Items tagged with trojan

Apple can't be too happy about having that Flashback malware news hit over half a million Mac users, and on a percentage basis, that's pretty extreme. But now, hopefully, the past can be the past. A new update in OS X Software Update patches Java, enabling the program (on Lion machines) to stop automatically executing Java applets. Users can still override the new default, and of course, this security patch "removes the most common variants of the Flashback malware." If you've been dealing with the issue, or just cautious not to get it, this update looks like one you shouldn't avoid.... Read more...
While many have dogmatically adhered to the idea that Macs are impervious to malware, some experts have been warning that it was only a matter of time before the Apple systems were hit with significant bugs. Findings like the one from Doctor Web late yesterday confirm that indeed, the malware threat looms large for Mac users. According to Doctor Web, a Russian antivirus vendor, 600,000 Macs were part of the BackDoor.Flashback.39 botnet. (Originally, the company reported the number at 550,000, but a Twitter post later upped it to over 600,000.) The Flashback Trojan isn’t especially new; variants have been around since at least September 2011, but like all good malware, it’s been evolving.... Read more...
A well-known German hacker group has accused the German government of releasing a Trojan horse program into the wild. According to the Chaos Computer Club, the program is the stuff of political fiction: it was designed to allow the government to spy on its citizens. The CCC released its findings on its website, in the form of a 20-page PDF file (in German), along with an accompanying post in English.  In part, the CCC said the following, "The malware can not only siphon away intimate data but also offers a remote control or backdoor functionality for uploading and executing arbitrary other programs. Significant design and implementation flaws make all of the functionality available to anyone... Read more...
The Mac Security Blog from Intego, a Mac security software developer, has posted a security memo warning users of a new Trojan, dubbed Flashback, that is infecting OSX based systems. The Flashback Trojan masquerades as an Adobe Flash Player installer, and if an unsuspecting user downloads the file package and ultimately installs the Trojan, it will deactivate some security software, delete the installation package itself, install auto-launch code, and place a library in the /Library/Preferences/ folder that’s used to inject code into applications launched by the user. The Trojan then connects to a remote server and sends information about the infected Mac, including the machine’s... Read more...
A newly discovered Android Trojan can record not just the times and numbers for incoming and outgoing calls like its predecessors did, but the actual calls themselves. The malware, which was uncovered by a CA Technologies researcher, records calls in AMR format, and then stores the recorded call in a directory listed as shangzhou/callrecord on the SD Card. The malware also drops a configuration file that contains key information about a remote server and the parameters necessary to communicate with it. It's possible, therefore, that the malware can upload the recorded calls to a server maintained by the attacker. The Trojan was tested in "a controlled environment with two mobile emulators running... Read more...
While much attention is focused on Facebook scams and trojans involving Osama bin Laden's death, Facebook users should be aware of another new way scammers are spreading links to rogue sites.  They have begun to circulate convincing links claiming to be stories from Wired News about the iPhone 5. This scam takes advantage of Facebook’s new social plugin for websites that allow for comments, M86 Security Labs reports.   If a Facebook user clicks on the link, the user is instead sent to a random .info site. M86 says it has documented over 10 of these sites for this particular scam. Once there, the user is asked to answer a CAPTCHA-like verification form, such as "what is 3 + 2?",... Read more...
Security firms have issued fresh warnings against malicious trojans in the wake of Osama bin Laden's death and the wedding of England's Prince William. Malware authors have already seized on both events as bait for their own malware hooks and are using the promise of unseen photos/video to snare the unwary. This type of attack and the speed with which it's organized have become commonplace in recent years—when the former Prime Minister of Pakistan, Benazir Bhutto, was assassinated, trojans baited with information regarding her appeared within 24 hours. Since then, hurricanes, elections, and holidays have all been variously tapped as attack vectors. According to Fabio Assolini, a lab expert... Read more...
