The identity theft feature, as reported by CNET, is only available in the U.S., and pairs the folks at AVG with a service called Identity Guard that integrates with your browser toolbar (Firefox and IE only); Identity Guard is there to help you avoid and handle identity theft.

Frankly, the Identity Guard addition doesn't seem like something to get all that excited about (who wants another browser toolbar, anyway?), but if nothing else, the performance boosts are worth the update for die-hard AVG fans.

AVG comes in both freeware and shareware versions, Windows only. Currently only the shareware version is ready for the update—apparently AVG delays the release of AVG Free to give their pay versions a little more time in the limelight. Unfortunately that means AVG Free users—which I suspect is most AVG users—will have to wait a bit longer to update to the faster version.

The new feature behaves like a cross between a traditional antivirus tool and the "Are you sure you want to open this?" warnings already present in Leopard. I doubt it's doing any real-time heuristic scanning and it's definitely not running as a visible app in the OS, but if it's checking .PKG and .DMG files for malware before you run or mount them, well, that sounds an awful lot like what your average Symantec, AVG or Kapersky product is intended to do.

The first report came from the Intego blog, (they make Mac antivirus software) and it's been corroborated by Snow Leopard testers over at the MacRumors forums. We'll try to test this one out as best we can, but it's looking like Apple may have slipped this ever-so-slightly unflattering feature into their new OS under the radar. [The Mac Security Blog, MacRumors]

The research team of Alfredo Ortega and Anibal Sacco say that when malware infects a system BIOS, it is able to survive multiple attempts to reflash the core software, and extremely difficult to get rid of. Even worse, because Lojack is white listed by virus and malware scanners, any attacks exploiting this vulnerability on a computer will largely go undetected. And for Laptop Lojack to be effective, it must operate like a stealthy rootkit. Unfortunately, it's installed in the majority of new notebooks from HP, Asus, Dell, Lenovo and Toshiba.

Moral of the story: find a new way to get your stolen laptop back. [ZDnet via Slashdot]

Russia and Brazil were found to be the most infected.

Other interesting findings by Microsoft's cyber security team include that, at the moment, 97% of all emails are spam. In other words, for every 3 emails you want to see, you get 97 that resemble Gizmodo's mainpage on April 1st. (And you thought we were annoying...which we were.)

More interesting stuff over at the BBC. [BBC]

The scariest thing about the Conficker worm is that literally millions of infected Windows PCs could be linked together to do its bidding. The second scariest thing is that no one really knows what its creator is going to do with this virtual army on April 1, when it's scheduled to contact a server for instructions. It's so bad, Microsoft has a running $250,000 bounty for the author, dead or alive. (Well, they probably want him alive, but they hate his guts.)

The New York Times' John Markoff rounded up some of the more ingeniously evil possibilities in a compelling article, the most sinister being a "Dark Google," postulated by University of California at San Diego researcher Stefan Savage, that would let bad people scour zombie machines all around the world for data to sell to other bad people.

But let's back up a bit. Conficker—whose weird name is a combination of "configuration" and a slightly more polite word for f***er, according to Urban Dictionary—actually began life as a lowly, "not very successful" worm in November, says Vincent Weafer, VP at Symantec Security Response. Weafer told us it exploited a Microsoft remote server vulnerability that had already been announced and patched the previous month, so the only systems that were vulnerable were the ones that weren't up to date.

The B release, pushed in December, on the other hand, was "wildly successful," says Weafer, infecting millions of unpatched computers because it's an aggressive little bastard—the first worm in years on a scale like Blaster. It has built-in p2p capabilities, and brute forces its way into open shared folders or printers, so it can crawl an office network quickly. It also piggybacks onto USB flash and hard drives. On top of all that, it's designed to be incredibly resilient, killing security software, disabling Windows Update, and digging down deep.

