...Tech We’re In a Fight ~*~ Xilly’s Blog ~*~ Wired Kayaker Podcasts Wired Kayaker Podcast......Cheer, Netop? » Workout on Friday, Blog Well on Saturday By Drew |......is that not everyone reads blog posts during the week. Many......I’m not trying to read blog posts and get back to......the http://imnotafamousblogger.com blog. On that blog I interview the great bloggers......their own post for my blog and they can include their......these too… How to Add Your Blog to SocialSpark – Blogger Version How......Blogger Version How to Add Your Blog to SocialSpark – Typepad Version What......Responses to “Workout on Friday, Blog Well on Saturday” ...

Home
About Contact Disclosure Policy
Ultimate IZEAFest Prize Pack10 Great Reasons to Go! To IZEAFest10 Items to Bring With Youto IZEAFest 2009 var now = new Date(); // set this value to the countdown date. var then = new Date("October 1, 2009"); var gap = then.getTime() - now.getTime(); gap = Math.floor(gap / (1000 * 60 * 60 * 24)); document.write(gap); days untilIZEAFest 2009 Visit Affiliate Summit var zy_theme = "le-frog";var zy_options = {};zy_options["id"] = "zy_fans";zy_options["site"] = "zhuyo.com";zy_options["account_id"] = "54404";zy_options["follow"] = 3;zy_options["updates"] = 1;zy_options["tweethis"] = 1;zy_options["no_default"] = 1;zy_options["rows"] = 2;var zy_1 = new Zhuyo(zy_options, zy_theme);zy_1.init(zy_1.renderFollowers); BenSpark Merchandise
2009 Photo-A-Day Calendar
"I'm Not A Famous Blogger" T-Shirt
BenSpark Recommends
Recent Posts Winners of the Ultimate IZEAFest Prize Pack Contest My 7th Company Picnic Daddy Daughter Date Day 2 You Knew it Was Coming Poking Holes in it Taking (Remote) Control Stocked Up! Ultimate IZEAFest Finalists We Were Both Too Tired To Sleep Life Coach Judge – Kim Ann Curtin What people are saying Drew on Winners of the Ultimate IZEAFest Prize Pack Contestcbthatsme on Winners of the Ultimate IZEAFest Prize Pack ContestDrew on Winners of the Ultimate IZEAFest Prize Pack ContestMLDina on Winners of the Ultimate IZEAFest Prize Pack ContestDrew on 10 Essential Items for IZEAFest 2009 BenSpark's Photos My Buzznet My Flickr My Gizfolio My Utterz My Vazaar My Zooomr Photo-A-Day Hosts A Little Bit of Everything Air Mattress Bed Ami-Chan.net Antioxidants Beautiful British Columbia Beth & Cory’s Mom Brain Foggles christine-murphy dot net Connie’s View Flamingo Fotos I know EVERYTHING In Our Backyard Misplaced Momma My Chronic Life My Opinion Counts Six Great States Sparky’s View Stephen the Dog Tales From The BallPark Texas RV Travel Blog The Passionate Ailurophile The Pond The Purrfect Website The Raging Tech We’re In a Fight ~*~ Xilly’s blog ~*~ Wired Kayaker Podcasts Wired Kayaker Podcast #1 Wired Kayaker Podcast #2 Wired Kayaker Podcast #3 Wired Kayaker Podcast #4 Wired Kayaker Podcast #5 Search   August 2009 M T W T F S S « Jul      12 3456789 10111213141516 17181920212223 24252627282930 31   Archives Select Month August 2009  (33) July 2009  (50) June 2009  (42) May 2009  (40) April 2009  (58) March 2009  (82) February 2009  (39) January 2009  (60) December 2008  (46) November 2008  (50) October 2008  (52) September 2008  (66) August 2008  (57) July 2008  (74) June 2008  (56) May 2008  (77) April 2008  (61) March 2008  (61) February 2008  (56) January 2008  (56) December 2007  (87) November 2007  (107) October 2007  (116) September 2007  (148) August 2007  (85) July 2007  (92) June 2007  (99) May 2007  (125) April 2007  (127) March 2007  (67) February 2007  (107) January 2007  (99) December 2006  (109) November 2006  (75) October 2006  (69) September 2006  (53) August 2006  (56) July 2006  (57) June 2006  (48) May 2006  (47) April 2006  (54) March 2006  (45) February 2006  (46) January 2006  (58) December 2005  (84) November 2005  (66) October 2005  (77) September 2005  (66) August 2005  (59) July 2005  (82) June 2005  (71) May 2005  (55) April 2005  (63) March 2005  (46) February 2005  (35) January 2005  (30) December 2004  (46) November 2004  (21) October 2004  (36) September 2004  (31) August 2004  (27) July 2004  (20) June 2004  (16) May 2004  (14) April 2004  (6) March 2004  (3) February 2004  (8) January 2004  (19) December 2003  (12) Meta Log in Entries RSS Comments RSS WordPress.org
« Vantage Point | Main | What Cheer, Netop? » Workout on Friday, blog Well on Saturday By Drew | July 11, 2009 Something that I have noticed every Friday when I workout is that I’m always the only person in our gym. No one is working out on Friday. I also notice that bloggers post a lot of their fluff on Saturday. The thing that I realize is that not everyone reads blog posts during the week. Many people save their reading for the weekend so why not give people something worth reading. That is one reason why decided to call my weekly post about SocialSpark, SocialSpark Saturdays. Saturday gives people time to read and digest extra detailed posts and try to follow step by step instructions. I’m more focused on the weekends because I’m not trying to read blog posts and get back to work all day through. On Saturday I can sit down for a solid un-interrupted hour and concentrate. I guess the point of this is that if you are bucking the trend a bit you are going to see some results. By working out Friday when everyone else is sleeping in (and I want to sleep in) I can focus on my own workout more intensely. The same thing with blogging, write some of your best stuff on the weekends and share it with everyone on the weekend and you just may build a bigger audience. So, for today’s SocialSpark Saturday let me introduce you to something that not a lot of bloggers take the time to learn about and that would be Sparks. Sparks are wonderful things because they allow you to write about many different topics and receive links back in return. Anyone can create a spark but you have to create an advertiser account to create a Spark. However, anyone can create an advertiser account. I created a Spark yesterday to help promote the http://imnotafamousblogger.com blog. On that blog I interview the great bloggers from the “I’m Not A Famous Blogger” IZEA Insiders Crew. The Spark can be found here. It is a little different because essentially the blogger will write their own post for my blog and they can include their own links of choice as they promote themselves and their blogs. My Spark is not the only one, there are many good choices and I encourage bloggers who have not yet gotten their blogs verified to take Sparks, meet other bloggers and build up their post counts and link backs. I’d also say stay with the BlogYouBack ones as they benefit you and make sure you write something quality. It might be just the thing to write on Saturday. Like this post? You might like these too… How to Add Your blog to SocialSpark – Blogger Version How to Add Your blog to SocialSpark – Typepad Version What the Heck is a CPC Opp? How Do I make Money with SocialSpark? Are you getting BenSpark.com in your inbox every day? Sign up to get the latest posts e-mailed directly to YOU. Enter your email address: Delivered by FeedBurner Like my Blog? Help support it by supporting my sponsors. Copyright (c) 2009 BenSpark.com Like it. Link It: Topics: IZEA Insiders, SocialSpark Saturdays | 4 Comments »
4 Responses to “Workout on Friday, blog Well on Saturday”

...Tech We’re In a Fight ~*~ Xilly’s Blog ~*~ Wired Kayaker Podcasts Wired Kayaker Podcast......Gold! » How to Add Your Blog to SocialSpark – Wordpress Version By......making up for it.) Adding your Blog to SocialSpark First off you need......above and you added your blog to the SocialSpark network then......this. Take a Look at your blog status. You will most likely......you need to claim the blog by clicking the “?” next......Your Blog. “Before you get your blog approved, we need to verify......as PPP Direct and SocialSpark Blog Sponsorships.“ We need to take care......body > tags in your blog html code. This might seem scary......of the html of your blog theme. You are most likely......and click refresh again. Once your blog status has two green checks......The most important step. Submit your Blog for Verification Once you have claimed......Verification Once you have claimed your blog and added the IZEA Tool......qualifications for having an approved blog first. This is from the......Blog”. A blog that has been Claimed, and......or Spanish Only Blogs. The blog and all posts relating to...