Samsung is taking it on the chin after revelations that a keylogger was found by a Network World writer, on not one but two Samsung computers. Because of the placement of the files in the same location, the writer, security consultant Mohammed Hassan, says in fact that this may be something intentional that Samsung is doing. According to Hassan, he spoke to a Samsung supervisor. That supervisor: [...] confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, "monitor the performance of the machine and to find out how it is being used." This whole incident makes little sense, however. For one, the keylogger, StarLogger, is pretty old (2004). It is therefore readily... Read more...
One of the most active spam bots, Asprox, has a new gimmick for a Trojan it's been e-mailing around for the past six months: Facebook. Its botmasters are trying to cash in on last week's blocked accounts and unfriending frenzy. Wednesday, November 17, was National Facebook Unfriend day, the brainchild of late night talk show comedian Jimmy Kimmel. However, the day before, Facebook confirmed that it was automatically disabling accounts it found to be suspiciously "fake." In the process it said a "bug" made it also disable a bunch of real users' accounts. Lots of information and disinformation began to promptly circulate about the accounts being blocked because Facebook required users to scan and... Read more...
Malware has been implicated as a contributing factor in a Spanair plane crash that killed 154 people two years ago Friday. The crash of Spanair flight JK 5022 occurred just after takeoff, two years ago, on August 20, 2008. The crash was Spain's deadliest in 25 years. Only 18 of the 172 passengers and crew survived. The plane, a McDonnell Douglas MD-82 aircraft, was taking on from Madrid's Barajas Airport on a scheduled flight to Las Palmas. While not directly involved in the crash, the malware affected the mainframe that monitors technical problems on the plane, according to the Spanish language paper El Pais. An alarm is supposed to sound if three similar technical problems are registered on... Read more...
Microsoft's new Security Essentials anti-malware product has just gone live. The site has been updated in the past hour or so, since we last checked it, and users can now download Microsoft Security Essentials for 32-bit Windows XP, and 32- and 64-bit Windows Vista/7. That's correct, in case you're wondering. There is no support for 64-bit Windows XP, at least for now. Microsoft's reasoning behind the free security software is, according to the company, to be sure that users in emerging markets are protected, as many of those users can't afford to buy antivirus software. As you probably know (and as Apple loves to trumpet), malware writers focus their efforts on Windows (understandably, considering... Read more...
Razer, one of the leading manufacturers of gaming mice, was giving out malware with their drivers, according to a post on security firm Trend Micro's website. According to Trend Micro, a large number of the device drivers which were earlier downloadable at the Razer support site were infected with a Trojan. The infected drivers run the proper installer, but then dropped a copy of WORM.ASPXOR.AB in the System directory. According to Trend Micro, the malware had very low detectability, with only 7 out of 41 vendors offering "generic detection." In a way, it's hard to believe detectability was so low. ThreatExpert received a submission on the trojan on August 20th, 2009, over a month ago. Trend... Read more...
For years, many people have believed that Macs are immune to malware, viruses, and worms that have wrought havoc on PCs. In reality, however, OS X is potentially just as vulnerable to harmful programs. The difference lies in the fact that hackers generally go after what will give them the biggest bang for their buck. Traditionally, that has meant targeting PCs because they run on a more prevalent OS. Given OS X’s small market share in comparison to Windows systems, Macs are less likely than PCs to be attacked. Since Macs are quickly gaining market share and status, however, they’re finding themselves under more frequent attacks. Apple has even alluded to this, having previously recommended that... Read more...
If you're running Mac OS X 10.4 or 10.5, there's a nasty Trojan horse out in wild that antivirus firm SecureMac has spotted being distributed from a hacker website. Taking advantage of a vulnerability of the Apple Remote Desktop agent, the Trojan does every sort of bad thing to your computer.According to SecureMac, the Trojan runs hidden on a Mac and allows a malicious user complete remote access. The Trojan can transmit system and user passwords, and avoid detection by opening ports in the firewall and turning off system logging. The AppleScript version, SecureMac reported, can also log keystrokes, take pictures with the built-in Apple iSight camera, take screenshots, and turn on file sharing.The... Read more...
Prev 1 2 3 Next