The C release came out this past month. It doesn't go after new machines—it's actually a payload for computers already infected with B. It transformed Conficker from a sneezing pandemic into a seriously nasty plague. With C, its p2p powers are extended further, with digital code-signing, so it only accepts trusted code updates from itself. That means security experts can't simply inject code to neutralize it. The patch also made Conficker better at killing security software. And it expanded the scope of the domains it tries to contact for instructions from 250 to 50,000, completely neutralizing security experts' previous tactic of seizing the domains. There's effectively no way to the cut the head off of this demon snake. The stage is set: On April 1, Conficker will reach out for the millions-strong zombienet's next set of instructions.

So what will happen? Well, no one knows for sure. Conficker's creator can do whatever he wants with his army. Launch massive denial-of-service attacks, setup the "Dark Google" syndicate, target millions of new machines, or generate a tidal wave of spam that'll crash against servers all over the world.

Most likely though, Weafer told us, Conficker's creator is motivated by money—they'll rent it out. And if Conficker's used as a massive doomsday tool, they'll "quickly lose the ability to make money" with it. A low key operation harnessing the power of computers that are mainly located in developing nations may not have a big impact, though it would certainly set a terrible precedent: Whatever Conficker's results, they will lead others to develop this idea in frightening new directions.

Conficker's innovative approach that utilizes p2p, code-signing and a distributed domain setup will very possibly serve as inspiration to other malware writers, who Weafer said "you can bet" are watching Conficker's success very closely, just as Conficker's creators have clearly learned from past malware. It's like evil open source.

That doesn't mean April 1 will be a "digital Pearl Harbor." If your machine is patched and up to date, the Microsoft Report's Ed Bott tells us, you'll probably be totally fine. And yes, you can get rid of it if you happen to be infected. There is an outside chance Conficker could turn into a massive parallel computer that borders on self-aware, come April 1, but more than likely, the day will come and go without you noticing anything weird, just some extra spam in your box for some V@ltr3xxx.

Still something you still wanna know? Send any questions about worms, V14GRA, or Jason Chen's pants to tips@gizmodo.com, with "Giz Explains" in the subject line.

Google works with the non-profit StopBadware.org to create a list of potentially dangerous sites, which is updated periodically. One such update happened this morning, but somebody typed in "/" by mistake. That simple keystroke expands to every single URL, which is why Google was universally borked. Google engineers fixed the problem in about half an hour, and it's back to normal now.

Please don't play with our heads again, Google. We trust you. If you tell us the entire internet might infect our computers, we'll probably believe you. [Google]

They're easy to spot, thankfully, since their prose ain't exactly up to CNN standards—though perhaps not a bad emulation of the some of the froth from some crazy right-wing messaging boards whose denizens are based deep in the heart of Appalachia: "Barack Obama's inauguration that was planned on 20th January 2009 is under the threat of failure. On the Eve of Inauguration President elect Obama made statement. He declared that he is definitely NOT ready for this position."

According to TrendLabs' Malware Blog, the files these sites try to get you to download, like barack.exe and baracknews.exe, are really from the WORM_WALEDAC malware family. Some of the stuff they've detected are: WORM_WALEDAC.KAX, WORM_WALEDAC.AE, WORM_WALEDAC.AH, WORM_WALEDAC.AG to name a few. In other words, nasty stuff.

So stick to the Obama superfan or haterade sites you know and trust to keep you in your bubble, and if you do venture out into the wild, don't download anything. [Trendabs via Download Squad - Thanks Cody!]

