Malware

mobile
October 7, 2011
by

Investment in mobile security to climb 44% annually through 2015

By on October 7, 2011 at 8:15 AM.

Investment in mobile security to climb 44% annually through 2015

Investment in mobile security will increase 44% annually through 2015 according to a recent research report from Canalys. Reportedly, just 4% of smartphones shipped last year were sold with security software pre-installed. Canalys suggests that, by 2015, more than 20% of all smartphones and tablets will run some form of security software and mobile security will be a $3 billion market. The research firm attributes the growth to an increase in pressure from enterprise customers, and it expects the usage of client security products such as antivirus software, VPN encryption and firewalls will grow an average of 54.6% annually to 2015. “Enterprises must adopt a holistic view of mobile security, as there is no single solution that provides complete protection,” research analyst Nushin Hernandez said. “A more robust approach, even compared to that used to protect typical notebooks and desktops, is needed.” Read on for the full press release from Canalys. More →

5 Comments
mobile
August 24, 2011
by

Android-targeted malware jumps 76% in Q2, McAfee says

By on August 24, 2011 at 10:55 PM.

Android-targeted malware jumps 76% in Q2, McAfee says

A new report recently issued by the security firm McAfee suggests that the number of malware applications targeting Android devices jumped 76% during the second quarter of this year, making Android the “most attacked” mobile operating system. “This year we’ve seen record-breaking numbers of malware, especially on mobile devices, where the uptick is in direct correlation to popularity,” senior vice president of McAfee labs Vincent Weafer said. Android users typically install the malware accidentally and assume the app is from a safe and legitimate developer. The most prevalent malware-infected modified applications were:

  • Android/Jmsonez.A -  a calendar app that sends SMS texts to a premium rate number.
  • Android/Smsmecap.A – a fake comedy app that sends SMS texts to everyone in the user’s address book.
  • Android/DroidKungFu – malware that is capable of installing its own software and updates.
  • Android/DrdDreamLite – capable of sending data back to the attacker.

McAfee also noted a number of popular Android Trojans that have been making their way through devices. In addition, the company released compelling figures for how much a hacker can sell stolen email addresses for. In the United States, for example, 10,000,000 addresses can be sold to spammers for roughly $300. Read on for McAffee’s full press release, which includes several data points for PCs, too. More →

41 Comments
mobile
August 12, 2011
by

AT&T to offer customers more robust security options

By on August 12, 2011 at 12:45 AM.

AT&T to offer customers more robust security options

AT&T announced on Thursday that it has teamed up with Juniper Networks to offer improved mobile security options for its customers. AT&T said that it expects the first “phase” of its security roll-out to be available to businesses, organizations and customers later this year when it launches the AT&T Mobile Security application. It can help businesses enforce security policies, manage enterprise and personal devices, and enable anti-virus protection with monitoring and control tools. In addition, the application can protect consumers from viruses and malware. “Mobile security is the ‘next frontier’ for our continued effort to mitigate cyber-threats and to help protect our customers’ information,” said Ed Amoroso, chief security officer, AT&T. Read on for the full press release. More →

7 Comments
Legal
July 8, 2011
by

Secret Service investigates Apple Store spy camera artist [video]

By on July 8, 2011 at 1:45 PM.

Secret Service investigates Apple Store spy camera artist [video]

Brooklyn-based artist Kyle McDonald finds himself in hot water after secretly photographing Apple Store customers while they shopping for computers. “I thought maybe we could see ourselves doing this we would think more about our computers and how we’re using them,” McDonald told Mashable. Without the staff’s knowledge, the 25-year-old installed software on computers at two Apple Store locations in New York that used their integrated webcams to capture photos every 60 seconds. The software then automatically sent the photos to McDonald. The electronic artist published his project on his site and a dedicated Tumblr blog, and eyebrows were raised soon after. Mashable reports that McDonald was soon approached by the U.S. Secret Service, and his personal computers have been confiscated as part of the investigation into alleged computer fraud. McDonald says he did get Apple Store security guards’ permission to take photos in the stores, and he also asked permission while photographing patrons — with his handheld camera. McDonald makes no mention of gaining Apple’s permission to install software on display computers that secretly snaps photos and sends them to McDonald behind the scenes. A video of McDonald’s project can be viewed below. More →

58 Comments
Security
June 28, 2011
by

LulzSec’s last lulz: Malware for all those who downloaded hackers’ final plunder

By on June 28, 2011 at 12:30 PM.

