A new Mac OS X Trojan is making the rounds, installing an adware plugin that renders ads on Web pages to generate revenue for its author.
Dubbed Trojan.Yontoo.1, it is the most prominent of an increasing number of adware Trojans making the rounds, according to Russian antivirus company Dr. Web, the same company that discovered the Flashback virus last year.
The biggest vulnerability to Macintosh computers is the belief among their devoted users that Apple's (AAPL) superior operating system makes them immune to malware, experts say.
"Some Mac users have this perception that the Mac is free from hacks and that is completely wrong," said Zheng Bu, senior director of research for Milpitas-based FireEye, which develops anti-malware products. Mac users, said Kevin Haley, Symantec director of product management for security response, "have let their guard down."
Malware researchers at Seculert say they've found two more cases of highly targeted malware coming out of China, and claim to have back-traced it to the same geographical region that was fingered as the source of the Project Aurora attacks.
"It's using a similar MO – infected PDFs sent out as part of a spear-phishing campaign," Aviv Raff, CTO of Seculert, told The Register. "We resolved it and found it was reporting to an IP address in China with the same physical location as the previous attacks. They are up to something."
Today Kaspersky Lab's team of experts published a new research report that analysed a series of security incidents involving the use of the recently discovered PDF exploit in Adobe Reader (CVE-2013-6040) and a new, highly customised malicious program known as MiniDuke. The MiniDuke backdoor was used to attack multiple government entities and institutions worldwide during the past week. Kaspersky Lab's experts, in partnership with CrySys Lab, analysed the attacks in detail and published their findings.
Hackers recently hit dozens of computer systems all across Europe due to a flaw recently discovered in Adobe’s software. NATO headquarters confirmed that they too had been attacked.
These recent government attacks were said to be far more sophisticated than other attempted attacks that happen nearly on a daily basis. Some experts have suggested that this recent attack may have been some form of a state sponsored hack, but no nation being accused was mentioned in the report.
Apple will release a malware removal tool after a number of Mac systems were infected by computer hackers who targeted Facebook last week.
Unknown hackers infected the computers of some Apple workers when they visited a website for software developers that had been infected with malicious software.
The malware had been designed to attack Mac computers, the Telegraph reports. The same software, which infected Macs by exploiting a flaw in a version of Oracle Corp's Java software used as a plug-in on Web browsers, was used to launch the attacks against Facebook.
OpenX’s free, open-source OnRamp service are left scrambling to find alternatives after hackers infected the ad server with malware over the weekend and forced the company to permanently shut it down today.
Users were first notified of the issue in a message posted on the OpenX help forum at 7:46 a.m. ET yesterday.
Financial malware authors are trying to evade new online banking security systems by returning to more traditional phishing-like credential stealing techniques, according to researchers from security firm Trusteer.
Most financial Trojan programs used by cybercriminals today are capable of tampering in real time with online banking sessions initiated by victims on their computers. This includes the ability to execute fraudulent transactions in the background and hide them from the user by modifying the account balance and transaction history display in their browser.
DESPITE A DROP in overall infection rates, nearly one out of every three PCs carries malware, according to Panda Labs.
The security firm said that overall some 32 percent of users it surveyed in 2012 were infected with malware, down from 38 percent in 2011. China was the most infected country with some 54 per cent of systems infected. South Korea was second, followed by Taiwan, Turkey and Honduras.
Microsoft Security Essentials has once again proven that it's not adequate for protecting a user's computer, after failing another antivirus test by scoring well below competitors' products. Dennis Technology Labs evaluated eight major antivirus programs from October to December 2012, awarding each program both a total accuracy rating and a protection rating, and in their testing they found Microsoft Security Essentials to be significantly worse than the other seven products on the test bed.