The image is taken from Sophos' 2009 security threat report, which says 37% of malware comes from inside the US, 27% comes from China, and 9.1% from Russia. China's actually down from their previous position of being responsible for more than half of worldwide malware in 2007. USA! USA! USA! [DigitalTrends]

Considering China surpassed the U.S. in overall internet users this June, it's probably not that surprising that the country would be targeted. Couple that with the influx of inexperienced users with freshly middle-class banking accounts, and you've got a major security problem. Microsoft recommended constantly updating to lower vulnerabilities, which probably won't happen since the newest Windows updates contain that anti-piracy black screen security measure. [Yahoo News] (Flickr credit - Kai Hendry)

Our own Jason Chen also noticed a surprise when he docked his iPhone this morning—this big fat ad for MobileMe in iTunes under the "Summary" tab for his phone. No code installed here, but getting spammed for a service that's had hiccup after embarrassing hiccup over the last several weeks is not the best way to keep those already in your customer base happy. Tsk tsk Apple. [Computerworld]

A corporate night out at Dave & Busters with all you can eat pizza was specifically not the answer. Try flying 95 employees out to a ski resort and entertaining them with snowboarding, blow-up dolls, briefcases of money and, of all things, mimes. That's what KLIK Team did last February. A few won cars, a few won MacBooks, but when you see the shot of the erection mummy, you'll realize that everyone lost their dignity. Hit the jump for a fairly SFW video and a lightly NSFW gallery.

KLIK Team's practices are illegal under Russian law. So how do they get away with not only doing business, but flaunting it?

Yuri Mashevsky, analyst at Russian security firm Kaspersky Lab explains:

Unfortunately, the Klik group is just one of many such groups operating in Russia, and so far such organizations feel relatively safe. Their actions span not only fake anti-spyware, abuse-proof hosting services, but also a huge number of fake online-shops (which receive money from customers but send them nothing in return). Such groups also trade malware, which is often custom-tailored for their 'clients' needs. As a result, the amount of money earned by such criminal groups is stunning.

• Security companies log 25,000 malware samples per day
• 85 to 90 percent of malware families are immediately fixed
• In 1995, 1 in 40 emails had malware attached. Now it's 1 in 1,000.
• Current trends point to more malware attacking your kernel.

But it's nothing that a plate of fresh baked cookies and an ice cold glass of milk couldn't make all better, right buddy? So how is school going? Did you ask that cute girl to the dance yet?

Viruses Expected to Hit 1 Million This Year [PCWorld]

Security specialists at F-Secure have drawn up a report with three maps that create—perhaps unintentionally—a compelling narrative of the way malware reflects the changing economic situation around the globe.

Back in the day (1986 to 2003), computer viruses mainly came from developed, predominantly white regions, US, Europe and Australia, along with India. There were anomalies like the Philippines-originated "Love Bug," but by and large, it seemed computer viruses could be chalked up as a by-product of the technological success of the post-industrial world. The hackers themselves were effete, tea-sipping "hobbyists," out to perfect their skills—not steal millions.
Next came the pros from Eastern Europe, China and Brazil. For the past four or five years, it's been a full-on assault from the regions where high-level computer skills are plentiful, but legit employment opportunities like those found at Redmond, Mountain View or Cupertino are slim to none. Broadband roll-out and a border-free internet have given these guys plenty of opportunities for targeted attacks with cash money—okay, credit-card and bank-account info—as the deliberate end result.In the future, though, new e-criminals will most likely operate out of regions that seem a bit more surprising, such as Mexico and Africa. Part of the reason is that internet usage is fast increasing in those areas, while the requisite IT job growth or technological-age legal system that naturally keep the ruffians in check are not developing as fast. Pour a little political discord on top of that, and you've got one hell of a haven for hackers.

India will also see a resurgence in criminal activity, mainly because the job opportunities will never keep up with the number of people being trained with high-level computer skills, in spite of the country's rapid growth.[F-Secure]

Security company Intego discovered that the OSX.RSPlug.A Trojan horse malware is infecting users on certain porn sites who agree to upgrade their video codec. Oh, and it's not a simple button press, either. Users need to agree, download the file, mount the .dmg and install it on their dic- disk. When the malware is setup properly, a computer's DNS settings will change, redirecting browsers to phishing sites and ads for porn.

Cry me a river. This isn't some dangerous Trogan horse, it's pornographic Darwinism. [cnet]

PSP fake patcher trojan gets a name [Afterdawn]