GENEVA — A more comprehensive and serious level of cooperation among industry leaders is needed to help stop the scourge of malicious Web ads and botnets that result from the infected PCs, a top Google executive said Wednesday.
Browsing Category: Malware
Gamers trying to update their mouse or keyboard drivers from accessory maker Razer USA’s Web site recently may have gotten more than they bargained for.
According to the IDG News Service, the company’s computers appear to have been hacked, and its support site used to spread malicious Trojan horse programs. Customers who downloaded Razer software would get the drivers they requested, but they also got an obscure Trojan program.
There are security conferences, and then there is Virus Bulletin. While virtually all of the presentations are from researchers working at antimalware vendors and other security companies, the talks are quite technical and this year’s conference, which starts Wednesday in Geneva, Switzerland, features one most interesting speaker: Eric Davis of Google.
A new botnet, codenamed the ‘Bahama’ botnet has been linked to the recent surge in click-fraud and scareware attacks. This video by researchers at Click Forensics shows the Bahama Botnet in action. More on this botnet in this report.
Security researchers at penetration testing firm Immunity have created a reliable remote exploit capable of spawning a worm through an unpatched security hole in Microsoft’s dominant Windows operating system.
A team of exploit writers led by Kostya Kortchinsky attacked the known SMB v2 vulnerability and created a remote exploit that’s been fitted into Immunity’s Canvas pen-testing platform. The exploit hits all versions of Windows Vista and Windows Server 2008 SP2, according to Immunity’s Dave Aitel.
Over on the Washington Post’s SecurityFix blog, Brian Krebs has been doing a phenomenal job highlighting the online bank robberies — using malware — against small businesses in the United States.
The latest installment, which looks at the role of “money mules” in the cybercrime operation is required reading.
For about 24 hours over the weekend, The New York Times site was serving up fake security software (scareware).
In a message posted to Twitter and a note on its NYTimes.com site, the newspaper blamed a rogue advertisement for the malware blast:
The Web is a dirty, hostile place not fit for use by most decent people, a place where even many seemingly legitimate sites are infested with malware, password-stealing Trojans and all manner of other nasty applications. And it’s getting worse by the minute, according to a new threat report from Websense.
Media sites, including the New York Times, have become the latest targets of attackers who make their living by poisoning online ads and redirecting unsuspecting visitors to malicious Web pages or trying to trick them into downloading malware.
The last couple of years have seen a dramatic rise in the number and quality of malware-as-a-service and hacking-as-a-service providers, with many of them advertising their services on the Web. And while law enforcement officials are well aware of the problem, they’re not having much luck in finding or prosecuting the criminals behind the schemes.