Home
About Contact Disclosure Policy
Ultimate IZEAFest Prize Pack10 Great Reasons to Go! To IZEAFest10 Items to Bring With Youto IZEAFest 2009 var now = new Date(); // set this value to the countdown date. var then = new Date("October 1, 2009"); var gap = then.getTime() - now.getTime(); gap = Math.floor(gap / (1000 * 60 * 60 * 24)); document.write(gap); days untilIZEAFest 2009 Visit Affiliate Summit var zy_theme = "le-frog";var zy_options = {};zy_options["id"] = "zy_fans";zy_options["site"] = "zhuyo.com";zy_options["account_id"] = "54404";zy_options["follow"] = 3;zy_options["updates"] = 1;zy_options["tweethis"] = 1;zy_options["no_default"] = 1;zy_options["rows"] = 2;var zy_1 = new Zhuyo(zy_options, zy_theme);zy_1.init(zy_1.renderFollowers); BenSpark Merchandise
2009 Photo-A-Day Calendar
"I'm Not A Famous Blogger" T-Shirt
BenSpark Recommends
Recent Posts Winners of the Ultimate IZEAFest Prize Pack Contest My 7th Company Picnic Daddy Daughter Date Day 2 You Knew it Was Coming Poking Holes in it Taking (Remote) Control Stocked Up! Ultimate IZEAFest Finalists We Were Both Too Tired To Sleep Life Coach Judge – Kim Ann Curtin What people are saying Drew on Winners of the Ultimate IZEAFest Prize Pack Contestcbthatsme on Winners of the Ultimate IZEAFest Prize Pack ContestDrew on Winners of the Ultimate IZEAFest Prize Pack ContestMLDina on Winners of the Ultimate IZEAFest Prize Pack ContestDrew on 10 Essential Items for IZEAFest 2009 BenSpark's Photos My Buzznet My Flickr My Gizfolio My Utterz My Vazaar My Zooomr Photo-A-Day Hosts A Little Bit of Everything Air Mattress Bed Ami-Chan.net Antioxidants Beautiful British Columbia Beth & Cory’s Mom Brain Foggles christine-murphy dot net Connie’s View Flamingo Fotos I know EVERYTHING In Our Backyard Misplaced Momma My Chronic Life My Opinion Counts Six Great States Sparky’s View Stephen the Dog Tales From The BallPark Texas RV Travel Blog The Passionate Ailurophile The Pond The Purrfect Website The Raging Tech We’re In a Fight ~*~ Xilly’s blog ~*~ Wired Kayaker Podcasts Wired Kayaker Podcast #1 Wired Kayaker Podcast #2 Wired Kayaker Podcast #3 Wired Kayaker Podcast #4 Wired Kayaker Podcast #5 Search   August 2009 M T W T F S S « Jul      12 3456789 10111213141516 17181920212223 24252627282930 31   Archives Select Month August 2009  (33) July 2009  (50) June 2009  (42) May 2009  (40) April 2009  (58) March 2009  (82) February 2009  (39) January 2009  (60) December 2008  (46) November 2008  (50) October 2008  (52) September 2008  (66) August 2008  (57) July 2008  (74) June 2008  (56) May 2008  (77) April 2008  (61) March 2008  (61) February 2008  (56) January 2008  (56) December 2007  (87) November 2007  (107) October 2007  (116) September 2007  (148) August 2007  (85) July 2007  (92) June 2007  (99) May 2007  (125) April 2007  (127) March 2007  (67) February 2007  (107) January 2007  (99) December 2006  (109) November 2006  (75) October 2006  (69) September 2006  (53) August 2006  (56) July 2006  (57) June 2006  (48) May 2006  (47) April 2006  (54) March 2006  (45) February 2006  (46) January 2006  (58) December 2005  (84) November 2005  (66) October 2005  (77) September 2005  (66) August 2005  (59) July 2005  (82) June 2005  (71) May 2005  (55) April 2005  (63) March 2005  (46) February 2005  (35) January 2005  (30) December 2004  (46) November 2004  (21) October 2004  (36) September 2004  (31) August 2004  (27) July 2004  (20) June 2004  (16) May 2004  (14) April 2004  (6) March 2004  (3) February 2004  (8) January 2004  (19) December 2003  (12) Meta Log in Entries RSS Comments RSS WordPress.org
« Hope for a Cure | Main | We Went Gold! » How to Add Your blog to SocialSpark – Wordpress Version By Drew | June 13, 2009 Many comments that I get from new I’m Not A Famous Blogger Crew Members and non-crew members alike have to do with getting their blogs added to SocialSpark and having them approved. There are a few places to get this information and while the information is sound I don’t think it covers it quite like this little tutorial will. So strap in because this SocialSpark Saturday post is Double Sized (I missed last week so I’m making up for it.) Adding your blog to SocialSpark First off you need to sign into SocialSpark and mouse over the Account tab. Next you will get a drop down menu of options. Choose Manage Blogger Account and Click it. From here you are going to want to click on the Blogs field in the middle of the screen. This will bring you to a list of your blogs (if you’ve already entered any). There is a link “Add Blog” Click it. Now you are on the add blogs page. There is much to fill out here. Click Submit at the bottom of the page and that’s it, you have now added your blog. Are you ready to claim it and submit it for approval… Sure you Are! LET’S DO IT! Claiming your blog Assuming that you follow my instructions above and you added your blog to the SocialSpark network then you are ready to claim your blog. It is pretty easy to do this. Take a Look at your blog status. You will most likely see three red X’s. This means that you have not claimed your blog. You can find out more about why you need to claim the blog by clicking the “?” next to Claim Your Blog. This is what you will see when you click the “?” next to Claim Your Blog. “Before you get your blog approved, we need to verify that you really are the owner. We have not yet verified that you own your site. Click the Get Code button to grab the code, place it on your site either before the closing HEAD tag or somewhere between the BODY tags. Then click Refresh here to run the verification script. Once you’ve claimed the site once, you can remove the claim code (Not ITK) from your site.“ The Second red X means that you have not installed the IZEA Tool Kit (ITK), you’re going to need to do this as well. Why? Here is the explanation that you see when you click the “?” next to Install ITK. “The IZEA ToolKit (ITK) is a suite of tools that maximizes what you can do in the IZEA Network. After you place a piece of Javascript code on your website, we begin collecting statistics that gives you a RealRank and allows you to use other network features such as PPP Direct and SocialSpark blog Sponsorships.“ We need to take care of the first two red X’s before we can tackle #3. To do this we are going to have to tackle code. Don’t worry it is not difficult at all. Click the Get Code button. The screen will darken and a new screen will appear with three boxes of code. You should only see three boxes if code is missing from your blog. So the first time you install code you will see a box of missing code that has both of codes from the second and third boxes (So you don’t have to copy and past code from each of the boxes. That would be redundant.). Just install the missing code anywhere between the < body > tags in your blog html code. This might seem scary to some but it really is not. Working with the code is not that difficult. These instructions are for the self-hosted Wordpress platform (honestly you really should have your own domain name and hosting and use Wordpress, I cannot stress this enough.). Go to your dashboard of your blog. Click on Editor under Appearance. This brings you to the theme editor where you can edit specific portions of the html of your blog theme. You are most likely looking for the header or footer files. The header has the open BODY tag and the footer has the close BODY tag. The code from SocialSpark needs to go after the open BODY tag and before the close BODY tag. Highlight and copy the code from SocialSpark. Go to your theme and paste this code. Then save the file and return to SocialSpark. Now you are back on the My Blogs page of SocialSpark and you are going to test to see if the code was added correctly (it had better be if you followed these directions). Start off by clicking the Refresh button. A spider will go out and check your code to see if the claim code is installed. If it is your red X will turn to a green checkmark. Please note that the ITK installed might not go to a green check right away. That is okay, give it a little while and click refresh again. Once your blog status has two green checks like the one below you are ready for the last step. The most important step. Submit your blog for Verification Once you have claimed your blog and added the IZEA Tool Kit to it you are ready to submit for verification and approval… or are you? Review the qualifications for having an approved blog first. This is from the Terms of Service. “”Verified Blog”. A blog that has been Claimed, and also meets these additional requirements: 1. Blogs Only. SocialSpark only accepts blogs, and not websites, message boards, e-mails, IM or other similar services. 2. English or Spanish Only Blogs. The blog and all posts relating to SocialSpa

...Tech We’re In a Fight ~*~ Xilly’s Blog ~*~ Wired Kayaker Podcasts Wired Kayaker Podcast......Gosh! » How to Add Your Blog to SocialSpark – Typepad Version By......on How To Add Your Blog to SocialSpark on June 13,......instructions for adding your TypePad blog to SocialSpark. Many comments that I......making up for it.) Adding your Blog to SocialSpark First off you need......above and you added your blog to the SocialSpark network then......this. Take a Look at your blog status. You will most likely......you need to claim the blog by clicking the “?” next......Your Blog. “Before you get your blog approved, we need to verify......as PPP Direct and SocialSpark Blog Sponsorships.“ We need to take care......body > tags in your blog html code. This might seem scary......the bottom and check the Blog Footer box and then click......and click refresh again. Once your blog status has two green checks......The most important step. Submit your Blog for Verification Once you have claimed......Verification Once you have claimed your blog and added the IZEA Tool......qualifications for having an approved blog first. This is from the......Blog”. A blog that has been Claimed, and...

