Viruses & Malware

A C­hinese anti-virus software company has been accused of deliberately installing viruses onto people's mobile phones in order to charge them to remove it. A report by the Chinese State-TV service claimed that NetQin - which has recently filed for a stock market listing in the USA - would covertly install a malware app into a handset whenever its own anti-virus program was installed.

A security breach may have exposed credit card information from people who bought Maine state park passes through an online vendor used by the state Conservation Department, and the potential breach could be much larger and involve consumers in other states, Maine officials said Thursday.

The company that handled the online park pass purchases warned that a malware attack potentially exposed credit cards used in transactions last year from March 21 to Dec. 22, said conservation spokeswoman Jeanne Curran. State officials learned of the problem last month.

New malware samples are appearing at an average of 73,000 per day, according to researchers.

Security firm Panda Labs said in a recent report that while growth has slowed in recent months, the load of new malware being detected is up 26 per cent from the same period last year, when daily new malware samples averaged around 58,000.

It seems that hackers are getting better at developing obfuscated and stealth mode malware code, as a security researcher with Symantec claims to have discovered the stealthiest file infector yet seen.

The trojan Backdoor.Prioxer, says Andrea Lelli, was received from a source that was also infected by the Koredos trojan, suggesting that there may be a link between the two pieces of malware.

Lest you think all of the DDoS bots we focus on come only from China, we found one that appears to be from the US. We’re calling this bot “Skunkx”. We have not yet seen the bot’s attacks in the wild, however, and so we do not know its favored victim profiles. We also do not know how big this botnet is at this time.

The bot’s capabilities include:

The 8.9-magnitude earthquake and deadly tsunami in Japan also has triggered a tidal wave of cybercrime, say experts.

Almost immediately after the news broke, internet fraudsters got to work by customising their malicious websites so they would rank near the top of search results, a process known as black hat search engine optimisation. They had information about the quake but actually had been booby-trapped with malware, such as rogue anti-virus programs.

If you've read much news lately, you know it's that time of year again -- time for the semiannual Android malware freakout show.

Early last week Google removed a bunch of malicious apps, most disguised as legitimate, from the Android Market after they were found to contain malware. The malware, dubbed DroidDream, uses two exploits to steal information such as phone ID and model, and to plant a backdoor on the phone that could be used to drop further malware on the device and take it over.

I prefer Google’s Android over Apple’s iOS for smartphones. I’ll take my Droid 2 over an iPhone 4, even though my carrier Verizon, now supports the iPhone. But, if Google can’t do better with its malware mess, I may be forced to change my mind.

First, the good news. On Saturday, Google’s Rich Cannings, the Android Security Lead, announced that:

1. We removed the malicious applications from Android Market, suspended the associated developer accounts, and contacted law enforcement about the attack.