This hacking gang is using the trojan tool that removes other viruses before setting-up shop on breached computers, which I reported in October. The most common compromised machine is XP with service pack 2 at 47%. Another 37% is XP with no service pack or service pack 1. This I do not understand at all -- if you are going to use your computer on the Internet, you absolutely must keep it up-to-date with patches and fixes. Over 12,500 of the compromised machines are in the US.
Finally, this group push two messages, "pump-and-dump" and penis enlargements. The "pump-and-dump" is penny stocks. It is believe the reason must be that these two items are the most lucrative.
If you want to learn more about how one of these operations work, check out the eWeek article. In addition, make sure you are protecting yourself:
- Keep your OS up-to-date
- Use an anti-virus tool that is kept up-to-date, daily
- Use a spyware protector
- Use a firewall such as ZoneAlarm; using a software firewall will allow you to be notified if unauthorized programs try to access the Internet
- Do not use Internet Explorer or Outlook Express
- Do not click on links in emails; type the address manually into your browser (this is to protect you against phishing; read more at Wikipedia)
- Do not open attachments that you are not expecting (even if you know the sender)
- Use a credit card for online purchases, NOT a debit card
- Use McAfee SiteAdvisor or similar to identify problematic sites (Firefox extension)