine, and in some cases deletion of explorer.exe. While this isn't the first time a virus company has make a false positive, it is none the less a serious mistake that will certainly mean serious downtime for some organizations. Or at least, the organizations that haven't switched to Linux or Mac by now.

Late last week, Intego Security released a press release detailing a new Trojan web variant, aimed at Mac users. A Trojan, known as OSX.RSPlug.A (or OSX/Puper), is installed on the system by the user, under the guise that it is a video codec, required for playing a free video file.

The installer, under the clever name MacCodec, requires administrative access to install (meaning the user has to not only specifically agree to download the file, he/she has to enter in the admin password before it will install), and instead of installing a codec, it runs a script that creates a scheduled task that changes the DNS server, in an attempt to redirect users to malicious phishing sites. Unsurprisingly, this Trojan seems to be almost exclusively targeting porn sites that offer those always-hard-to-resist "Download Sample Now" or "Free movie clip" downloads.

Like clockwork, the pandering , the hysteria and the schadenfreude has already hit the web. Many of these articles fail to adequately underscore a few points that, we at Download Squad, think are pretty important for users to consider:

ZoneAlarm has launched a public beta of a new security tool that basically puts your web browser into a sandbox. Visit sites you know are unsafe, check your bank statements on a computer that you know is infected with viruses and spyware.

We caught up with ZoneAlarm Director of Consumer Product Management John Gable at ShowStoppers in New York, and he told us a bit about the new product. ZoneAlarm ForceField sets up a "virtualized surfing" system, that prevents your PC from downloading malicious code from the web. It also prevents keylogging, blocks spyware, and scans downloads. There's also a private browsing feature that immediately erases all details of your browsing session once you shut down the browser.

ZoneAlarm ForceField is free while in beta, but will cost $30 when it's officially launched next year. The program works with Internet Explorer and Firefox (but not Opera), and is Windows only.

ZDNet UK is reporting that a just-discovered bug in OpenOffice can victimize versions of the software running on Mac and Linux in addition to Windows. The bug allows an attacker to use malformed TIFF images to run malicious code on the user's computer, ostensibly for the purpose of spreading the malicious code like a trojan. The official explanation of a heap overflow exploit can be found here. (Sounds likes when there's too much garbage in our can.)

OpenOffice's developers have not yet released a fix for the bug (update: the bug does not exist in version 2.3 or newer), but the firm that discovered it is advising OpenOffice users to "be careful" with attachments received from unknown sources. Good advice--whether you run OpenOffice, Microsoft Office, or Wordstar.