Viruses & Malware

As predicted, hackers tried to trick users into downloading the Storm bot Trojan Friday by unleashing a flood of Fourth of July spam bearing links to malicious sites, several security companies reported.

The spam campaign, anticipated earlier in the week by MX Logic Inc., used messages with subject headings ranging from "Amazing firework 2008" and "Celebrating Fourth of July" to "Light up the sky" and "Spectacular fireworks show," said U.K.-based Sophos Plc. in an alert posted to the Web Friday.

Long ago and far away, in my young years, when I was working as pathologist, dealing with corps, viruses were rather frequent nidus. I left my medical practice, but viruses continue chasing me. Now, dealing with security threats I have to beware of the same old virus hazard. This makes me believe in reincarnation and spiral evolution, karma and fate. But if back in dissecting room the respiratory mask and gloves were the only possible protection, nowadays there are much more prevention means .

It’s been more than 10 days since the latest AppleScript.THT Trojan horse for Mac OS X reared its ugly head, yet still no word or fix from Apple. The new threat to versions 10.4 and 10.5 is classified as critical by the SecureMac security site, exploits a hole in the Apple Remote Desktop Agent to completely overtake an infected Mac and delete files and wreak other kinds of havoc. This threat, discovered on June 19, was made public on the SecureMac site a week ago today.

Security researchers today warned of a massive new spam campaign that tries to convince users to install the long-running Storm bot Trojan on their PCs.

The new spam blitz is difficult to characterize, said researchers from MX Logic Inc. and F-Secure, because of the nearly 40 different subject heads used by the spammers. "We've seen subjects talking about everything from 'White House hit by lightning, catches fire' to 'Italy knocked out of Euro 2008' and 'Nokia unveils revolutionary new phone design'," said an F-Secure researcher in a post to his company's blog today.

Supected botnet operators are using false reports that a fictitious earthquake near Beijing could disrupt the Olympic games to spread malware.

Tier-3, the behavioural analysis IT security specialist, says reports recruitment sites are being used by hackers to infect users with malware reflect the increasingly devious approach hackers are taking.

“MessageLabs have discovered hackers are exploiting the credit crunch, and the fact many senior people’s careers are stagnating. They are luring people with the promise of jobs but all users end up with is an infected PC or worse,” said Geoff Sweeney, Tier-3’s chief technical officer.

Nita Saxena is both agitated and perplexed. She is continually bombarded with numerous replies from friends and acquaintances, accepting her invitation to join the social networking sites she is active on. If she has invited them, why should she get angry? Simple. She has never sent out a single invitation.

On digging further, she found out that such invites were being sent not only to her colleagues and friends, but to her top bosses too – essentially, everyone who features in her address book.

Scientists may have found a new way to combat the most dangerous form of computer virus.

The method automatically detects within minutes when an Internet worm has infected a computer network.

Network administrators can then isolate infected machines and hold them in quarantine for repairs.

Ness Shroff, Ohio Eminent Scholar in Networking and Communications at Ohio State University, and his colleagues describe their strategy in the current issue of IEEE Transactions on Dependable and Secure Computing.

The emergence of a variant on a virus that encrypts the victim's data with a strong 1,024-bit algorithm so the victim can't unscramble it without paying a ransom has begun to spread, potentially posing a major threat, according to the antimalware firm which discovered it.

Kaspersky Lab says the new variant of the Windows-based encryptor virus Gpcode, which hasn't been spotted for about 1 ½ years, is more of a threat than it was in the past because this time it is using strong encryption that so far has defied efforts to crack it.

The amount of web-based malware on legitimate sites has increased by over 400 percent since last year, according to security vendor ScanSafe.

In a security report entitled A comparative look at the state of web security, May 2007-May 2008, released on Thursday, ScanSafe found 68 percent of all internet-based malware was now being hosted on legitimate sites.