LulzSec’s last lulz: Malware for all those who downloaded hackers’ final plunder

The small group of hackers known as Lulz Security, or simply “LulzSec,” would never disband without one final round of fun. BGR reported on Monday that the group’s reign of terror was coming to an end after 50 lul-filled days. During that period of time, LulzSec released data stolen in a series of online breaches with targets ranging from Sony to the U.S. Government. In its coup de grâce, LulzSec released a stash of stolen data from a variety of targets, including AT&T, Disney and the U.S. Navy. But data obtained through online breaches wasn’t the only thing LulzSec stuffed into the file; a directory named “BootableUSB” also contained a variety of malware including trojans and worms. While “LulzSec” is no more and its notorious Twitter account now sits dormant, members of the well-known hacktivism group “Anonymous Operations” have confirmed that LulzSec is gone in name only — the six LulzSec members have been absorbed by Anonymous, according to the group’s official Twitter feed. More →

33 Comments
Software
May 25, 2011
by

Apple acknowledges ‘Mac Defender’ malware problem, posts removal instructions

By on May 25, 2011 at 9:40 AM.

Apple acknowledges ‘Mac Defender’ malware problem, posts removal instructions

Mac users have recently been targeted by a phishing scam that falsely claimed their computers were infected with a virus. Upon being redirected to an illegitimate website, users were instructed to install “Mac Defender,” which was malware masquerading as an antivirus application. Until recently, Apple had reportedly instructed its AppleCare support reps to deny any existence of the problem and said reps should “not remove or uninstall any malware” found on a computer. On Tuesday, however, Apple finally acknowledged the issue and posted instructions on its support forums that cover how to avoid and remove the Mac Defender malware. Hit the jump for Apple’s instructions. More →

52 Comments
Services
May 20, 2011
by

Apple instructs support reps to refute malware infections, deny assistance

By on May 20, 2011 at 11:14 AM.

Apple instructs support reps to refute malware infections, deny assistance

AppleCare representatives can do a lot of things for Mac owners suffering software issues… except when it comes to malware. In an internal support article leaked to ZDNet, Apple instructs its call center representatives on how to handle calls from users reporting that they have a machine infected with the “Mac Defender” malware trojan. And, as you can see, Apple is definitely taking the hands-off approach. “AppleCare does not provide support for the removal of the malware,” reads the memo. “You should not confirm or deny whether the customer’s Mac is infected or not.” Apple certainly isn’t the first company to instruct its support representatives to shy away from virus/malware assistance, but it is notable as it is the first major Mac OS X virus that — thanks to some moderate social engineering — is propagating. Apple has yet to issue a public statement about the software’s existence or infection levels. The full memo is after the break. More →

83 Comments
Software
March 2, 2011
by

Google ousts 21 malicious applications from Android Market, user handsets [Updated]

By on March 2, 2011 at 7:38 AM.

Google ousts 21 malicious applications from Android Market, user handsets [Updated]

While investigating several Android Market applications that appeared to be duplicates, Reddit user lompolo discovered several apps that provide an extra, and definitely unwanted, service. The applications in question contain an exploit that, when downloaded, automatically root the Android handset. Not only that, the apps — 21 in total — also contain an embedded .apk file that can accept remote code and upload device information (like your IMEI) to a server in California. The malicious bundles were published by user Myournet and some of the individual applications have been downloaded over 50,000 times each. Once alerted of the potential malware, Google investigated and removed the code from the Market and users handsets. Unfortunately, that doesn’t have any effect on data already compromised by downloaders of the rogue applications. Google has yet to publicly comment on the incident.

UPDATE: More information about the exploit and affected applications can be found here. More →

57 Comments
General
March 8, 2010
by

Energizer Duo USB charger software has trojan on board

By on March 8, 2010 at 11:34 AM.

