Are phishing crews paying more attention to virtual worlds? Phishing attacks on massively multiplayer online role-playing games (MMORPGs) have been around since at least 2002, and perhaps earlier. But some observers of online games say the growing market for virtual currency and player accounts may be attracting fresh attention from phishing scams, which are mass-mailing "bait" e-mails seeking to capture gamers' account logins.

Phishing attacks most commonly target banks, credit card companies and payment sites such as Paypal. This year phishers have expanded their target list to include smaller regional banks and credit unions. While phishing attacks on online games aren't new, they may represent a logical area of expansion for these scams, given the growing value of player accounts, the youthful demographics of online gaming, and a recent influx of new players due to the popularity of World of Warcraft.

A recent phishing attack targeting users of EVE Online was reported by Terra Nova, a blog that follows trends in virtual worlds. The bait email purports to be from the game's security team, investigating unusual account activity and sending victims to a spoof site at a server in Spain.

Some areas of the web site for Opera have been slowed by a surge in traffic from Internet users downloading software. The activity was prompted by Tuesday's announcement that the Opera web browser would be distributed free. Users previously had the choice of either a paid product or a free version supported by ads displayed within the browser interface.

The ad-free version of Opera 8 was downloaded more than 1 million times in the first two days of availability,according to Opera Software, which said server logs showed a majority of downloads came from Internet Explorer users. This chart shows the performance for get.opera.com, one of several mirror sites serving browser downloads.

With one of history's most powerful hurricanes bearing down on the Houston/Galveston area, EV1Servers is taking steps to protect the more than 1 million web sites hosted in its Houston data centers. CEO Robert Marsh says the company has more than 10,000 gallons of diesel fuel on site, procured an extra generator in case grid power is unavailable for an extended period, and established a secondary support facility in Wichita, Kansas. "We anticipate that the coming storm will have no impact on our operations," Marsh said in a message to customers. "However, we are prepared to deal with any eventuality."

Hurricane Rita is currently a category 5 storm with sustained winds of 175 miles an hour, making it an even more intense storm than Hurricane Katrina, which laid waste to New Orleans and the surrounding Gulf Coast on Aug 29. Forecasters predict Rita will weaken slightly and make landfall early Saturday as a category 4 storm. "Our buildings are designed to withstand Cat 4 conditions," Marsh said Wednesday night on the EV1 forums. "It is anticipated that we will see high Cat 3 conditions, based upon the current track and our location. This could easily escalate to cat 4 conditions."

EV1Servers is the world's eighth-largest web host, housing 1.1 million hostnames and 642K active sites. Any service outages for the company could ripple far beyond Houston, as many web hosting resellers lease servers housed in its Houston facilities. EV1Servers has more than 150 different customers with at least 1,000 web sites, including hosting providers based in the UK, Brazil, Japan, Italy and the Netherlands as well as the United States. EV1 says its networks "oversee 1.5% of all U.S. Internet traffic."

British betting site operator Leisure & Gaming plc has paid $1.4 million to acquire the domain name vip.com. The sale is the highest publicly reported domain resale of 2005, nearly doubling the $750,000 price for sales of property.com and website.com. The deal comes just two months after Leisure & Gaming plc acquired VIP Management Services and its themed online betting sites for 23.4 million pounds (about $42 million US).

Prices for registering a stand-alone .com domain remained unchanged this month at all major providers except Register.com, which ended a $30 "sale" and is once again the priciest domain seller at $35. The bargains on new domains have shifted to packages in which a domain is bundled with a hosting account. Go Daddy last week began offering domains for $1.99 with the purchase of any non-domain product, such as hosting or SSL certificates. That slices $2 off the $3.99 price for that package, which Go Daddy introduced in January.

Security researchers say they have found weaknesses in Cisco's Internet Operating System (IOS) which may enable an Internet worm to spread between Cisco routers. But Arhont Ltd. denied reports that such a worm had actually been developed.

In a post to the Bugtraq mailing list, Arhont's Andrei Mikhailovsky said his firm had discovered weaknesses in the way IOS uses the Enhanced Interior Gateway Routing Protocol (EIGRP), which handles information exchange between routers. "Among the discovered issues are multiple vulnerabilities in EIGRP implementation," Mikhailovsky wrote. "Also, authors have addressed the _theoretical_ aspects of an algorithm for a cross-platform worm that could spread in IOS based devices." EIGRP supports the AppleTalk and IPX (Novell Netware) networking protocols in addition to IP, allowing cross-platform routing. Arhont offered no additional details, but said it is preparing an advisory for Cisco's Product Security Incident Response Team (PSIRT).

