iPhone-toting Windows users should keep an eye out for a trojan targeting their somewhat specific demographic. Spam e-mails advertising iPhone games—often with subject lines of "Virtual iPhone games!," "Take a break!," and "Apple: The most popular game!"—have begun circulating around the web toting a zip file called Penguin.Panic.zip. When opened, the Troj/Agent-HNY trojan is released and will wreak havoc on Windows systems.
For the vast majority of users, at least, the current model of paying for and installing separate online security software products for each device, OS and transaction environment is on the way out. It has to die. Why? Look at the way the kids use Google, and then look to the future.
After targeting Facebook and MySpace, hackers have now come out with a fake YouTube page creator program to infect unsuspecting surfers, according to security experts at PandaLabs. John Stokdyk reports.
The YTFakeCreator kit was uncovered last week and makes it easy for cyber-criminals to create spoof YouTube pages. They then send out spam emails containing a link to promised excitements, but as with the MySpace and Facebook lures, the victim is then confronted with a dialogue box telling them they need to download an update to see the video.
Security experts are warning users to be on the lookout for a new rash of fake antivirus campaigns.
The rogue security applications disguise themselves as legitimate antivirus tools, often offering users false scans or creating pop-up windows which warn users that their systems are infected. Believing that the security program is legitimate, the user pays money for the phony software.
"Losing $50 for a fake program is bad enough, but victims should be worrying, though, about losing much, much more," wrote Trend Micro technical communications team member Macky Cruz
Sophos has discovered a widespread spam campaign that claims that a powerful explosion occurred at a nuclear power station located in the suburbs of London on the afternoon of the 9th September.
In yet another new way to infect people, criminal hackers are using a Twitter page, according to one security researcher.
In a blog, Chris Boyd, director of malware research for Facetime, explained how a Twitter page is being used to lure victims. To lend credibility to his discovery, the Twitter page lists 17 followers, however each appeared to be fraudulent. Boyd said Twitter had been notified.
A recent security advisory from a messaging security company warned that service providers are placing e-mail users at risk by continuing to ignore sophisticated virus propagation techniques. Attackers are moving beyond traditional tactics, such as sending messages with virus executables attached or virus-infected documents, to employing hybrid attacks that combine elements of both spam and viruses. In these attacks, malware authors embed links in informative or advertising e-mails.
Paris Hilton's image is being used by cybercriminals to push fake anti-virus software programs that actually do more harm than good, researchers have warned.
Hilton regularly pops up in online scams, alongside female celebrities such as Angelina Jolie and Madonna, often in emails that promise to take you to nude pictures of the hotel heiress or to news of a scandal involving her.
And fake anti-virus programs such as Antivirus XP 2008 have been circulating on the web recently, which fool surfers into installing rogue software on their PCs by flashing up fake virus warnings.
Viruses intended to steal passwords and send them to a remote server infected laptops in the Iss_laptopsInternational Space Station in July, NASA confirmed Tuesday.
And according to NASA, this wasn't the first infection. "This is not the first time we have had a worm or a virus," NASA spokesman Kelly Humphries said. "It's not a frequent occurrence, but this isn't the first time."
Users tired of phishing attacks who retaliate by talking back are being targeted with exploits designed to hijack their computers, a security researcher said today.
In a new twist, phishers using the Asprox botnet have struck victims who use the scam's log-in screen to give the crooks a piece of their mind. The scammers fire off a multi-exploit attack kit against anyone who uses profanity in place of a username or password, said Joe Stewart, director of malware research at SecureWorks Inc.
