From Sophos To Spam

Wednesday, January 23, 2008 0:44 | Filed in Scams & Spams, Technology

I’m a regular reader of the Sophos Labs’ Blog where I get to be kept informed about latest virus threats, email chain letters and the like (this last through regular reviewing of Sophos Labs’ Most Recent and Prevalent Hoaxes).

And two things struck me today.

Firstly, that someone has written a trojan (for the non-techies, a trojan is in effect a computer virus that can’t launch automatically — basically, you have to download it and run it. Usually they are disguised as something else, or bundled in with something else) that comes with a cracked version of the JAWS screenreader software (again for the non-techies, “cracked” software is an illegal version of existing software that allows it to run without you having got a licence key). And this stops you running any screenreader software (after 26 Dec 07).

So, technically the only people falling foul of this exploit are those who’ve tried to get an illegal copy of the JAWS screenreader. But as if you’ve ever copied music from your ownCDs to your computer, you’ll have broken the law, I’m not to be taking the moral high ground, casting the first stone and so on. What I will say is that this is one of the reasons using unlicensed software is a risk. If you don’t implicitly trust where it has come from, how do you know they’ve not included in with the modified software something that will steal your bank details?

Bizarrely enough — and as Sophos indicate — all this seems to do is to punish screenreader users (in particular anyone who relies on their screen reader) by preventing any of them working, once they’ve installed this cracked version. It doesn’t appear to steal any other details, or do anything else. Simply a trojan that attempts to take the moral high ground, which strikes me as somewhat odd.

Next, Sophos suggested that we should Petition Gordon Brown for a UK e-crime unit. Personally, I think this is a good idea. This sort of thing needs techical specialists, not PC Brown from Anglesey considered the IT expert because he has wireless broadband (no offense, PC Brown!). It’s just that their call to arms set off my “bullshit detector”.

In April 2006 the National High-Tech Crime Unit (NHTCU), the British police organisation dedicated to fighting computer crime, was closed down and its work transferrred to the Serious Organised Crime Agency (SOCA). This decision raised concerns at the time in the security community, and even companies like Microsoft have described the facilities for reporting e-crime in the UK as “inadequate”.

An online petition to Prime Minister Gordon Brown has been set up to call for the creation of a central e-crime police unit, as proposed by the Metropolitan Police and the Association of Chief Police Officers.

Sophos Labs Blog

…on first glance it looked to me as though they were using Microsoft to make their argument sound more forceful; and specifically without supplying a link to a Microsoft site (i.e. something with microsoft.com in it) that would back up their claim. They do link to The Register, which is a well known techy site that I’m aware of (but not everyone would be). And it still ain’t Microsoft.

And when you specifically see their information on hoaxes and chain letters–

Many virus hoaxes

  • falsely claim to describe an extremely dangerous virus
  • use pseudo-technical language to make impressive-sounding (but impossible) claims
  • falsely claim that the report was issued or confirmed by a well-known company
  • ask you to forward it to all your friends and colleagues

Sophos Advice for Chain Letters/Hoaxes

Okay, I’m just having a bit of fun. I know it’s not a scam, or a chain letter. Sophos specifically didn’t send this out via email (so far as I am aware, anyway); they don’t ask you to forward it on, and they don’t claim that not signing the petition will “destroy the boot sector of your hard disk” or anything like that. It’s just the sort of thing that would look suspicious if it arrived in my inbox…

PS if you fancy a laugh, read the text of the Sophos entry for the Amish Virus Hoax.

You can leave a response, or trackback from your own site.

3 Comments to From Sophos To Spam

  1. Mike Cherim says:

    January 30th, 2008 at 4:16 am

    The Amish Virus Hoax is good stuff. :)

  2. Graham Cluley, Sophos says:

    February 25th, 2008 at 5:13 pm

    We would have linked to Microsoft’s website if we had been able to find somewhere on their site where they had said what they told The Register. :-)

    Nice blog entry by the way. There are only 4 days left for people to participate in the petition before it closes on Feb 29 2008 – it would be great if more people made their opinions heard.

    Cheers, Graham

  3. garment sales worldwide says:

    September 9th, 2011 at 10:38 pm

    Recommeneded websites…

    [...]Here are some of the sites we recommend for our visitors[...]……

Leave a comment