Malware


iPhone Worm Circulating in the Wild

A simple, yet effective, worm is now circulating on some jailbroken iPhones, changing settings on the phones and terminating some services. The worm, which was discovered Sunday, doesn’t appear to be too malicious, but is an indicator of what might lie ahead for owners of iPhones and other smartphones.

Where Are We A Year After McColo Shutdown?

In the year since the shutdown of notorious Web hosting firm McColo, spammers are growing strong. Part of this is the result of improvements by botnet operators. Like anyone who is successful what they do, the people controlling the most powerful botnets in cyber-space learn from their mistakes. Security researchers discussed how.

Facebook, MySpace Fix Subdomain Errors

Facebook and MySpace have fixed errors that could have allowed data to be given out from its subdomains. A Dutch developer, Yvo Schaap, discovered the flaw and wrote on his blog: “A “more invasive and hidden exploit could harvest all the user’s
personal photos, data and messages to a central server without any
trace, and there is no reason why this wouldn’t be happening already
with both Facebook and MySpace data.” Read the full article. [Computerworld]


A flaw in the SSL protocol that could affect company networks, hosting environments and key machines has security researchers scrambling. The flaw, which requires a hack in to a network to launch, has devastating consequences and implications on database and mail servers. Discovered in August by PhoneFactor, the researchers have been working with ICASI to make an industry-wide fix, which is called “Project Mogul.” Researchers Chris Paget and HD Moore are helping to expose the flaw. Read the full article. [Computerworld]

The FBI reports it has seen a rise of malware over the past few months targeting small and medium businesses and municipal government entities and school districts. Once a malicious attachment or link is opened, keylogging tactics obtain bank account info where criminals then initiate wire transfers or Automated Clearinghouse Transfers (ACH). The report also cites that in some cases individuals have been recruited to unknowingly help criminals with “work at home” jobs that tell them they will be working on sending these fraudulent funds transfers by Western Union or Moneygram. FBI has links to US CERT for help. Read the statement. [FBI]

Research between North Carolina State and Microsoft has garnered a way to better isolate and centralize kernels–up to 6,000 different kernel hooks–and has stopped nine rootkits. The tool is called HookSafe and runs on Ubuntu Linux 8.04 and uses hardware-based memory. At issue is whether other rootkit technology can bypass this tool, says one rootkit expert. The one hitch so far appears to be a 6 percent performance hit.  Read the full article. [Dark Reading]

A relatively new trojan has been making the rounds and causing some problems, particularly on Windows XP systems. Trojan:Win32/Daonol
is malware which hooks various system calls in order to steal
credential information and redirect some web traffic. It also protects
itself by keeping some security-related software from running. Read the full story [TechNet].

Yesterday, a “Your iPhone’s been hacked because it’s really insecure! Please visit doiop.com/iHacked and secure your phone right now!” message popped up on the screens of a large number of automatically exploited Dutch iPhone users, demanding $4.95 for instructions on how to secure their iPhones and remove the message from appearing at startup.  Read the full story [Dancho Danchev/ZDNet]

Windows Vista is dramatically more secure than Windows XP, according Microsoft’s latest Security Intelligence Report. The infection rate of Windows Vista SP1 was 61.9 percent less than Windows XP SP3, the company said.The report covers the first half of 2009 and is the seventh such twice-yearly report the company has issued.  The study found that for all Microsoft operating systems that the most current service pack is always the least infected, based on infections per 1,000 computers running each OS. Windows 7 was not included in the report. Read the full report [Network World]

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.