Skip to main content

Viruses & Malware

Microsoft Patch Tuesday thwarts nosey malware

posted onSeptember 10, 2014
by l33tdawg

Cyberattackers curious about the contents of users' hard drives will now have a tougher time finding that information, thanks to a new patch that Microsoft issued Tuesday in the latest round of "Patch Tuesday" bug fixes.

This iteration of Patch Tuesday fixes, which Microsoft releases on the second Tuesday of each month, was a relatively small one for the company, said Amol Sarwate, director of vulnerability research at IT research firm Qualys. This edition contains four bulletins covering 42 vulnerabilities.

Malicious advertising hits Amazon, YouTube and Yahoo, Cisco says

posted onSeptember 9, 2014
by l33tdawg

Malicious advertisements have popped up on websites such as YouTube, Amazon and Yahoo, part of a sophisticated campaign to spread malware, Cisco said Monday.

When encountered, the malicious advertisements cause a person to be redirected to a different website, which triggers a download based on whether the computer is running Windows or Apple’s OS X, wrote Armin Pelkmann, a threat researcher.

Android "Heart App" virus spreads quickly, author arrested within 17 hours

posted onAugust 12, 2014
by l33tdawg

SophosLabs has been following an interesting Android malware story over the past week.

The malware goes by the name XX神器 (XXshenqi) in Chinese, or the Heart App, as it calls itself in English.

In theory, the implication seems to be that you can use the app, which you receive as an SMS invitation from one of your friends, to organise a romantic hook-up. In practice, however, you and your friends will just end up with SMS headaches.

10,000 Records Encrypted By Synolocker at Chinese University's Faculty of Medicine

posted onAugust 12, 2014
by l33tdawg

Synolocker crypto-malware affecting Synology network access (NAS) devices in particular, has hit the Faculty of Medicine of Chinese University and took hostage no less than 10,000 patient records.

It appears that the affected data belongs to the Centre for Liver Health and Institute of Digestive Disease at the Prince of Wales Hospital in Sha Tin, and the police confirmed that the crooks used Synolocker for the deed.

New "Fake ID" exploit allows new types of Malware on Android?

posted onJuly 30, 2014
by l33tdawg

A new Android design error discovered by Bluebox Security allows malicious apps to grab extensive control over a user's device without asking for any special permissions at installation. The problem affects virtually all Android phones sold since 2010.

Bluebox calls the flaw "Fake ID" because it allows malware apps to pass fake credentials to Android, which fails to properly verify the app's cryptographic signature. Instead, Android grants the rogue app all of the access permissions of whatever legitimate app the malware claims to be.

Compromised Japanese porn websites distribute banking trojan

posted onJuly 17, 2014
by l33tdawg

Attackers have compromised popular Japanese adult websites in order to distribute a trojan that is primarily targeting customers of two major banks in the country; however, the malware could easily be repurposed for use in the U.S., according to researchers with ESET.

The Aibatook trojan is capable of constantly monitoring browsing activity, modifying visited web pages, redirecting to web pages, and constantly monitoring and exfiltrating information entered into web forms, Joan Calvet, a malware researcher with ESET, told SCMagazine.com in a Wednesday email correspondence.

Google: Mobile anti-virus not needed

posted onJuly 3, 2014
by l33tdawg

The majority of Android smartphone and tablet users do not need to install anti-virus and other security apps to protect them, despite dire warnings from security companies selling such products, Google’s head of Android security says.

Adrian Ludwig, the lead engineer for Android security at Google, said there was "a bit of a misperception" in how the company reviewed apps for its Google Play store in comparison with other stores.

Yahoo, YouTube ads spreading viruses

posted onMay 20, 2014
by l33tdawg

The $US43 billion online-advertising industry built by companies such as Yahoo and Google is jeopardising consumer privacy and giving hackers an easy path to infect computers, a US congressional investigation has found.

Now, armed with a better understanding of the opaque mechanics of web ads, Senator Carl Levin and other lawmakers are asking whether stricter rules are needed to protect consumers, setting up a battle with companies that shaped the internet.

Bitcoin blockchain allegedly infected by ancient 'Stoned' virus

posted onMay 19, 2014
by l33tdawg

A curious and probably accidental artefact has popped up in the Bitcoin blockchain, with a user reporting that it's identified as containing a virus by Microsoft's Security Essentials.

The reason El Reg is inclined to think it's accidental: in this discussion on a Microsoft discussion board, user edc678 says MSE is identifying the signature of the STONED virus in the blockchain.

Since STONED is a 27-year-old relic from the DOS days – all it did was pop up a boot message telling users “Your PC is now STONED”. It's believed to hail from New Zealand in 1987.