Skip to main content

Viruses & Malware

Ohio coder accused of infecting Macs, PCs with webcam, browser spyware for 13 years

posted onJanuary 11, 2018
by l33tdawg

A computer programmer has been accused of hacking, committing identity theft, and creating child pornography after allegedly developing custom malware to take control of thousands of computers.

Phillip Durachinsky, 28, of North Royalton, Ohio, USA, was indicted on Wednesday on 16 separate charges relating to the alleged creation of malware dubbed Fruitfly, which could commandeer infected macOS and Windows PC systems. Prosectors claim Durachinsky used the code to spy on thousands of people in a campaign that started in 2003, when he was just a teenager.

Ransomware: A Brief Primer

posted onDecember 20, 2017
by l33tdawg

By: Adam Edmond

What Is It?

Ransomware is malicious software that essentially holds, encrypts or delete your data to acquire a ransom out of you. Briefly, hackers racketeering their victims by encrypting or removing all the critical files in case their demands aren't met.

Usually, there are four main ransomware attacks strategies:

Currency-mining Android malware is so aggressive it can physically harm phones

posted onDecember 20, 2017
by l33tdawg

A newly discovered piece of Android malware carries out a litany of malicious activities, including showing an almost unending series of ads, participating in distributed denial-of-service attacks, sending text messages to any number, and silently subscribing to paid services. Its biggest offense: a surreptitious cryptocurrency miner that's so aggressive it can physically damage an infected phone.

Malware scare forces five-year-old MMO to shut down chat

posted onNovember 12, 2017
by l33tdawg

Tera, a Korean MMO that debuted in the US in 2012, has shut down its in-game chat system after some players discovered a potentially serious vulnerability. According to the players' report (Google docs), Tera's chat interface uses HTML, which people can exploit to blast players with external images and links, as well as to collect people's IP addresses. More importantly, someone truly unethical could use it to spread malware.

Data-wiping malware targets Europe

posted onMarch 7, 2017
by l33tdawg

Shamoon—the mysterious disk wiper that popped up out nowhere in 2012 and took out more than 35,000 computers in a Saudi Arabian-owned gas company before disappearing—is back. Its new, meaner design has been unleashed three time since November. What's more, a new wiper developed in the same style as Shamoon has been discovered targeting a petroleum company in Europe, where wipers used in the Middle East have not previously been seen.

Newly Discovered Android Trojan Hijacks Routers

posted onJanuary 3, 2017
by l33tdawg

The most common way for threat actors to compromise a network router is to attack it directly. The other and potentially more scalable way is to try and get individual users to unwittingly do it for them.

Security researchers at Kaspersky Lab have discovered a dangerous new Trojan dubbed Switcher that is designed to infect and hijack WiFi routers via compromised Android end user devices.

Three hospitals in England cancel operations over computer virus

posted onNovember 1, 2016
by l33tdawg

Planned operations and outpatient appointments have been cancelled at three hospitals in northeastern England after a computer virus infected a health service network, the National Health Service Trust said.

In a post on its website, the Northern Lincolnshire and Goole NHS Foundation Trust called the attack a "major incident" and said it had cancelled all planned operations, outpatient appointments and diagnostic procedures for Wednesday.

Nymaim malware got a major 'upgrade', says Verint

posted onNovember 1, 2016
by l33tdawg

The miscreants behind the Nymaim malware dropper have updated their code to include better obfuscation and blacklisting against security software.

Analytics outfit Verint, which discovered the latest version and offers its analysis here, says the new code base targets phishing rather than the drive-by-download approach favoured by the original version of the malware.