You can say one thing for the underground malware distribution market, there’s certainly never a lack of drama. Weeks after the banning of Aquabox, the keeper of the Citadel banking Trojan, from an underground forum, another player has popped up to fill the market gap, this time with a new version of the Carberp Trojan.
Apple has made updates to its malware definitions to address yesterday’s news of a new OS X Trojan, SMSSend.3666, that was disguising itself as legitimate software and confounding Russian users.
Users of the popular Joomla content management system are being urged by security experts to upgrade to the latest version after reports of exploits being used to compromise websites built on the platform.
Facebook’s security team is being lauded by the FBI for its role the arrest of 10 individuals accused of spreading banking malware on the social networking site and collecting more than $850 million from fraudulent transactions.
In yet another blow to the tenuous false sense of security among Apple users, the Russian antivirus firm Dr. Web has uncovered what it claims is a first-of-its-kind fake installer Trojan targeting Mac machines and extorting their users with SMS fraud.
Attackers, purportedly hailing from Korea, have been targeting individuals in Russia’s aerospace, IT, education and telecommunication industries with hopes of extracting their passwords and credentials.
In the process of analyzing a seemingly new and fairly small botnet called Skynet, Rapid7 security researchers determined that this was precisely the same network described by its creator in a particularly bold ‘Ask Me Anything’ (AMA) on the social news site Reddit earlier this year.
There’s a little Michael Myers in the Kelihos botnet; maim it, kill it and it keeps on coming back to wreak more havoc. The 2011 takedown of the Kelihos botnet was one of Microsoft’s high-profile success stories against spambots and the like, yet Kelihos was back for more at the start of 2012 using dynamic fast-flux techniques to avoid detection and further shutdowns.
An August attack on the Saudi Arabian national oil company, Aramco, was reportedly launched in order to hinder oil production at the world’s most valuable company, according to a report published in the New York Times yesterday.
Infections from a nasty bit of malware, generally delivered by the Black Hole Exploit Kit, surged in November, hitting more than 83,000 machines.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
