Malicious software

School Boards Hit With Cash-Stealing Trojan

The IDG News Service is reporting on a new FBI investigation [] of a rash of online hacking attacks and bank robberies against school districts in Illinois.

FBI investigators are working on a computer intrusion case at the Crystal Lake School District in Crystal Lake, Illinois, said Ross Rice, a spokesman with the FBI’s Chicago office. But several other school districts also believe that they have been hit by the same malicious software, Rice said.  The Clampi malware family [] may  be linked to these attacks.

From The Wall Street Journal (Emily Steel)
On a Saturday night at the end of May, visitors to the forums section of Digital Spy, a British entertainment and media news Web site, were greeted with an ad that loaded malicious software onto their computers. The Web site’s advertising system had been hacked.
A number of such attacks have occurred this year, as perpetrators exploit the complex structure of business relationships in the online advertising, with its numerous middlemen and resellers. Web security experts say they have seen an uptick in the number of ads harboring malware as the economy has soured and publishers, needing to boost their ad revenues, outsource more of their ad-space sales.  Read the full story []

From InformIT (Gary McGraw)  
This article originally appeared on as part of Gary McGraw’s Software [In]Security series.

Using the Software Security Framework (SSF) introduced in October, we interviewed nine executives running top software security programs in order to gather real data from real programs.Our goal is to create the Building Security In Maturity Model (BSIMM) based on these data, and we’re busy going over what we’ve built with the executives who run the nine initiatives (stay tuned here for more).

Welcome to the Show – Mon, October 20 2008

In this show, we introduce ourselves and recap the Virus Bulletin 2008 conference. We talk about the MBR Trojan (bootkit), the controversy surrounding anti-virus testing standards, information on the blackmarket for online gaming passwords and some data from Microsoft’s malicious software removal tool (MSRT).

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.