A British company has been accused of selling mobile phone tracking software to the Iranian Government.

The Telegraph writes that Creativity Software signed a contract two years ago to “provide lawful intercept solutions” to Iran, and alleges that this software could have been used to track protesters.

The deal was signed with one of the biggest mobile phone networks in Iran, Irancell, on 1 August 2009. An Iranian journalist, Saeid Pourheydar, says that the technology was used to track down protesters, even when they were not using their phones. He adds that he was “presented with his ‘entire phone history’ when he was arrested”.

The newspaper report adds that a major shareholder in Creativity Software is a company called MMC Ventures; and both the CEO and chairman of this outfit contributed towards William Hague’s private office.

However, the Department for Business, Innovation and Skills told the newspaper that the software was not covered by export controls and therefore Creativity Software has done nothing wrong. A spokesman said: “The Government actively discourages all trade with Iran. We take any reports of exports being misused overseas seriously. It does not appear that the exporter has broken the law.”

The news comes just a week after allegations that the Metropolitan Police had deployed software to track, and remotely jam the mobile phones of protesters in London. The Guardian reported that the software developer, Datong, sells its products to nearly 40 countries worldwide, including some in the Middle East, but does not give details of which. It does, however, add that “in 2009 it [Datong] was refused an export licence to ship technology worth £0.8m to an unnamed Asia Pacific country, after the Department for Business, Innovation and Skills judged it could be used to commit human rights abuses.”

Wired.co.uk has left a message with Creativity Software and is awaiting its response.

Source:http://www.wired.co.uk/news/archive/2011-11/07/iranian-phone-tracking-allegations

Investigators at Kaspersky Lab the security company have warned that a phony VirusTotal online site is spreading malware.

It may be noted that VirusTotal is one widely used facility with which computer operators can scan files using numerous anti-virus engines. A huge number of professionals as well as routine end-users use this website nearly everyday.

Typically, the fake website, which Kaspersky investigators spotted, appears identical to the original VirusTotal site and encourages visitors for executing a malicious Java applet.

This applet doesn’t have a signature from an authorized certificate; therefore the fake site asks end-users to confirm after running it, albeit the impact isn’t too varied as evident from the same type of assaults over the past.

The applet essentially represents an installer of Java-based Trojans, which spreads a malicious program that Kaspersky Lab has detected as Worm.MSIL.Arcdoor.ov.

Telling more about the said assault, Kaspersky stated that the worm’s objective was to infect PCs and recruit them to a botnet through which Distributed Denial-of-Service (DDoS) attacks would be carried out. Also, the infected PCs would exchange messages with the command-and-control (C&C) server regarding their type, hostname, operating software version etc., the company added. Net-security.org published this on May 24, 2011.

Kaspersky stressed that normally the above kind of assaults took place via one main hub that was used for the attacker to work out hostile maneuvers with the help of Cythosia or NOise viz. names of web-software DDoS Framework. Those software programs made an extensive impact and thus raised their demand amidst hackers mainly from Germany, Kaspersky continued.

Citing the above assault, Kaspersky cautioned that malware purveyors had recently started to put together malicious JavaScript as well as social engineering tactics, as the combination let them to contaminate PCs irrespective of which operating system or Web-browser the machines used.

However, identifying the above online danger as proactive, the security company goes on with investigating into the offensive operations.

Eventually, exploitation of VirusTotal’s brand name for disseminating malware isn’t something new. During February 2010 too, according to security specialists, cyber-crooks utilized a phony VirusTotal site so they could spread ’scareware’ to contaminate users’ computers.

Source:http://www.spamfighter.com/News-16240-Phony-VirusTotal-Website-Pushes-Malicious-Software-Kaspersky.htm