Viruses & Malware

Market share! It’s an easy answer, but not the only one.

In an attempt to take advantage of the popularity of free photo-sharing app Instagram among smartphone users, malware writers have created fake Instagram websites to distribute Android Trojan horses, according to security researchers from antivirus firms Sophos and Trend Micro. 

Kasperksy today discovered a new spam campaign on Twitter pushing fake antivirus software. Since it is still ongoing, the numbers for it are likely much higher than what the security firm first reported: 540 compromised Twitter accounts sent out 4148 tweets, linking to a total of 44 unique domains (most of them hosted on .tk and .tw1.su).

A quick search on Twitter shows that the scam is still rampant. Here are a handful of tweets I saw while writing this article, to give you an idea of what the spam looks like:

We often assume that malware writers are the sort of evil geniuses who work tirelessly to exploit unheard-of or secretly hidden backdoors in order to make a quick dollar or use your computer's resources for their own means. But recently, it feels like they haven't even been trying that hard.

Despite Apple's release of numerous Java patches and an uninstaller tool, some 140,000 Macs worldwide are still affected by the Flashback trojan that was at one point present on 600,000 machines.

Although malware-affected Macs are on the decline, the numbers are at a point much higher than forecasted by software maker Symantec, according to a Tuesday post on the company's blog.

Hard on the heels of the Flashback Trojan, Kaspersky Labs is warning of a new OSX threat, which it’s dubbed Backdoor.OSX.SabPub.a.

In a post to Securelist, Kaspersky’s Costin Raiu says the Trojan connects to a command and control server hosted on a Californian-based VPS associated with the Onedumb.com free DNS.

Online payroll providers are being told to tighten up their login procedures, following the discovery of a new malware threat by Trusteer.

The security vendor has uncovered a Zeus that targets cloud-based payroll providers, and fears it could be used by cybercriminals to steal large sums of money from companies that use online services.

The number of Apple Macs infected with the Flashback malware seems to be shrinking as Internet security software vendors roll out tools to detect and remove the exploit and run “sinkhole” operations to reduce its effectiveness. 

According to security vendor Symantec, the number of infected systems worldwide has shrunk to 270,000, less than half of the more than 600,000 discovered by two other security firms earlier this month.

Apple has issued a second security update aimed at Flashback, the Mac malware that has reportedly infected 600,000 computers since last year.

Two independent sources have now confirmed that at least 600,000 Macs worldwide have been infected with the malware downloader called Flashback. That number is not just an estimate. It’s a count of unique hardware IDs reporting in to a command-and-control server.