Viruses & Malware

Security experts at Finjan's Malicious Code Research Center (MCRC) have issued a warning against a crimeware attack that is reportedly said to turn highly confidential websites into malicious traps for naive visitors.

The Web gateway security vendor Finjan claims that at least 10,000 websites in the U.S. were corrupted due to this malware in December alone.

Finjan's MCRC has cautioned that Random.JS is an unusually tricky Trojan that infects the targeted machine and relays data from the machine back to the hackers intercepting it through the Internet.

Although the infamous Storm worm enters 2008 with a reputation as the world's most dangerous botnet, security experts say there's an up-and-comer called Nugache that could give it a run for its money.

Although the infamous Storm worm enters 2008 with a reputation as the world's most dangerous botnet, security experts say there's an up-and-comer called Nugache that could give it a run for its money.

Experts at are warning workers returning from the New Year holidays to be wary of Internet attacks taking advantage of the celebrations. New versions of the Storm worm (also known as Dorf worm) have in recent days posed as Happy New Year e-cards.

The latest malicious e-mail campaigns contain links to Web sites containing malware, and have used a wide variety of subject lines including:

A brand New Year 2008

Blasting New Year 2008

Dance to the New 2008 Year tune

Happy New Year 2008 to the one I love

New Year 2008 Wishes

Google's Orkut social networking site appeared to have been hit by a relatively harmless worm, but one that demonstrated the continuing vulnerability of Web applications.

Some Orkut users received an e-mail telling them they had been sent a new scrapbook entry -- a type of Orkut message -- on their profile from another Orkut user.

They only had to view their profile to become infected by the worm, which added them to an Orkut group, "Infectados pelo Vi­rus do Orkut," wrote the blogger Kee Hinckley on his site TechnoSocial.

Security researchers are warning that the iPhone may generate a new hacker crime wave, becoming "a primary target for hackers in 2008."

Arbor Networks believes the iPhone will become a major target, subject to a "serious attack" in 2008.

The researchers predict drive by attacks in which malware is embedded into seemingly innocuous data or images designed to attack iPhone via its web browser.

The idea that Macs and the Mac OS would somehow remain invisible to hackers despite enjoying huge influx of new users was just too good to be true. To be honest, the only people who really believed that hackers wouldn’t start targeting the Mac platform were Mac users looking for some false hope to cling to. According to security experts at F-Secure, Fortress Mac is under attack.

Finnish security vendor F-Secure has collected twice as many malicious software samples this year than it has over the last 20 years, a trend that highlights the growing danger of malicious software on the Internet.

Through the end of 2006 and 20 years prior, F-Secure counted a total of 250,000 samples, said Mikko Hypponen, F-Secure's chief research officer. This year alone, 250,000 samples have been counted, he said.

Carnegie Mellon University's Computer Emergency Response Team (CERT) has issued an alert over spam emails claiming to come from the US Department of Justice (DOJ).

This is not the first attack of its kind – a very similar set of spam was sent out in June. Once again the email warned that a complaint has been made against the recipient.

"These messages contain a malicious attachment that supposedly contains information regarding complaints filed against the recipient's company with the DOJ," said the latest CERT bulletin.

Ang Lee's latest film "Lust, Caution," has prompted a serious online virus threat in China that officials say come embedded with hundreds of downloadable versions of the film. Set in Shanghai during the World War II-era, the film tells the story of a Chinese woman who is recruited to seduce and kill a married enemy collaborator.

According to local news media, hackers are planting viruses on Websites that provide online video or download services of "Lust, Caution," and could infect personal computers if users attempt to download the movie or even click the link.