Crisis Financial Malware Spreads Via VMs

The Crisis financial malware that was recently found can spread using the capabilities in VMWare.

The malware is also known as Morcut or the malicious rootkit.  Morcut is spread via an installer that is disguised as an Adobe Flash Player installer.  It was first found by Kaspersky last month who found it attacking Macintosh OS X computers.  The installer which is a Java archive (JAR) called Maljaba by AV vendor Symantec.  The archive looks like is has been signed by VeriSign.  The Java archive also has the ability to infect Windows macines that have the Crisis rootkit.

The Java Archive has two programs, one for OSX and one for Windows.  The proper executable is dropped on the machine based upon which operating system it is running.  The executable that is dropped on an infected machine  open a back door into the infected computer.

The Crisis malware includes some Windows only features and proagation techniques.  On Windows systems the threat makes a copy of itself and an autorun.inf file to an attached removeable disk (USB thumb drive, etc).

Another method it uses is to install itself onto a VMWare virtual machine.  And the last method could be the most scary of them all, it tries to install itself onto windows mobile deivces.

There are many pieces of malware that will not run if they are running on a VM machine but this is the first one I have heard of that tries to distribute itself via VM's.  According to research from Symantec, the malware does not jump into VM's via some security hole or flaw in VMWare, instead it writes directly to the files that make up the VM image.

As I learn more I will keep this post updated.


What happened to Internet marketing?

I have been getting a lot of questions about what is happening with Internet Marketing.  For many people, their whole marketing engine has just almost come to a stop.

I agree, there have been over the last 6 - 8 months major changes in the IM world.  I have some thoughts on why this is. 

It seems the most affected are those that market to the actual Internet Marketing community and those that are looking for a way to make money online.

It was bound to happen...  There are self proclaimed guru's re-hashing the same material over and over and at the same time selling thier "secrets" for pennies on the dollar.  So, people looking to learn how to make money are getting more than anything junk which turns them off.

Plus, now we have PLR everywhere for just a couple of bucks.  Low price equates to low quality in most people's minds.

Now, if you are not selling to the IM community, things are still good, not as good as they were but still making money.  It is getting harder and hard though because there are some big companies now getting into just about every product.  For example, say I am selling an ebook on dog training.  I am sure amazon has much more on dog training than my ebook.  Plus amazon has a great reputation already with just about everyone.  However, I have no reputation with people just searching.

So what now?  That is the 2nd most popular question I get.  There is no single answer, it really depends on the niche you are in.  If you are in the IM niche, get out.  In my niche's I have done a number of things.  I have created real books from some of my ebooks and they are selling on amazon now.

One of my niche's has a "kit" that is physical.  In that case I have teamed up with other sites that in the niche to have them promote on an affiliate basis.

So are info products dead?  No, but they are much more difficult to sell.  Think about turning that info product into a video training and selling that as a DVD, on-line training or even a micro membership site.