A new form of Android malware controlled via SMS messages has been discovered and the malware can record phone calls, upload the device’s GPS location, and reboot the phone, among other things.Researchers at NQ Mobile Security working with Dr. Xuxian Jiang’s team at nearby North Carolina State University uncovered the malware, named TigerBot.
The Flashback Trojan that has been infecting Mac OSX machines of late appears to have become the most successful piece of Mac-based malware in the short history of such things. Researchers say that there have been upwards of 500,000 Macs infected by the malware, and that number may still rise despite the fact that Apple has now released a patch for the Java flaw that the Trojan exploits.
A new version of Android malware has been tweaked so it doesn’t require user interaction for an attacker to own the device, according to research published by Lookout Mobile Security yesterday.
It appears that Microsoft’s recent Zeus takedown attempt left some bots behind. Days after the company announced it had sinkholed the troublesome botnet, researchers say that there are still some C&C domains active.
A new iteration of the Ice IX malware has been spotted attacking Facebook users, according to researchers at Trusteer, who claim that now the malware is trying to swindle unsuspecting users out of sensitive information like credit card numbers and addresses.
Less than a day after reports began surfacing that the Flashback trojan was hitting Mac OS X machines, Apple today released a fix to stop the latest variant of the password-stealing malware. The update closes numerous vulnerabilities in Java 1.6.0_29, including a serious hole that allowed an untrusted Java applet to help spread the malicious code.
Over 10 million people were hit by exploits served up by 25,000 of the most popular websites in the world in February, according to a new study released by Barracuda Labs.Using an internal tool, Barracuda analyzed Alexa’s list of the most popular websites to determine whether each URL was serving malicious content and doling out exploits to a browser or its extensions. Studies showed that on average, through the month, at least two of the top 25,000 sites served malicious content each day.
Cybercriminals are targeting US Airways customers with malicious spam emails containing a link that, once clicked, initiates a series of redirects, eventually leading users to a domain hosting the Blackhole exploit kit.
Adobe has published a free tool that can help administrators and security researchers classify suspicious files as malicious or benign, using specific machine-learning algorithms. The tool is a command-line utility that Adobe officials hope will make binary classification a little easier.
The twice-shut-down Kelihos botnet remains active and continues spamming with a new variant, despite yesterday’s efforts by Kaspersky Lab and CrowdStrike that knocked offline and sinkholed the most recent version of the botnet.
Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.