Home
About Contact Disclosure Policy
Ultimate IZEAFest Prize Pack10 Great Reasons to Go! To IZEAFest10 Items to Bring With Youto IZEAFest 2009 var now = new Date(); // set this value to the countdown date. var then = new Date("October 1, 2009"); var gap = then.getTime() - now.getTime(); gap = Math.floor(gap / (1000 * 60 * 60 * 24)); document.write(gap); days untilIZEAFest 2009 Visit Affiliate Summit var zy_theme = "le-frog";var zy_options = {};zy_options["id"] = "zy_fans";zy_options["site"] = "zhuyo.com";zy_options["account_id"] = "54404";zy_options["follow"] = 3;zy_options["updates"] = 1;zy_options["tweethis"] = 1;zy_options["no_default"] = 1;zy_options["rows"] = 2;var zy_1 = new Zhuyo(zy_options, zy_theme);zy_1.init(zy_1.renderFollowers); BenSpark Merchandise
2009 Photo-A-Day Calendar
"I'm Not A Famous Blogger" T-Shirt
BenSpark Recommends
Recent Posts Winners of the Ultimate IZEAFest Prize Pack Contest My 7th Company Picnic Daddy Daughter Date Day 2 You Knew it Was Coming Poking Holes in it Taking (Remote) Control Stocked Up! Ultimate IZEAFest Finalists We Were Both Too Tired To Sleep Life Coach Judge – Kim Ann Curtin What people are saying Drew on Winners of the Ultimate IZEAFest Prize Pack Contestcbthatsme on Winners of the Ultimate IZEAFest Prize Pack ContestDrew on Winners of the Ultimate IZEAFest Prize Pack ContestMLDina on Winners of the Ultimate IZEAFest Prize Pack ContestDrew on 10 Essential Items for IZEAFest 2009 BenSpark's Photos My Buzznet My Flickr My Gizfolio My Utterz My Vazaar My Zooomr Photo-A-Day Hosts A Little Bit of Everything Air Mattress Bed Ami-Chan.net Antioxidants Beautiful British Columbia Beth & Cory’s Mom Brain Foggles christine-murphy dot net Connie’s View Flamingo Fotos I know EVERYTHING In Our Backyard Misplaced Momma My Chronic Life My Opinion Counts Six Great States Sparky’s View Stephen the Dog Tales From The BallPark Texas RV Travel Blog The Passionate Ailurophile The Pond The Purrfect Website The Raging Tech We’re In a Fight ~*~ Xilly’s blog ~*~ Wired Kayaker Podcasts Wired Kayaker Podcast #1 Wired Kayaker Podcast #2 Wired Kayaker Podcast #3 Wired Kayaker Podcast #4 Wired Kayaker Podcast #5 Search   August 2009 M T W T F S S « Jul      12 3456789 10111213141516 17181920212223 24252627282930 31   Archives Select Month August 2009  (33) July 2009  (50) June 2009  (42) May 2009  (40) April 2009  (58) March 2009  (82) February 2009  (39) January 2009  (60) December 2008  (46) November 2008  (50) October 2008  (52) September 2008  (66) August 2008  (57) July 2008  (74) June 2008  (56) May 2008  (77) April 2008  (61) March 2008  (61) February 2008  (56) January 2008  (56) December 2007  (87) November 2007  (107) October 2007  (116) September 2007  (148) August 2007  (85) July 2007  (92) June 2007  (99) May 2007  (125) April 2007  (127) March 2007  (67) February 2007  (107) January 2007  (99) December 2006  (109) November 2006  (75) October 2006  (69) September 2006  (53) August 2006  (56) July 2006  (57) June 2006  (48) May 2006  (47) April 2006  (54) March 2006  (45) February 2006  (46) January 2006  (58) December 2005  (84) November 2005  (66) October 2005  (77) September 2005  (66) August 2005  (59) July 2005  (82) June 2005  (71) May 2005  (55) April 2005  (63) March 2005  (46) February 2005  (35) January 2005  (30) December 2004  (46) November 2004  (21) October 2004  (36) September 2004  (31) August 2004  (27) July 2004  (20) June 2004  (16) May 2004  (14) April 2004  (6) March 2004  (3) February 2004  (8) January 2004  (19) December 2003  (12) Meta Log in Entries RSS Comments RSS WordPress.org
« Do you Use To Do Lists? | Main | Oh My Gosh! » How to Add Your blog to SocialSpark – Typepad Version By Drew | August 1, 2009 This is a partial reprint of my previous post on How To Add Your blog to SocialSpark on June 13, 2009. I’m Not A Famous Blogger Crew Member Veronica Thomas of V for … has provided me with screenshots and instructions for adding your TypePad blog to SocialSpark. Many comments that I get from new I’m Not A Famous Blogger Crew Members and non-crew members alike have to do with getting their blogs added to SocialSpark and having them approved. There are a few places to get this information and while the information is sound I don’t think it covers it quite like this little tutorial will. So strap in because this SocialSpark Saturday post is Double Sized (I missed last week so I’m making up for it.) Adding your blog to SocialSpark First off you need to sign into SocialSpark and mouse over the Account tab. Next you will get a drop down menu of options. Choose Manage Blogger Account and Click it. From here you are going to want to click on the Blogs field in the middle of the screen. This will bring you to a list of your blogs (if you’ve already entered any). There is a link “Add Blog” Click it. Now you are on the add blogs page. There is much to fill out here. Click Submit at the bottom of the page and that’s it, you have now added your blog. Are you ready to claim it and submit it for approval… Sure you Are! LET’S DO IT! Claiming your blog Assuming that you follow my instructions above and you added your blog to the SocialSpark network then you are ready to claim your blog. It is pretty easy to do this. Take a Look at your blog status. You will most likely see three red X’s. This means that you have not claimed your blog. You can find out more about why you need to claim the blog by clicking the “?” next to Claim Your Blog. This is what you will see when you click the “?” next to Claim Your Blog. “Before you get your blog approved, we need to verify that you really are the owner. We have not yet verified that you own your site. Click the Get Code button to grab the code, place it on your site either before the closing HEAD tag or somewhere between the BODY tags. Then click Refresh here to run the verification script. Once you’ve claimed the site once, you can remove the claim code (Not ITK) from your site.“ The Second red X means that you have not installed the IZEA Tool Kit (ITK), you’re going to need to do this as well. Why? Here is the explanation that you see when you click the “?” next to Install ITK. “The IZEA ToolKit (ITK) is a suite of tools that maximizes what you can do in the IZEA Network. After you place a piece of Javascript code on your website, we begin collecting statistics that gives you a RealRank and allows you to use other network features such as PPP Direct and SocialSpark blog Sponsorships.“ We need to take care of the first two red X’s before we can tackle #3. To do this we are going to have to tackle code. Don’t worry it is not difficult at all. Click the Get Code button. The screen will darken and a new screen will appear with three boxes of code. You should only see three boxes if code is missing from your blog. So the first time you install code you will see a box of missing code that has both of codes from the second and third boxes (So you don’t have to copy and past code from each of the boxes. That would be redundant.). Just install the missing code anywhere between the < body > tags in your blog html code. This might seem scary to some but it really is not. Working with the code is not that difficult. These instructions are for TypePad. Start with signing into your TypePad account and going to Weblogs. You will then need to go into the Design section of your blog. And then you will go into the Content Section. Once in Content, scroll to the bottom and check the blog Footer box and then click on the Pencil icon You will then receive a ‘pop-up’ – type SocialSpark in the Title bar and then the copied URL in the URL box. Click Save Then click ‘Save Changes’ at the bottom of the page Now you are back on the My Blogs page of SocialSpark and you are going to test to see if the code was added correctly (it had better be if you followed these directions). Start off by clicking the Refresh button. A spider will go out and check your code to see if the claim code is installed. If it is your red X will turn to a green checkmark. Please note that the ITK installed might not go to a green check right away. That is okay, give it a little while and click refresh again. Once your blog status has two green checks like the one below you are ready for the last step. The most important step. Submit your blog for Verification Once you have claimed your blog and added the IZEA Tool Kit to it you are ready to submit for verification and approval… or are you? Review the qualifications for having an approved blog first. This is from the Terms of Service. “”Verified Blog”. A blog that has been Claimed, and also meets these additional requirements: 1. Blogs Only. SocialSpark only accepts blogs, and not websites, message boards, e-mails, IM or other similar services

...Tech We’re In a Fight ~*~ Xilly’s Blog ~*~ Wired Kayaker Podcasts Wired Kayaker Podcast......Kneecap » How to Add Your Blog to SocialSpark – Blogger Version By......the How To Add Your Blog to SocialSpark Wordpress version and......the How To Add Your Blog to SocialSpark Typepad Version I......a How To Add Your Blog to SocialSpark Blogger Version was......post is Double Sized Adding your Blog to SocialSpark First off you need......above and you added your blog to the SocialSpark network then......this. Take a Look at your blog status. You will most likely......you need to claim the blog by clicking the “?” next......Your Blog. “Before you get your blog approved, we need to verify......as PPP Direct and SocialSpark Blog Sponsorships.“ We need to take care......body > tags in your blog html code. This might seem scary......the complete code of your blog is now in the Edit......and click refresh again. Once your blog status has two green checks...

