The malware authors who have been writing password-stealing Trojans, banking Trojans and rootkits have branched out into a new form of persistent malware designed to hijack victims’ Web browsing sessions.
Browsing Tag: malware
Windows Vista is dramatically more secure than Windows XP, according Microsoft’s latest Security Intelligence Report. The infection rate of Windows Vista SP1 was 61.9 percent less than Windows XP SP3, the company said.[img_assist|nid=1495|title=|desc=|link=none|align=right|width=115|height=115]The report covers the first half of 2009 and is the seventh such twice-yearly report the company has issued. The study found that for all Microsoft operating systems that the most current service pack is always the least infected, based on infections per 1,000 computers running each OS. Windows 7 was not included in the report. Read the full report [Network World]
A new r[img_assist|nid=1454|title=|desc=|link=none|align=left|width=115|height=115]ansomware variant encrypts files on a computer but uses a novel twist on monetizing the extortion threat.
Instead of demanding money directly for decryption keys, as has been the case in other instances, it presumes that the owner of an infected computer will search for information to help unlock the files. The search typically leads to a fraudulent company offering a fix but requiring a payment to obtain it. Read the full story [SC Magazine]
More than half of the attacks against Micro[img_assist|nid=1440|title=|desc=|link=none|align=left|width=100|height=100]soft Office applications during the first six months of 2009 were against applications that had not been patched in more than five years.
Am[img_assist|nid=1428|title=|desc=|link=none|align=left|width=115|height=137]id all the malware on Facebook, Twitter, Bit.ly and other social networks and microblogs, there are some new tips and strategies on how to avoid being hijacked. The article describes a number of methods including the hijacking of Twitter trending topics and hijacking legitimate Twitter accounts for total control and then spreading malware links. Advice points to being skeptical of links, even from friends, and eing careful with shortened urls (a great place to hide malicious links). Even though Twitter and Bit.ly are using Google’s Safe Browsing API, some malware continues to work. Read the full article. [ReadWriteWeb]
There are reports of phony FDIC notification e-mails trickin[img_assist|nid=1424|title=|desc=|link=none|align=left|width=115|height=115]g computers users into installing the ZBot identity-theft Trojan. The e-mails
tell the recipients that their banks have filed for bankruptcy and that
the banks’ asserts are now under the control of the FDIC. The links
offered in the message lead to a page that offers users a chance to see
their “personal FDIC insurance file(s),” but which actually installs
the Zeus or ZBot Trojan on their PCs. See the FDIC warning [fdic.gov]
Microsoft today released its biannual Security Intelligence Report
which demonstrates some surprising conclusions about how the threat
landscape is impacting enterprise networks. For example, the number of
rogue security software infections[img_assist|nid=1407|title=|desc=|link=none|align=left|width=115|height=91], which experienced a high-profile
scourge earlier this year, was down, as was the number of Trojan and
downloader infections. Computer worm infections, on the other hand,
surged upward. Read the full story [SearchSecurity.com].
[img_assist|nid=889|title=|desc=|link=none|align=right|width=115|height=115]Dennis Fisher and Ryan Naraine discuss the increasing volume
and sophistication of attacks on social networks, the continued rise of malware
campaigns such as Gumblar and the recent news around cyberwar and cyberterror.
Gumblar, the nasty bit of malware that was part of a mas[img_assist|nid=1295|title=|desc=|link=none|align=right|width=115|height=115]s SQL injection on legitimate Web sites this spring, is continuing to spread and its creators have been busy lately, compromising hundreds of new sites, leading to a massive new wave of infections of end-user PCs.
Opachki is one of many software tools developed by criminals to hijack and monetize Windows users’ search traffic using affilate-based search engines that are ultimately advertiser-sponsored, sometimes by well-known and respected firms. Instead of only hijacking search result links, Opachki attempts to hijack as many links as it can on any web page, using the text enclosed by the HTML HREF tag as a faux search phrase when redirecting the user to an affiliate-based search engine. Read the technical analysis [Joe Stewart/SecureWorks]