Iran Retracts Reports of New Stuxnet-Like Attacks Against Utilities
Iranian officials are retracting Christmas day reports that malware resembling Stuxnet had been used to attack manufacturing facilities including a power utility in southern Iran.
Malware
Interview with Kaspersky Chief Malware Expert Alex Gostev
The last year has seen a lot of changes in the threat landscape, with the emergence of a number of new cyber espionage tools such as Gauss and Flame, as well as an increase in the volume of malware targeting mobile platforms such as Android. Recently, Alex Gostev, the chief malware expert at Kaspersky Lab, answered questions submitted by users on Facebook, discussing the evolution of antimalware solutions, the threats to mobile devices and how governments around the world are handling the cybercrime explosion.
Ransomware Extortion Scam Locks Machines, Demands Payment
The latest ransomware scam is locking down infected machines and displaying localized webpages warning users that their computer contains “banned material” and won’t be unlocked until a fine is paid, according to a report from McAfee’s Naganathan Jawahar.
Not too long ago, it would have been extremely far-fetched to imagine buying crime services a la carte. But that’s the dynamic that emerged in 2012 to plague cybercrime victims on both the consumer and corporate end of the spectrum. The black-market infrastructure that supports cybercriminals is increasingly backboned by packaged malware, exploit kits, as well as hacks and fraud as a service. Expect that to continue and evolve in 2013, experts say.
A “blast from the past” surfaced recently among those who play Microsoft Excel-based Sudoku puzzles: malware spread by macros.
Spreading malicious code via macros was the rage among the digital underground in the late 1990s, so much so that Microsoft eventually disabled them by default.
UPDATE – A new Apache module, Linux/Chapro.A, is making the rounds, injecting malicious content including a popular Zeus variant into web pages.
The newly emerging Sweet Orange Exploit Kit boasts a 10 to 25 percent infection rate and is promising to drive 150,000 unique visitors per day to the websites of its customers, according to Jeff Doty and Chris Larsen of Blue Coat Security.
A pingback vulnerability exists in the WordPress blogging platform that could leak information and lead to distributed denial of service (DDoS) attacks if the right script is run, according to web application security firm Acunetix.
Computer systems in Iran are being targeted by a new strain of malware that is capable of wiping disk partitions clean of files. Security researchers are calling the attacks simplistic, yet effective.Researchers at Kaspersky Lab said the malware launches only on pre-determined dates and will delete all files on drives D through I. It also deletes user profiles and will wipe all files on the computer’s desktop.
Finding keen new ways to avoid detection by security systems, malware scanners in particular, seems to be a primary objective for malware writers.Researchers at FireEye have found one of the most ingenious, a Trojan called Upclicker that eludes automated sandbox detection by hooking into a mouse click.