Home
About Contact Disclosure Policy
Ultimate IZEAFest Prize Pack10 Great Reasons to Go! To IZEAFest10 Items to Bring With Youto IZEAFest 2009 var now = new Date(); // set this value to the countdown date. var then = new Date("October 1, 2009"); var gap = then.getTime() - now.getTime(); gap = Math.floor(gap / (1000 * 60 * 60 * 24)); document.write(gap); days untilIZEAFest 2009 Visit Affiliate Summit var zy_theme = "le-frog";var zy_options = {};zy_options["id"] = "zy_fans";zy_options["site"] = "zhuyo.com";zy_options["account_id"] = "54404";zy_options["follow"] = 3;zy_options["updates"] = 1;zy_options["tweethis"] = 1;zy_options["no_default"] = 1;zy_options["rows"] = 2;var zy_1 = new Zhuyo(zy_options, zy_theme);zy_1.init(zy_1.renderFollowers); BenSpark Merchandise
2009 Photo-A-Day Calendar
"I'm Not A Famous Blogger" T-Shirt
BenSpark Recommends
Recent Posts Winners of the Ultimate IZEAFest Prize Pack Contest My 7th Company Picnic Daddy Daughter Date Day 2 You Knew it Was Coming Poking Holes in it Taking (Remote) Control Stocked Up! Ultimate IZEAFest Finalists We Were Both Too Tired To Sleep Life Coach Judge – Kim Ann Curtin What people are saying Drew on Winners of the Ultimate IZEAFest Prize Pack Contestcbthatsme on Winners of the Ultimate IZEAFest Prize Pack ContestDrew on Winners of the Ultimate IZEAFest Prize Pack ContestMLDina on Winners of the Ultimate IZEAFest Prize Pack ContestDrew on 10 Essential Items for IZEAFest 2009 BenSpark's Photos My Buzznet My Flickr My Gizfolio My Utterz My Vazaar My Zooomr Photo-A-Day Hosts A Little Bit of Everything Air Mattress Bed Ami-Chan.net Antioxidants Beautiful British Columbia Beth & Cory’s Mom Brain Foggles christine-murphy dot net Connie’s View Flamingo Fotos I know EVERYTHING In Our Backyard Misplaced Momma My Chronic Life My Opinion Counts Six Great States Sparky’s View Stephen the Dog Tales From The BallPark Texas RV Travel Blog The Passionate Ailurophile The Pond The Purrfect Website The Raging Tech We’re In a Fight ~*~ Xilly’s blog ~*~ Wired Kayaker Podcasts Wired Kayaker Podcast #1 Wired Kayaker Podcast #2 Wired Kayaker Podcast #3 Wired Kayaker Podcast #4 Wired Kayaker Podcast #5 Search   August 2009 M T W T F S S « Jul      12 3456789 10111213141516 17181920212223 24252627282930 31   Archives Select Month August 2009  (33) July 2009  (50) June 2009  (42) May 2009  (40) April 2009  (58) March 2009  (82) February 2009  (39) January 2009  (60) December 2008  (46) November 2008  (50) October 2008  (52) September 2008  (66) August 2008  (57) July 2008  (74) June 2008  (56) May 2008  (77) April 2008  (61) March 2008  (61) February 2008  (56) January 2008  (56) December 2007  (87) November 2007  (107) October 2007  (116) September 2007  (148) August 2007  (85) July 2007  (92) June 2007  (99) May 2007  (125) April 2007  (127) March 2007  (67) February 2007  (107) January 2007  (99) December 2006  (109) November 2006  (75) October 2006  (69) September 2006  (53) August 2006  (56) July 2006  (57) June 2006  (48) May 2006  (47) April 2006  (54) March 2006  (45) February 2006  (46) January 2006  (58) December 2005  (84) November 2005  (66) October 2005  (77) September 2005  (66) August 2005  (59) July 2005  (82) June 2005  (71) May 2005  (55) April 2005  (63) March 2005  (46) February 2005  (35) January 2005  (30) December 2004  (46) November 2004  (21) October 2004  (36) September 2004  (31) August 2004  (27) July 2004  (20) June 2004  (16) May 2004  (14) April 2004  (6) March 2004  (3) February 2004  (8) January 2004  (19) December 2003  (12) Meta Log in Entries RSS Comments RSS WordPress.org
« Being Graceful | Main | On Momma’s Head I Might be Able to Touch a Kneecap » How to Add Your blog to SocialSpark – Blogger Version By Drew | August 8, 2009 After writing the How To Add Your blog to SocialSpark Wordpress version and the How To Add Your blog to SocialSpark Typepad Version I figured that a How To Add Your blog to SocialSpark Blogger Version was in order. And as I look through the blogs of members of the I’m Not A Famous Blogger Crew I see that many of them use blogger/blogspot. So I hope that this helps out. Many comments that I get from new I’m Not A Famous Blogger Crew Members and non-crew members alike have to do with getting their blogs added to SocialSpark and having them approved. There are a few places to get this information and while the information is sound I don’t think it covers it quite like this little tutorial will. So strap in because this SocialSpark Saturday post is Double Sized Adding your blog to SocialSpark First off you need to sign into SocialSpark and mouse over the Account tab. Next you will get a drop down menu of options. Choose Manage Blogger Account and Click it. From here you are going to want to click on the Blogs field in the middle of the screen. This will bring you to a list of your blogs (if you’ve already entered any). There is a link “Add Blog” Click it. Now you are on the add blogs page. There is much to fill out here. Click Submit at the bottom of the page and that’s it, you have now added your blog. Are you ready to claim it and submit it for approval… Sure you Are! LET’S DO IT! Claiming your blog Assuming that you follow my instructions above and you added your blog to the SocialSpark network then you are ready to claim your blog. It is pretty easy to do this. Take a Look at your blog status. You will most likely see three red X’s. This means that you have not claimed your blog. You can find out more about why you need to claim the blog by clicking the “?” next to Claim Your Blog. This is what you will see when you click the “?” next to Claim Your Blog. “Before you get your blog approved, we need to verify that you really are the owner. We have not yet verified that you own your site. Click the Get Code button to grab the code, place it on your site either before the closing HEAD tag or somewhere between the BODY tags. Then click Refresh here to run the verification script. Once you’ve claimed the site once, you can remove the claim code (Not ITK) from your site.“ The Second red X means that you have not installed the IZEA Tool Kit (ITK), you’re going to need to do this as well. Why? Here is the explanation that you see when you click the “?” next to Install ITK. “The IZEA ToolKit (ITK) is a suite of tools that maximizes what you can do in the IZEA Network. After you place a piece of Javascript code on your website, we begin collecting statistics that gives you a RealRank and allows you to use other network features such as PPP Direct and SocialSpark blog Sponsorships.“ We need to take care of the first two red X’s before we can tackle #3. To do this we are going to have to tackle code. Don’t worry it is not difficult at all. Click the Get Code button. The screen will darken and a new screen will appear with three boxes of code. You should only see three boxes if code is missing from your blog. So the first time you install code you will see a box of missing code that has both of codes from the second and third boxes (So you don’t have to copy and past code from each of the boxes. That would be redundant.). Just install the missing code anywhere between the < body > tags in your blog html code. This might seem scary to some but it really is not. Working with the code is not that difficult. These instructions are for Blogger. Start with signing into your Blogger account. You should default to your Settings Screen. From Settings click Layout. You are now looking at the layout of your blog. You might be tempted to create an HTML/Javascript gadget and put the ITK and Claim code there. DON’T DO IT! You’re going to have to delve a little deeper. Click Edit HTML. Now you are in the Edit HTML area. You might be tempted to post your code in the code box right away. Again you have another step. You need to click Expand Widget Templates. That way the complete code of your blog is now in the Edit Template Box. Your screen will refresh and that lets you know that you’ve Expanded the Widget code and you should now see a check mark in the Expand Widget Code box. Click the scrollbar and scroll to the bottom of your code. Now you are at the bottom of the code box, paste in the code from SocialSpark directly above the < / body > tag. Then click Save Template. Now go back to the My Blogs page of SocialSpark and you are going to test to see if the code was added correctly (it had better be if you followed these directions). Start off by clicking the Refresh button. A spider will go out and check your code to see if the claim code is installed. If it is your red X will turn to a green checkmark. Please note that the ITK installed might not go to a green check right away. That is okay, give it a little while and click refresh again. Once your blog status has two green checks like the one be

...pics scam from my previous blog post. I give them my...

