Viruses & Malware
A major UK newspaper is cleaning up its website after a criminals tried to deliver ransomware to thousands of its readers.
The attack affected the blogs section of The Independent newspaper's website, Joseph C. Chen, a fraud researcher with Trend Micro, said in a blog post Tuesday.
"We have already informed The Independent about this security incident and are working with them to contain the situation," Chen wrote. "For their part, the news website staff was quick to respond and take action to mitigate the risk this event posed to the website itself and its user base."
There is a constant cat and mouse game between malware, security software companies and computer users, and the chance of one side winning the battle seems slim at best.
Malwarebytes revealed recently on Malwarebytes Unpacked how Vonteera, a malware previously classified as adware, operates.
While it may not be of interest to many how that particular malware operates, the methods that it uses to infect computer systems and remain on them may very well be as they are used by other malware as well.
Three new families of "auto-rooting adware," detailed by security researchers at Lookout, are "a worrying development in the Android ecosystem" because each can root the device and install itself as a system application, making the contamination virtually impossible to remove as the infection is designed to survive even a "factory data reset" device wipe.
Security firm FireEye has discovered a malicious backdoor program called SYNful Knock that could let hackers use Cisco’s routers to deploy attacks on a broad scale.
The implant is the same size as the Cisco router image, and it’s loaded each time the router is restarted. The program supports up to 100 modules that can be tailored to the attacker’s needs.
A new type of malware that can be used to compromise ATMs independently of who their manufacturer is, and can make the machine steal card data but also the cards themselves, has been spotted by FireEye researchers.
The dubbed the malware Suceful, after the authors' faulty spelling of the word "successful". The sample they analyzed came from VirusTotal, and it's likely that the authors submitted it themselves in order to see whether the malware will be flagged down as such by the various AV engines employed by the testing service.