A Trojan virus targeting Android-run mobile phones is on the loose and is secretly sending $6 text messages without the knowledge of the infected device's user.
Security developer Kaspersky Lab said the Trojan-SMS masquerades as a media player to trick mobile phone users into downloading the malware. Unsuspecting victims learn of the infection upon receiving their phone bills reflecting the high SMS charges.
The Stuxnet worm is a "groundbreaking" piece of malware so devious in its use of unpatched vulnerabilities, so sophisticated in its multi-pronged approach, that the security researchers who tore it apart believe it may be the work of state-backed professionals.
Tucows is the latest victim of hackers, who exploit a recent OpenX vulnerability to push malicious code onto legit websites in the form of advertisements.
Malvertizements are ads riddled with malicious code, which either exploit vulnerabilities in outdated software to install malware or promote rogue applications (scareware).
A hacker who claims he was behind a fast-spreading e-mail worm that crippled corporate networks last week said that the worm was designed, in part, as a propaganda tool.
The hacker, known as Iraq Resistance, responded to inquiries sent to an e-mail address associated with the "Here you have" worm, which during a brief period early Thursday accounted for about 10 percent of the spam on the Internet. He (or she) revealed no details about his identity, but said, "The creation of this is just a tool to reach my voice to people maybe... or maybe other things."
It's one thing to write about hackers, scammers, and malware, as I've done for various venues for the last 15 years. It's quite another to experience the nastiness first hand. This week, it was my turn. Here's my story.
Thursday night around 7 p.m. I Iogged onto my occasionally NSFW humor site, eSarcasm, to post something snarky. What I saw though, was something different and much scarier than usual -- A big fat warning sign from Google Chrome
Technology blog TechCrunch was flagged by malware-detections yesterday after it was infected by a variant of the Zeus Trojan.
It was initially detected by security blogger The Harmony Guy, who asked on Twitter if anyone else was getting malicious PDFs from pages at TechCrunch Europe and later claimed that a JavaScript file he identified had 'some mangled code at the start which loads an iframe from virtuellvorun.org'.
Malicious hackers are using the Google Code repository to host Trojans horses, backdoors and password stealing keyloggers, according to researchers at Zscaler.
The researchers found a malicious project hosted on the free Google Code site with about 50+ malware executables stored in the download section of the project.
Attackers took to Twitter on Monday to spread malware via links pointing to what they claimed was an update to the popular microblogging client TweetDeck.
A number of updates were sent from hacked Twitter accounts urging users to download a file called "tweetdeck-08302010-update.exe."
The tweets began with phrases, such as “Hurry up for tweetdeck update!” or “Download TweetDeck udate ASAP!,” and included a URL beginning with http://alturl.com/.
Anyone who was ever concerned by the concept of hacking conventions such as Black Hat -- which has evolved into a reputable venue for security defenders -- should brace themselves: An event called MalCon is on the horizon, which will provide a fine venue for malware creators to hone their craft, as well as, theoretically, an opportunity for malware fighters to bolster their arsenal to fight malware.
The Rustock mega-botnet appears to have ditched the experimental use of TLS (transport layer security) to obscure its activity, Symantec has reported.
Rustock's use of TLS is now averages between 0.1 and 0.2 percent of all spam, peaking at 0.5 percent, a tiny fraction of the levels seen in March when it reached averages of around 25 percent with a peak of as much as 77 percent. The key moment was on April 20, when the volume of spam featuring the tactic suddenly plunged to sub-one percent levels after an equally sudden rise in rates in the weeks prior to that date.