 
Botnet Exploits Hacked Sites Malicious Sites Malware Microsoft News Pharming Phishing Security Spam Vulnerabilities
 
 
 
img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; behavior: url(../iepngfix.htc); } Feb18 Return of the Facebook Photo Scam 4:27 am (UTC-7)   |   by Rik Ferguson It looks like the Facebook picture scam I blogged about last November is having a rerun, with a new modus operandi and some new content. Here is how it starts: a Facebook friend posts an image to your Facebook profile: So of course you type in the URL and head on over to stealing pics. Now, you have to agree to the Terms and Conditions before you log in, so if you work for Facebook, MySpace, or Google, please read no further. OK, I’m in. I can’t believe people have been posting pictures of me online again, I’m going to have to ban cameras when I rule the world. For now I just have to find the photos and take them down. Hmm, this looks familiar. I click. Eh? Where are the pics. Oh, I get it. Just some fun before I get to the real site. I hope there’s nothing sneaky hidden under that scroll bar… Oh, I see, an auto-renewing subscription service costing just $9.99/month. Well, I suppose some people might be happy with that. I’ll play along. I select random answers to each of the questions, and finally: That’s the money shot, right there. I enter a random phone number, but the site detects that I am not visiting from the US, and helpfully serves me up a new offer, this time based in the UK. Just what I always wanted, a “e-credit card” (what’s that?) with some very interesting T&Cs of its own. Membership fee of £79.95 plus £4.95 per month for “maintenance.” Oh, and a £9.95 inactivity fee, where can I use this wonderful e-credit card? Ah, I see, only at the e-Credit Plus Shopping Club website. Hmm. I think I’ll forego that offer: No, really, it’s OK. Thanks! I click cancel. Ah, now we’re back on familiar territory, I’ll give my details, and click: No, honestly, I DON’T WANT YOUR ECARD! Enough! I begin clicking the counterintuitive “OK” button. Back once again to the familiar old bulletin pics scam from my previous blog post. I give them my password along with my name and email address, they show me a picture of a monkey, and finally they let me know exactly how I can go and email this to all my friends, just in case the traditional, delivery through compromised accounts doesn’t work for them. It’s enough to make you Twitter, I tell ya! SHARETHIS.addEntry({ title: "Return of the Facebook Photo Scam", url: "http://blog.trendmicro.com/return-of-the-facebook-photo-scam/" });If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting! This entry was posted on Wednesday, February 18th, 2009 at 4:27 am and is filed under Malware, Security . You can leave a response, or trackback from your own site. 3 Responses to “Return of the Facebook Photo Scam”

 
Botnet Exploits Hacked Sites Malicious Sites Malware Microsoft News Pharming Phishing Security Spam Vulnerabilities
 
 
 
img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; behavior: url(../iepngfix.htc); } Feb19 Facebook Terms of Service Cause a Stir 12:54 am (UTC-7)   |   by Roderick Ordoñez (Technical Communications) Facebook reverts back to its old Terms of Service (TOS) after causing quite an online ruckus when it decided to update its TOS a few weeks ago. Interesting lines in the new TOS that enraged users included: You hereby grant Facebook an irrevocable, perpetual, non-exclusive, transferable, fully paid, worldwide license (with the right to sublicense)… The following sections will survive any termination of your use of the Facebook Service… The said clauses indicate that the any user-content uploaded to Facebook becomes Facebook’s property, under an irrevocable, perpetual (aka forever), non-exclusive, transferable, fully paid, worldwide license, which does not expire even after the user terminates the service.  In response, Facebook creator Mark Zuckerberg replied in his blog: When a person shares information on Facebook, they first need to grant Facebook a license to use that information so that we can show it to the other people they’ve asked us to share it with. Without this license, we couldn’t help people share that information. One of the questions about our new terms of use is whether Facebook can use this information forever. When a person shares something like a message with a friend, two copies of that information are created—one in the person’s sent messages box and the other in their friend’s inbox. Even if the person deactivates their account, their friend still has a copy of that message. We think this is the right way for Facebook to work, and it is consistent with how other services like email work. One of the reasons we updated our terms was to make this more clear. In reality, we wouldn’t share your information in a way you wouldn’t want. The trust you place in us as a safe place to share information is the most important part of what makes Facebook work. Actually, putting anything on the Web is a sure-fire way to make information available for an indefinite period of time. Sites like Facebook, however, do allow the user to control how much information is available to the general public, though it is assumed that the information is deleted once a user opts out of the service. When a TOS declares that a certain establishment has full rights to your information (or content in this case) during and even after you’ve long stopped using the service, privacy concerns are raised. Most specifically: how is your data going to be used? While openly available profiles may be considered willing victims to data miners, privacy settings do give a sense of security that your information is not available to the outside world. Again, declaring that your user-content is now owned by an establishment makes users think that their data may be possibly misused from the inside. One is left to trust that Facebook does not use the user-submitted information in any manner offensive to users themselves. The lesson of the story is: just be careful what you post or put on the Web. The Web is a great way to socialize and share data. You just never know who will use that data and for what purpose, regardless of where you put it or what service you choose to use—and that holds true even with or without a TOS. SHARETHIS.addEntry({ title: "Facebook Terms of Service Cause a Stir", url: "http://blog.trendmicro.com/facebook-terms-of-service-cause-a-stir/" });If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting! This entry was posted on Thursday, February 19th, 2009 at 12:54 am and is filed under News . You can leave a response, or trackback from your own site. One Response to “Facebook Terms of Service Cause a Stir”

 
Botnet Exploits Hacked Sites Malicious Sites Malware Microsoft News Pharming Phishing Security Spam Vulnerabilities
 
 
 
img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; behavior: url(../iepngfix.htc); } Mar20 Ichitaro Exploits Progress 4:12 am (UTC-7)   |   by Japan Regional TrendLabs On March 11, Regional TrendLabs in Japan found a zero-day exploit attack that targeted Just System’s well-known Japanese word-processor, Ichitaro. The malware exploting the vulnerability was noticed to arrive via spam and via malicious websites using the Ichitaro file extension name, .JTD. The malware ( TROJ_TARODROP.BA) drops a file {random letters}.tmp ( TROJ_DROPPER.PAO) that in turn drops another file named  beer80.exe ( TROJ_AGENT.KLQW). Notable of this scheme is that after TROJ_TARODROP.BA and TROJ_DROPPER.PAO have executed their routines, the last dropped Trojan (TROJ_DROPPER.PAO) creates non-malicious files using them to overwrite itself and the initial TROJ_TARODROP.BA. Thus, when the user checks the files after the infection is completed, all the user will see are legitimate Ichitaro files (this is considered to be a stealth technique applied by the malware). Unknown to the user at that point is that the final payload TROJ_AGENT.KLQW is already and still in the system. This Trojan (TROJ_AGENT.KLQW) gathers the following information from the affected system then sends the data to a remote site: Computer Name IP Address Process ID of (injected) legitimate process, svchost.exe OS version Locale Information Figure 1. the sleight of hand is performed by the second malware in line, TROJ_DROPPER.PAO. According to Trend Micro researchers, the initial attack on Ichitaro happened in August 2006. Since then, every time a new Ichitaro vulnerability is found, cybercriminals are expected to attempt to exploit it–and they do so with increasing social engineering savvy. Past attacks followed the same straightforward drill: the first malware exploits the vulnerability and the second one conducts the main routines such as autostart and dropping files, etc. It is only recently (in 2008) we have begun to see the additional overwriting trick meant to fool users. Previous Ichitaro-related attacks include the following: New Ichitaro zero-day exploit discovered Ichitaro Exploited Anew A Closer Look at Ichitaro Information on this vulnerability, as well as the patch provided by Just System, can be found on their website. Read the Japanese writeup of this attack from the Japanese Malware Blog. SHARETHIS.addEntry({ title: "Ichitaro Exploits Progress", url: "http://blog.trendmicro.com/ichitaro-exploits-progress/" });If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting! This entry was posted on Friday, March 20th, 2009 at 4:12 am and is filed under Exploits, Security . You can leave a response, or trackback from your own site. One Response to “Ichitaro Exploits Progress”

... This blog post puts together Trend Micro’s......be posting updates to the blog as issues reveal themselves. In the...

