The Security Update 2011-003 that Apple released on Tuesday directly addressed the Mac Defender malware threat in two ways: it changed the way malware files are detected by enabling automatic daily updates, and included code to remove at least two of its variants. Despite this, malware developers had a version available that skirts past Apple's protections within about eight hours.
When asked about computer security and virus protection, most people are under the assumption that a Windows computer is expected to be in constant battle against malware and viruses of all kinds, while the Mac is generally safe, allowing users to do or download whatever they wish without any repercussions. Well, this assumption is not only being challenged at this point, but is actively being proven false thanks to the “Mac Defender.”
After the public release of the ZeuS source code a couple of weeks ago, another expensive piece of crimeware, the BlackHole exploit kit, is now available for free. The package was uploaded to free file sharing sites and the download link was posted on a website called The Hacker News.
You know you've finally arrived as a software platform when hackers start gunning for you. Such is the predicament that Apple's success has brought: Sophisticated malware has started to appear that's directed specifically at Apple machines.
For years, security experts predicted that as Apple gained market share, cybercriminals would turn their attention from Windows machines toward Mac attacks. Now it appears to really be happening. Apple's Mac OS X operating system now enjoys a market share of more than 15 percent in the U.S., according to Swedish Web-monitoring service Pingdom.
Satellite navigation company TomTom has admitted that it shipped two viruses on a number of its devices. According to the company, a "small number" of TomTom GO 910 satellite navigation devices were shipped last year with malicious software preinstalled.
"It has come to our attention that a small, isolated number of TomTom GO 910s, produced between September and November 2006, may be infected with a virus. Appropriate actions have been taken to make sure this is prevented from happening again in the future," said TomTom in a statement.
Juniper Networks says Android malware is up over 400% in the past 18 months. They found that the Android application store was the biggest distribution point for malware on mobiles.
A single Android malware application, DroidDream, infected over 50,000 users and is still in the process of being removed. With over 100 million android devices already online nad an estimates 400,000 more added every month it is no wonder hackers and phishing scams are proliferating. This is an untapped market for would-be identity thieves.
According to BKAV, the emails sent to Vietnamese email users under the false names had similar content: “The parcel sent to your home address. And it will arrive within 3 business days. More information and the tracking number are attached in the document below”.
BKAV’s experts say that if decompressing the attached file, users will see the files with the suffix “.doc” or “.pdf”. In fact, these are the malicious codes hidden under the icons of file “.doc” or “.pdf”. Meanwhile, it is difficult to recognize that these are malicious codes.
Spammers are exploiting YouTube's "invite your friends" function to send spam containing a variant of the "Storm worm." Bradley Anstis, director of product management at security firm Marshal, said that spammers are taking advantage of the YouTube function that lets people invite friends to view videos that they have viewed or posted. The function allows someone to e-mail any address from an account.
Malware-writers have developed a Java-based, equal-opportunity botnet Trojan in an apparent bid to infect more machines outside the Windows ecosystem.
IncognitoRAT uses source code and libraries that allow it to attack both Windows and Mac machines, at least in theory. Only the Windows version of the malicious downloader has been spotted actually spreading, McAfee reports.
Search giant Google's Image Search is now being used to distribute malware, with attackers using code injection to accomplish the job. Internet Storm Center researcher Bojan Zdrnja said that most of the attacks lead to sites offering fake antivirus programs.
