Viruses & Malware

Security firm Sophos has recently warned netizens to be cautious of fake antivirus software that pretends itself as a free 30-day trial of McAfee VirusScan Plus.

Graham Cluley, Senior Technology Consultant at Sophos, said that the company's spam traps seized a wave of malicious emails that alleged to offer the virtual McAfee trial. Instead, it delivered malicious cargo naming as Mal/FakeAV-El, as reported by Tom's Guide on July 28, 2010.

Anti-virus technologies may be even more ineffective than feared.

A study by web intelligence firm Cyberveillance found that, on average, vendors detect less than 19 per cent of malware attacks on the first day malware appears in the wild. Even after 30 days, detection rates improved to just 61.7 per cent, on average.

A Trojan posing as a media player for Android smartphones automatically sends text messages to premium rate numbers, according to Kaspersky Lab.

Company officials say the Trojan, dubbed Trojan-SMS.AndroidOS.FakePlayer.a, is the first of its kind for the Android platform, even though SMS Trojans are currently the most widespread type of malware on mobile phones.

HACKERS have begun adapting tried-and-true computer infections to work on internet-enabled smartphones. Global smartphone shipments topped 54 million in the first three months of this year, a 57 per cent jump from a year ago, according to research firm IDC.

The cyber-underground took notice. Download the wrong wallpaper application for your Google Android phone and you could get one that will harvest the phone and voicemail numbers, and data that can disclose your location.

It is no secret that I have little use for endpoint anti-malware protection apps. In my experience they are all, regardless of vendor, virtually worthless. A well written piece of modern endpoint anti-malware will briefly inform you that you have been infected right before it commits seppuku and vanishes, leaving you to deal with the malware and all the little friends it downloaded.

The best way to deal with malware, of course, is not to get infected in the first place. This means learning to manage application vulnerabilities.

Internet Explorer 8's Smartscreen Filter, used to secure users from dodgy websites, has stopped its one billionth malware download, Microsoft has proudly announced.

As with similar filters found on browsers such as Mozilla Firefox, the first thing that Smartscreen does for IE8 users is check each site visited against a whitelist of known good sites, further assessing any new site in case it is suspicious.

Security researchers have found more malware exploiting an unpatched Windows vulnerability via .LNK shortcut files.

According to Sophos blog July 23, two other pieces of malware have been observed targeting the bug. One is a keylogging Trojan the company is calling Chymin-A that is "designed to steal information from infected computers." The other is Dulkis-A, a "worm written in obfuscated Visual Basic" that contains several subcomponents.

As per the security firm 'Computer Associates (CA),' hackers have developed a new version of the Zeus crimeware toolkit. The researchers have named this new crimeware tool kit as the 'Zeus version 3'.

Hackers have built a computer virus that attacks Siemens AG's widely used industrial control systems, creating malicious software that analysts said can be used for espionage and sabotage.

The German company said the malware is a Trojan worm dubbed Stuxnet that spreads via infected USB thumb drives, exploiting a yet-to-be-patched vulnerability in Microsoft Corp's Windows operating system.

The digital certificate that belonging to Realtek Semiconductor that was used to sign a pair of drivers fro the new Stuxnet rootkit has been revoked by VeriSign. The certificate was revoked Friday, several days after news broke about the existence of the new malware and the troubling existence of the signed drivers.