 
Botnet Exploits Hacked Sites Malicious Sites Malware Microsoft News Pharming Phishing Security Spam Vulnerabilities
 
 
 
img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; behavior: url(../iepngfix.htc); } Apr14 The DOWNAD/Conficker Jigsaw Puzzle 7:58 pm (UTC-7)   |   by Paul Ferguson and Ivan Macalintal (Advanced Threat Researchers) This blog post puts together Trend Micro’s own DOWNAD research as well as collaborative input from the Conficker Working Group. It includes the collected reports regarding DOWNAD as well as analysis of binaries in one coherent timeline of events to shed some light in the continuing DOWNAD/Conficker Jigsaw Puzzle. SETTING THE STAGE The rise of DOWNAD to its current stature could be traced from two of its earlier and probably most infectious variants, detected by Trend Micro as WORM_DOWNAD.A and WORM_DOWNAD.AD. In a span of just four months (November last year to February this year, where DOWNAD infection counts were at their peak), WORM_DOWNAD.A has infected around 500,000 PCs. WORM_DOWNAD.AD, an improved variant first detected last December, equaled the infection count of the earlier variant in just three months. These numbers – a little more than a million – are based on Trend Micro’s World Virus Tracking Center (WTC) numbers alone, which scans only infections detected by HouseCall and other Trend Micro products. Total global estimates were believed to have reached as high as nine million in February this year. The DOWNAD infection base, specifically through the AD variant, was thus set. On March 4, several WORM_DOWNAD.AD infected nodes got an updated variant, which was eventually detected as WORM_DOWNAD.KK. This new DOWNAD is notable for the following functionalities: The malware communicates with peers using Peer-to-Peer (P2P) chatter. Its routines include Internet time checking and updating through Internet rendezvous. It has an April 1st activation date. The activation date had researchers scrambling for answers before April 1. Other than the expected changes in network behavior, no significant developments or updates in the DOWNAD/Conficker botnet on the said date itself. At least not yet. The botnet eventually awoke several days later. BOTNET COMES ALIVE The uneventful days during and after the April 1st DOWNAD/Conficker hype were brought to a halt when an update in the DOWNAD botnet, through WORM_DOWNAD.KK, occurred on April 7 and 8. There were many subsequent reports of new binaries (some of them encrypted) in infected systems, as well as the discovery of DOWNAD’s connections with Waledac (another notorious botnet) and with a FakeAV variant called Spyware Protector 2009. WORM_DOWNAD.KK infected nodes received, via P2P TCP, an encrypted and digitally-signed “blob”, 134,880 bytes. In Trend Micro’s case, we received the TCP response from 113.30.90.134, which is simply another DOWNAD-infected node located in Korea. Shown in Figure 1 is a snapshot of the captured TCP response. WORM_DOWNAD.KK decrypts this blob to generate TROJ_DOWNDAC.A. Trend Micro Advanced Threats Researcher Joseph Cepe says this forms one of the two main functions of the KK variant, the other is to install HTTP and to look for exploitable machines. The name DOWNDAC is a combination of DOWNAD and Waledac, for reasons which will become clearer later. This Trojan then drops another DOWNAD worm detected WORM_DOWNAD.E. Figure 2 is a snapshot of TROJ_DOWNDAC.A and WORM_DOWNAD.E, which are both dropped into the Windows Temp folder. The .EXE component of WORM_DOWNAD.E, unlike the earlier KK variant, has no P2P mechanism of its own. It creates an HTTP server, and uses the MS08-067 exploit, like WORM_DOWNAD.AD to infect other PCs. It also infects via network shares. Interestingly, it has a deactivation date of May 3, 2009. This remains an open question right now. WORM_DOWNAD.E also starts a Web server on a pseudo-random port between 1024 and 9999 based on the system drive’s volume serial number It drops and creates a temporary .SYS file which Trend Micro detects as TROJ_DOWNAD.E. Trend Micro Advanced Threats Researcher Edgardo Diaz says that the Trojan is dropped as a component to increase the maximum number of TCP connections in an infected PC. This same .SYS file was also verified to be dropped by WORM_DOWNAD.AD, and is the one responsible for patching the TCP half-connection attempts. It also creates and stores an encoded binary blob in the Windows Registry. Decrypting the blob reveals a .DLL, which then drops a TMP file (also a .DLL). Apparently, this DLL file is the one that also gets sent as the payload blob via HTTP, if there is successful exploitation by WORM_DOWNAD.E. The snapshot in Figure 3 makes this clear. The hex blob in the yellow box is the data block that was created in the Windows Registry by WORM_DOWNAD.E, while the one in the red box is the blob that was sent via HTTP, again, if exploitation was successful. The payload (URL download and .DLL loading) of the exploit is verified to be working. What is still another open question is the part that one part of the malware function somehow fails to reflect the decryption of the embedded .DLL. Without modifying any parameters, the function proceeds with decryption in memory but somehow does not store the changes/pointers to the already decrypted .DLL. The shell-code used is found to be similar to the previous shell-codes of the earlier DOWNAD/Conficker variants that used the MS08-067 exploit as their propagation routine. Now what about this .DLL itself? This dropped file is much more complex than the original WORM_DOWNAD.E, and has the following routines similar to the KK variant: The HTTP download routine is removed. The Peer-to-Peer IP-to-port algorithm remains unchanged. Modifications are also discovered in URL and process termination lists. With the botnet seemingly secure in its position, the motives of the DOWNAD gang remain unclear. At least until crucial links between the notorious FakeAV gang and with another huge botnet were discovered. TRIPLE THREAT: DOWNAD, Waledac, and FakeAV All the dirty work for what ends? Further analysis on one DOWNAD component reveals that again, the answer is cyber crime. The said component, TROJ_DOWNDAC.A, connects to a malicious URL and downloads an encrypted file. This file is decrypted by the Trojan, and is set to run automatically by a registry entry also created by TROJ_DOWNDAC.A. This file, stored in the Windows Temp folder, is a Waledac variant Trend Micro detects as WORM_WALEDAC.ED. Shown in Figure 4 is a snapshot of the binary dump of this WALEDAC variant, with some tell-tale clues about the page where it was downloaded. Waledac is an immensely popular botnet thanks to its association with another bot giant, Storm. It is this Waledac worm that downloads the FakeAV program Spyware Protect 2009. To conceal the download, users are made to believe that the program is a .JPG file (a popular extension for images). It comes with an attached executable, however. We detect this FakeAV variant as TROJ_FAKEAV.FXF. TROJ_FAKEAV.FXF then downloads and executes a TIBS variant detected as TROJ_TIBS.AYD from another malicious URL. This Trojan sends TCP SYN packets to two IP addresses. It also downloads another FakeAV variant, TROJ_FAKEAV.AXD. Shown in Figure 5 is a snapshot of Spyware Protector 2009, the FakeAV being deployed in this DOWNAD-Waledac-FakeAV trifecta. So far, evidence and facts point to the notion that while the DOWNAD/Conficker binaries have no malicious payloads found in its code, the botnet has been used to spread Waledac and FakeAV binaries, both of which are known to have codes and behaviors that constitute what we call malicious payloads. Waledac is a notorious spammer, and is also known for injecting information-stealer codes. FakeAV, meanwhile scares users into buying their “security” products by faking infection symptoms, and lately, by employing crimeware routines as well. Stay tuned — the DOWNAD/Conficker story is obviosuly not over yet, and we will be posting updates to the blog as issues reveal themselves. In the meantime, rest assured that the technologies behind the Trend Micro Smart Protection Network are working overtime to provide protection to our customers. SHARETHIS.addEntry({ title: "The DOWNAD/Conficker Jigsaw Puzzle", url: "http://blog.trendmicro.com/the-downadconficker-jigsaw-puzzle/" });If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting! This entry was posted on Tuesday, April 14th, 2009 at 7:58 pm and is filed under Botnet, Malware . You can leave a response, or trackback from your own site. 8 Responses to “The DOWNAD/Conficker Jigsaw Puzzle”

Please login and upgrade account to follower level 5 to gain access to this link and others with PR 5 and bellow that.