A serious security hole has been discovered in TWiki, the popular open source collaboration software. The vulnerability allows remote attackers to execute shell commands on affected systems, and is already being actively exploited, with some analysts warning that a worm could soon follow. A hotfix is available from the TWiki web site.

TWiki is an enterprise collaboration platform typically used on development projects. It is used for internal communications at companies including IBM, Yahoo, Circuit City, Reuters, Boeing, General Electric, Wachovia and ZoneLabs. Some large companies use it to run web-facing Wikis, such as British Telecom's UK Telco B2B Forum.

Few of the data networks knocked offline by Hurricane Katrina have relocated their operations to backup sites outside the disaster zone, according to a new report examining the disaster's impact on infrastructure. More than 100 local networks on the U.S. Gulf Coast remain offline two weeks after Katrina, but major Internet networks saw only brief disruptions from the storm, according to the report from Renesys, which monitors Internet routing traffic.

"It is suprising to note how few of the networks in the region saw any service restored through disaster recovery services," the analysis noted. "Many networks in the affected region, especially those in Louisiana, have been unreachable for a prolonged period of time. These networks may not see service restored for some time to come, unless they can be brought back online at disaster recovery sites outside of the region."

A vulnerability has been reported in Firefox which could allow malicious sites to compromise computers running the browser. The security hole, which is rated highly critical by Secunia, affects all versions, including Firefox 1.0.6 and earlier and the just-released beta version of Firefox 1.5. An attack can be created using a specially-crafted URL, which will cause a buffer overflow in Firefox that results in a denial of service and, in some cases, remote code execution.

The flaw was discovered by researcher Tom Ferris of Security Protocols, who found an error in the way Firefox handles URLs (see description here). The vulnerability has been reported to the Mozilla Foundation, which is preparing a fix. There have been 86 million downloads of the Firefox browser, with recent estimates placing its market share at about 9 percent of Internet users.

Interland is selling its dedicated server business to Peer 1 Networks, which acquired Server Beach last year. Peer 1 said it is paying $14 million for 8,300 dedicated servers and 115,000 square feet of data center space in facilities in Atlanta, Miami and Fremont, Calif.

Peer 1 president and CEO Geoffrey Hampson called the deal an "outstanding fit" and promised little immediate change for Interland customers. “This transaction adds a large customer base, skilled staff, solid dedicated server equipment and three data centers to Peer 1 Network’s existing infrastructure," Hampson noted.

The dedicated server market has been the hottest segment of the web hosting industry over the past two years, as discount pricing allowed hosting resellers and web entrepreneurs to run their own server for less than $100 a month. The popularity of discount dedicated servers spurred huge growth for providers such as EV1Servers.net and The Planet. But dedicated hosting is more capital-intensive than other types of hosting, as providers must lay out cash to purchase hardware and licenses for each server.

In the September 2005 survey we received responses from 71,723,098 sites. The increase of 1.33 million sites from August continued the strong growth for the Internet this year, but marked a slowing from the torrid pace over the summer, with monthly gains about half of those seen in July and August.

Apache gained 703K sites and Microsoft servers added 217K sites, but share for both continued in a narrow range that has held steady for more than a year. The open source Apache web server is now poised to cross 50 million sites, probably within the next month.

Datapipe, Rackspace and Tiscali share the top slot as as the most reliable hosting company sites this month. The results continue a string of exceptional performances by Rackspace and Datapipe, both in 2005 and over the longer haul.

Rackspace, a managed hosting provider based in San Antonio, Texas, has been the top performer in five of the past seven months. The company's web site, which runs on Linux, has not had a measurable outage since March of 2004. Datapipe, a managed hosting provider in Hoboken, N.J., has been the best performer twice in 2005, and was the most reliable hosting company for the second half of 2004. The Datapipe web site, which is hosted on Windows Server 2003, has not had a measurable outage since Necraft began public reporting of monthly uptime performance in June 2003.

In August their performance was matched by Tiscali, a pan-European provider of hosting and Internet access services. This month marks Tiscali's first time as the most reliable hosting provider. Tiscali's site runs on Linux, which dominates with five of the top 10 hosters, with 2 on Windows, 2 on FreeBSD and 1 on Solaris.