Viruses & Malware

The news of Brittany Murphy' death is exploited by cyber criminals to spread fake antivirus software popularly called 'scareware.'

On December 20, 2009, the American actress suffered a heart attack at 0800 Pacific Time (1600GMT). Within few hours of death, F-Secure researchers in Finland said that cyber criminals were 'poisoning' search engines results to target people looking for information about the actress death. The search results produced pages that specially contained scareware.

It appears as though a prankster has come up with a clever little trick to get you to post a random image to your profile. It’s a simple loop which gets users to post a link an image, in turn getting your friends to click on the link and do the exact same thing. While the “virus” is not malicious and doesn’t require you to install any software on your computer, it does spam your friends which can be pretty annoying.

Smartphones could be set to spark a whole new set of worries for corporate security managers. This year, there have been reports of several viruses targeting Apple's iPhone and a new family of worms using SMS text messaging to spread malware among 3rd generation Symbian devices like the latest Nokia handsets.

Waikato District Health Board has been crippled by a computer worm which has seen every PC in the organisation shut down.

While the main hospital in Hamilton and smaller outlying hospitals were continuing to function, spokeswoman Mary-Ann Gill said it was important people only came for treatment if it was absolutely necessary.

Emergency care was still available but those arriving for routine appointments were being affected, as were GPs who often made referrals to hospitals via email. "We are asking GPs to only make urgent referrals," she said.

Koobface - the long-running worm which first appeared 12 months ago - is being customised by hackers to crack security systems on website hosting services, and so allow it to auto-create its own web pages.

According to Andrew Brandt, a security researcher with Webroot, the auto-captcha utility has been greatly enhanced, allowing the Koobface worm to check whether an infected user has a Google or Blogspot account.

Two separate groups of cyber criminals appear to be working in collaboration to help distribute their malicious software, botnet researcher Jose Nazario told ZDNet.

Nazario, in an interview with the tech news site, said that "we are seeing Zeus and Avalanche working together to promote growth. We appear to be seeing one of the groups, Avalanche, promoting Zeus malware." Zeus is an advanced Trojan that is designed to steal sensitive data from infected computers and remain undetected by anti-virus software.

Facebook users are being targeted by a nasty new version of the Koobface worm -- dubbed Koobface.GK -- that compels its victims to manually participate in creating a new Facebook account to help spread the worm.

The attackers are posting malicious links on Facebook wall pages enticing folks to click on a cutesy Christmas video. Attempts to play the video turns over control of the PC to the attacker, says PandaLabs researcher Sean-Paul Correll. The victim next sees a Windows warning message requiring them to solve a CAPTCHA puzzle within three minutes.

A massive spam campaign that poses as a message from the Centers for Disease Control (CDC) asking people to register for H1N1 vaccinations remains a big problem today, a security researcher said.

The messages lead unwary users to a convincing-looking CDC site where they're asked to create a profile in order to receive a vaccination for the swine flu, which has made headlines for both its aggressive spread and a lack of vaccine. The site urges users to download a vaccination profile archive, and includes a link to that download.

The notorious information-stealing Zeus trojan is currently spreading via drive-by download, said security researchers at IT management software and solutions vendor CA.

Those behind Zeus, or Zbot, recently began circulating spam claiming to come from the Internal Revenue Service (IRS), requesting users submit a “tax refund request form” by clicking on a link that is provided.

I was fed up with the general consensus that Linux is oh-so-secure and has no malware. After a week of work, I finished a package of malware for Unix/Linux.