...already featured in the following blog posts: Yet More Swine Flu Attacks Waledac...

 
Botnet Exploits Hacked Sites Malicious Sites Malware Microsoft News Pharming Phishing Security Spam Vulnerabilities
 
 
 
img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; behavior: url(../iepngfix.htc); } Jun15 Scammers Ride on H1N1 Global Pandemic 6:39 pm (UTC-7)   |   by Det Caraig (Technical Communications) The World Health Organization (WHO) raised the H1N1 global pandemic alert level to phase 6 on June 11. More than 70 countries have now reported cases of human infection. Many of the cases reportedly had links to travel or were localized outbreaks. The WHO designation of a phase 6 pandemic alert reflects the fact that there are now ongoing community-level outbreaks in multiple parts of world. It should be noted, however, that the WHO’s decision to raise the pandemic alert level to phase 6 is a reflection of the spread of the virus and not of the severity of illness caused by the virus. As with any other tragic and much-publicized event, cybercriminals again took advantage of the situation by launching a spate of attacks targeting wary, unknowing users. Some of the most recent attacks include those we have already featured in the following blog posts: Yet More Swine Flu Attacks Waledac Turns to Cash and Vaccines Swine Flu Spam Attempt to Infect Japanese Users Swine Flu Outbreak Hits the Web Through Spam Probably the most nefarious of these attacks were found to be hosted on is-the-boss.com domain. Through SEO poisoning, searches for reports related to the virus yield links that when opened trigger multiple redirections to various sites, which ultimately lead to the download of rogue antivirus software. The following URLs were also found to start off similar infection chains: hxxp://amiasjussa11.{BLOCKED}is-the-boss.com/h1n1-pandemic.html hxxp://amiasjussa11.{BLOCKED}is-the-boss.com/h1n1-who.html hxxp://amiasjussa11.{BLOCKED}is-the-boss.com/h1n1.html hxxp://news04.{BLOCKED}is-the-boss.com/a-h1n1-virus.html As of this writing, the is-the-boss(dot)com domain is still being used for blackhat SEO campaigns to deliver fake antivirus solutions such as: av-scanner.48275.exe detected as TROJ_DLOADR.API script.js detected as JS_DLOADR.APO a.exe detected as TROJ_DROPPER.NXA, a file downloaded by TROJ_DLOADR.API The malware TROJ_DLOADR.API and JS_DLOADR.APO attempt to connect to the following URLs, respectively, to download other possibly malicious files: hxxp://thenewpic.{BLOCKED}com/item/2a2c{long string}c70a/e4f892d7456/titem.gif hxxp://theimagesphoto{BLOCKED}.com/werber/744842b7155/217.gif hxxp://super-antiviral-scan{BLOCKED}.com/?id=48275 Fortunately, Trend Micro’s Smart Protection Network already stops this threat from affecting users, as the malicious URLs and files are already blocked and detected, respectively. SHARETHIS.addEntry({ title: "Scammers Ride on H1N1 Global Pandemic", url: "http://blog.trendmicro.com/spammers-ride-on-h1n1-global-pandemic/" });If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting! This entry was posted on Monday, June 15th, 2009 at 6:39 pm and is filed under Security . You can leave a response, or trackback from your own site. 2 Responses to “Scammers Ride on H1N1 Global Pandemic”

...be read in the following blog posts: Bogus ‘MS Update’ Comes with...

 
Botnet Exploits Hacked Sites Malicious Sites Malware Microsoft News Pharming Phishing Security Spam Vulnerabilities
 
 
 
img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; behavior: url(../iepngfix.htc); } Jun22 "Critical Update" Leads to Critical Info Theft 12:40 am (UTC-7)   |   by Argie Gallego (Anti-spam Research Engineer) Microsoft Corporation regularly issues updates to fix bugs and security vulnerabilities in its software products. These updates are meant to protect its users from different attacks that depend mainly on exploiting these documented bugs. Close to the weekend, we identified spam (click Figure 1 thumbnail for larger view) claiming to be a Microsoft Outlook and Outlook Express critical update that “offers the highest levels of stability and security.” A tricky difference here is that all the links in the email (the links to Contact Us, Privacy Statement, Trademarks, and Terms of Use) are legitimate–except one. The URL where the “critical update” may be downloaded looks legitimate, but hovering over the hyperlink (or checking the source code of the mail) reveals a totally different destination. For content security experts this already bears the marks of an email-based cyber-criminal attack. True enough, the URL leads to the download of a file (detected as TROJ_ZBOT.BTS) that on its execution it accesses a website to download a .bin file with information referring to where the Trojan can download an updated copy of itself, and where to send stolen data. The list also contains compromised websites targeted for stealing information. Our engineers confirm that the list was containing several names of banking institutions, among other social networking targets like Facebook and MySpace, and media sites YouTube and Flickr. The list can be viewed here. Note that the said list may be changed at any time. How does the scam work? Whenever the user visits any of the monitored sites, the Trojan starts logging keystrokes. It then saves gathered information (which presumably includes sensitive information like user name and password, credit card information, etc.) in a file and then sends the file to a dedicated server via HTTP POST. Postings to spam as Microsoft updates can be read in the following blog posts: Bogus ‘MS Update’ Comes with Malicious Attachment Bogus Microsoft Update Delivers Nasty File Infector Trend Micro Smart Protection Network blocks the related spam, the malicious URL, and detects TROJ_ZBOT.BTS. SHARETHIS.addEntry({ title: ""Critical Update" Leads to Critical Info Theft", url: "http://blog.trendmicro.com/critical-update-leads-to-critical-info-theft/" });If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting! This entry was posted on Monday, June 22nd, 2009 at 12:40 am and is filed under Security . You can leave a response, or trackback from your own site. 5 Responses to “"Critical Update" Leads to Critical Info Theft”

...Trend Micro has published several blog entries that discussed attacks on...

 
Botnet Exploits Hacked Sites Malicious Sites Malware Microsoft News Pharming Phishing Security Spam Vulnerabilities
 
 
 
img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; behavior: url(../iepngfix.htc); } Jun25 Koobface Tweets 6:23 pm (UTC-7)   |   by Jonell Baltazar (Advanced Threats Researcher) Twitter is a very popular platform for expressing whatever is on a user’s mind, making it a favorite target of malware authors. Trend Micro has published several blog entries that discussed attacks on Twitter. Now, the creators of Koobface included a new component in the malware to target the vast number of Twitter users. They’ve come up with the latest update to the Koobface loader binary and other known Koobface components that target social networking sites like Facebook, MySpace, Hi5, Bebo, Tagged, and Netlog. The new component uses a victim’s Twitter account to post tweets using Internet-browsing cookies to log in to the target user’s account. Tweets can more successfully be posted when the victim is currently logged on to his/her Twitter account as the ‘evil’ Koobface binary runs in the background. Figure 1. Twitter account of an infected PC The supossed tweets are retrieved from a Koobface C&C domain and use Tinyurl.com to shorten and kind of obfuscate the URL included in the message. Figure 2. Network stream of an affected PC Visiting the posted URL leads to a Koobface redirector page that opens the same old ‘fake’ YouTube page that hosts the Koobface loader posing as an Adobe Flash Player update also known as the infamous setup.exe. Figure 3. Fake YouTube page that installs setup.exe As with earlier Koobface-related attacks, however, Trend Micro product users need not worry about being infected as Smart Protection Network already blocks malicious sites and files from running on their systems. They should, however, still keep in mind that an ounce of prevention is always better than a pound of cure. Related posts on Koobface: Koobface Worm Alive and Wriggling Koobface Tries Captcha-Breaking Bogus Facebook Malware and a Dancing Girl Twitter, likewise, was never that safe from attacks: Another Sex Tape, Another Malware Attack Wholsesale Redirects to Malware Averted For Now Iran Street Protests Paralleled by DDoS Attacks Update on June 28: Setup.exe is now detected as WORM_KOOBFACE.DC. It has the ability to fetch information from the affected PC and to send said info to URLs via HTTP POST. Moreover, Koobface writers immediately updated their mal-tweets, cleverly using current events related to Michael Jackson’s death. Luckily, the URL included in the message did not change and is still being blocked by Smart Protection Network. Along with the updated tweets is an update of a Koobface binary (TROJ_KOOBFACE.AJ) targeting Facebook. This binary is already being processed. More details will be provided as analysis progresses. SHARETHIS.addEntry({ title: "Koobface Tweets", url: "http://blog.trendmicro.com/koobface-tweets/" });If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting! This entry was posted on Thursday, June 25th, 2009 at 6:23 pm and is filed under Security . You can leave a response, or trackback from your own site. 11 Responses to “Koobface Tweets”

...Schneier, in a June 26 blog post agreed. Both argued that...

