Viruses & Malware

One impersonated a visiting news editor asking for interviews, another contained a petition and the third came with a questionnaire.

These e-mail messages sent to China-based foreign media over the past three days had one thing in common: they appeared to contain attachments with viruses. While cyber attacks are nothing new in China, the latest round appears to be more sophisticated and targeted at foreign media in the run-up to the People’s Republic’s 60th National Day on Oct 1.

According to CNET, cyber criminals are now transitioning their malware and viruses to open source code, making the fraudulent programs more accessible to hackers. The cyber criminals’ new business model, so to speak, would allow hackers and virus developers to sell apps and add ons to the open source viruses, opening up a new market in the cyber fraud business.

The change to open source code allows fraudsters to benefit from the sale of more advanced versions of the viruses and opens up a whole new market for virus and trojan apps.

Aurelija, an independent security professional, while making a post states that a PC virus namely 'P2P-Worm.Agent.ti' detected by Kaspersky is a severe danger to any computer's security, as reported by PC1news on September 7, 2009.

Instead of hacking into major online sites to embed malware, malicious hackers are going in through the front door by exploiting security holes in systems for delivering ads.

It happened just days ago, for instance, to the Web site of The New York Times. The newspaper company informed readers on Sunday about a rogue ad that was popping up on its site. The ad warned visitors to NYTimes.com that their computer may be infected with a virus and redirected them to a site that purports to scan the computer and offers to sell antivirus software.

The on-court outburst of World No. 2 WTA player Serena Williams during the recently concluded US Open Women's semifinal didn't just cost her a big fine, it caused some PC users a lot of grief in the form of malware.

People searching online for website links and video of Williams, who had a heated altercation with a line judge and made verbal threats that led to a game-ending point deduction; were met with fake antivirus pop-up windows reporting that the user's computer is infected and needs to download a program to fix the problem.

Malware-makers are an ever-crafty bunch. Constantly, many of them are seeking out new ways to trick people into running their nasty, nasty programs.

Printers and other Windows-based devices are as at much risk of threats to the network – such as the Conficker worm that attacked Ealing Council's IT systems earlier this year – as any other component in an organisation's IT estate.

Symantec has uncovered a scheme to use a Google Groups newsgroup to sneak commands to malware on compromised computers.

The move is another example of attackers looking for covert ways to communicate to their bots. Earlier this year, attackers were found using Twitter as a command and control (C&C) mechanism. By integrating their messages with legitimate communications, attackers make it more difficult to identify and shut down their C&C, according to Symantec.

A security researcher has discovered a cluster of infected Linux servers that have been corralled into a special ops botnet of sorts and used to distribute malware to unwitting people browsing the web.

Each of the infected machines examined so far is a dedicated or virtual dedicated server running a legitimate website, Denis Sinegubko, an independent researcher based in Magnitogorsk, Russia, told The Register. But in addition to running an Apache webserver to dish up benign content, they've also been hacked to run a second webserver known as nginx, which serves malware.

Malware writers have hooked onto the anniversary of the 11 September tragedy to spread malware via false virus messages.

Malware writers are either registering new web pages and filling them with terms relating to the event, or breaking into existing web sites and adding terms to rise higher on search engine rankings.