 
Botnet Exploits Hacked Sites Malicious Sites Malware Microsoft News Pharming Phishing Security Spam Vulnerabilities
 
 
 
img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; behavior: url(../iepngfix.htc); } Jun30 To *** or Not to Mask: Usability Versus Security in Password Masking 1:11 am (UTC-7)   |   by Ben April (Advanced Threat Researcher) On June 23, Jakob Nielsen posted an article declaring that password masking on the user interface is more harmful in terms of usability than helpful to the security of an application to which Bruce Schneier, in a June 26 blog post agreed. Both argued that masking the characters when a user enters a password is of little security value and may even be harmful to the usability of an application. I personally believe that displaying password entries in clear text has more detrimental implications to security than lowering the difficulty of shoulder surfing. I readily agree that a seasoned criminal will focus his/her shoulder-surfing efforts on a user’s keyboard than on his/her screen. For an attacker with keyboard-side access, password masking has zero value anyway. However, I think Bruce underplayed the prevalence of possible daily shoulder-surfing activities such as providing IT support to a user, stopping by a colleague’s workstation to review a document, polishing a presentation while on an airplane, or turning on a computer for children who aren’t entitled to unsupervised access. It is also worth considering that there may be situations where it would be inappropriate to ask your current shoulder-buddy (the CEO or your grandmother, you choose) to look away while you enter a password. There are some small security advantages that password masking does offer. For example, unskilled attackers will be looking at the screen when you start entering your password. By the time they realize their mistake, they will only see *** and have already missed a good portion of your password. (Hopefully, knowing the end of your password won’t help them decode the beginning.) Password masking also encourages frequent users of a service to memorize their passwords. I have many passwords that I could not tell you no matter how hard I tried. My fingers know them or I may know a mnemonic but the keystrokes are the only thing I retain. This is not as helpful for more casual users though. My main objection to the demise of password masking is the message that it sends to casual users. We enter a case of do-as-I-say-not-as-I-do. How can we ask our users to secure their password reminders if the entire password appears clear as day on the screen every time they enter it? Masking a password sends the message to the user that it is important that they not share their passwords, that they should not even show these to you, reinforcing the never-give-out-your-password tenet. In many cases, masking discourages copying and pasting passwords though only through naïveté (see here for a laugh). The usability concern is indeed valid. The question becomes this, Where do we draw the line between security and usability? In my opinion, masking is a valid layer of security, though easily breached, it does raise barriers to entry even if only by a small margin. These barriers are also larger for the casual user. The more slowly a password is entered, the more time it would be on the screen, if unmasked. More importantly, it sends a firm message to users that their passwords should be protected. Also, let’s not forget the principle of minimum astonishment—how many times would you have to use an application before you notice that your password is now being displayed on-screen in clear text? One possible compromise would be to provide a configuration option. However, this would not be friendly to a casual user who needs it most. I encourage application developers to seek out other usability accommodations (e.g., two-factor options, biometrics) before globally unmasking passwords. SHARETHIS.addEntry({ title: "To *** or Not to Mask: Usability Versus Security in Password Masking", url: "http://blog.trendmicro.com/to-or-not-to-mask-usability-versus-security-in-password-masking/" });If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting! This entry was posted on Tuesday, June 30th, 2009 at 1:11 am and is filed under News, Security . You can leave a response, or trackback from your own site. 2 Responses to “To *** or Not to Mask: Usability Versus Security in Password Masking”

 
Botnet Exploits Hacked Sites Malicious Sites Malware Microsoft News Pharming Phishing Security Spam Vulnerabilities
 
 
 
img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; behavior: url(../iepngfix.htc); } Jul21 More Zero-Day Exploits for Firefox and IE Flaws 7:57 am (UTC-7)   |   by Jovi Umawing (Technical Communications) Earlier today, Senior Threat Researcher Joseph Reyes spotted several malicious script files that exploited Mozilla Firefox and Microsoft Internet Explorer vulnerabilities: JS_DIREKTSHO.B exploits a vulnerability in Microsoft Video Streaming ActiveX control to download other possibly malicious files. JS_FOXFIR.A accesses a website to download JS_SHELLCODE.BV. In turn JS_SHELLCODE.BV exploits a vulnerability in Firefox 3.5 to download WORM_KILLAV.AKN. JS_SHELLCODE.BU exploits a vulnerability in Microsoft OWC to download JS_SHELLCODE.BV. Initial analysis done by Threat Analyst Jessa De La Torre shows that the scripts above may be unknowingly downloaded through either Firefox or Internet Explorer. According to Mozilla, a Firefox user reported suffering from a crash that developers determined could result in an exploitable memory corruption problem. In certain cases after a return from a native function, the just-in-time (JIT) compiler could get into a corrupt state. This could then be exploited by an attacker to run arbitrary code. However, this vulnerability does not affect earlier versions of Firefox, which do not support the JIT feature. Firefox 3.5 users can avoid this vulnerability by disabling the JIT compiler as described in the Mozilla Security Blog. This workaround is, however, unnecessary for Firefox 3.5.1 users. On the other hand, the vulnerability in Microsoft Video ActiveX Control allows remote code execution if a user views a specially crafted web page with Internet Explorer, executing the ActiveX control. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. Microsoft is aware of attacks attempting to exploit the said vulnerabilities and advises its customers to prevent the OWC from running either manually or automatically using the solution found in Microsoft Knowledge Base Article 973472. Trend Micro advises users to refer to the following pages to download updates/patches for the vulnerabilities the aforementioned script files exploit: Firefox: Mozilla Foundation Security Advisory 2009-41 OWC: Microsoft Security Advisory (973472) DirectShow: Microsoft Security Bulletin MS09-032 Trend Micro advises users to download the latest scan engine to protect themselves against the above-mentioned exploits. SHARETHIS.addEntry({ title: "More Zero-Day Exploits for Firefox and IE Flaws", url: "http://blog.trendmicro.com/more-zero-day-exploits-for-firefox-and-ie-flaws/" });If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting! This entry was posted on Tuesday, July 21st, 2009 at 7:57 am and is filed under Exploits, Microsoft, Security, Vulnerabilities . You can leave a response, or trackback from your own site. 7 Responses to “More Zero-Day Exploits for Firefox and IE Flaws”

...more about that in the blog entry Dark Shadows Lurk after...

 
Botnet Exploits Hacked Sites Malicious Sites Malware Microsoft News Pharming Phishing Security Spam Vulnerabilities
 
 
 
img {max-width:650px;width: expression(this.width > 650 ? 650: true);border-style:none; behavior: url(../iepngfix.htc); } Jul23 “Solar Eclipse 2009 in America” Leads to FAKEAV 12:28 am (UTC-7)   |   by Roland Dela Paz (Threat Response Engineer) Yesterday’s solar eclipse over parts of Asia was witnessed by millions of people, so it shouldn’t come as a surprise that it should attract the attention of cybercriminals. And it has. Cybercriminals wasted no time in riding on the said phenomenon as they use SEO poisoning to lead users into redirecting to a site peddling rogue antivirus software (FAKEAV). According to Senior Threat Researcher Joey Costoya who discovered the said attack, when users query the phrase “solar eclipse 2009 in America” in popular search engines, certain top ranking sites would redirect users to a malicious site under the domain name antispyware-scannerv3 where the FAKEAV is hosted. Trend Micro detects this variant of rogue antivirus as HTML_FAKEAV.FT. The following are screenshots of the rogue antivirus online scanning page and the scanning results: The Smart Protection Network protects Trend Micro users from this threat by blocking access to the malicious sites so that even if curious users click on rigged search results they do not end up on rogue antivirus territories. Furthermore, Trend Micro already detects and cleans the rogue antivirus components related to this attack. This is not the first time an eclipse was used to bait users to download malware. Read more about that in the blog entry Dark Shadows Lurk after Lunar Eclipse. SHARETHIS.addEntry({ title: "“Solar Eclipse 2009 in America” Leads to FAKEAV", url: "http://blog.trendmicro.com/solar-eclipse-2009-in-america-leads-to-fakeav/" });If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting! This entry was posted on Thursday, July 23rd, 2009 at 12:28 am and is filed under Malicious Sites, Malware . You can leave a response, or trackback from your own site. 2 Responses to ““Solar Eclipse 2009 in America” Leads to FAKEAV”