Energizer Duo USB charger software has trojan on board

Energizer USB DUO

The Duo seems to have been a failed experiment for battery maker Energizer in more ways than one. Sales of the USB nickle-metal battery charging station never really took off, and now, via a press release, the company has announced the monitoring software distributed with the Duo packs a fairly nasty Windows trojan. The rogue code, according to Computerworld: “listens for commands on TCP port 7777… can download and execute files, transmit files stolen from the PC, or tweak the Windows registry. The Trojan automatically executes each time the PC is turned on, and remains active, even if the Energizer charger is not connected to the machine.” Energizer released a statement saying: “Energizer is currently working with both CERT and U.S. government officials to understand how the code was inserted in the software.”  More →

38 Comments
Software
February 20, 2009
by

“Sexy View” not so sexy; new S60 worm discovered

By on February 20, 2009 at 9:24 AM.

“Sexy View” not so sexy; new S60 worm discovered

As deep as we are into S60 3rd Edition’s lifespan, malware was sure to rear its ugly head at some point. In fact, we are still pretty impressed that it’s taken as long as it has. While this newly-discovered worm is not the first instance of S60 malware, it certainly appears to be the most tenacious and dangerous. Dubbed “Sexy View” or SymbOS/Yxes.A!worm, the malware indeed contains a valid Symbian Signed certificate and runs the process “EConServer.exe”. It performs three known attacks: First, it seeks out certain running processes on your handset and terminates them. Then it gathers phone numbers from the handset’s contact list and transmits SMS messages to as many numbers as it can collect. The sent messages contain a URL and if an S60-toting recipient visits the address, his or her handset may become infected as well. Lastly, the worm gathers certain sensitive information about the handset such as IMEI and phone number, and posts the data to a remote server. In other words, this worm is bad news. For the time being, “Sexy View” is thought to only affect OS 9.1 devices though it may also affect OS 9.2. So, S60 users, if you find your contacts pinging you to ask why you’re sending them messages with odd URLs, it may be time to head to the clinic. Both Fortinet and F-Secure claim their mobile antivirus solutions will combat the worm but if you confirm your handset is infected, wiping it should solve your problem for free.

Thanks, Dub!

Read

10 Comments
Software
December 3, 2008
by

Apple pulls support page recommending Antivirus software

By on December 3, 2008 at 10:54 AM.

Apple pulls support page recommending Antivirus software

After a wave of attention surrounding a post on Apple’s support pages over the past few days, Cupertino has decided to pull the page from its site. The post in question encouraged “the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.” As Apple’s OS X has yet to have any significant threats posed against it, the blogosphere questioned both the necessity and integrity of the recommendation, noting that two of the three recommended antivirus applications were available for sale from the Apple Store. Here we are a day or so later and Apple has removed the page from its site, stating:

We have removed the KnowledgeBase article because it was old and inaccurate. The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, running antivirus software may offer additional protection.

If that’s the case, then why pull the article? Is Apple now comfortable leaving its computer users vulnerable and open to an attack? Some speculate that Apple removed the note due to poor and confusing wording but if that were the case, surely the company would have merely clarified its position and recommendation rather than removing it completely. Right? Hopefully Apple will further clarify its position over the coming days as for the time being, some might say it looks like the company was looking to make a quick buck from less savvy users. After all, Apple doesn’t even require the use of antivirus software on its own in-store display units or the internal computers used by store employees.

Read

19 Comments
Software
December 1, 2008
by

Apple begins recommending Antivirus utilities to users

By on December 1, 2008 at 1:47 PM.

Apple begins recommending Antivirus utilities to users

It looks like the care free days when Mac owners could sit back and relax without having to worry about malware are indeed coming to an end – maybe. Last month we told you about two new pieces of OS X malware that had been discovered and while neither poses a significant threat in most people’s eyes, it is clearly a sign of things to come. As loyal and vocal as Mac computer users are, until recently they hardly represented a significant portion of the market. As such, those responsible for creating end user-targeted malware focused on Windows since it was the clear and overwhelming market leader. Now that Apple’s computer market share is growing however, Mac user complacency with regards to viruses might lead to some big and easy scores for malware. Apple recently posted the following technical note as a result:

Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult.

The page goes on to recommend three antivirus solutions for OS X, two of which are offered for sale in the Apple Online Store. For the time being, we still haven’t heard any reported cases of a virus actually finding its way to a Mac computer in a real life situation so the following question is posed: Has Apple just firmed up its deals with antivirus providers or are we really in store for a hail storm of Mac malware sooner than we think? In either case, at least we won’t be seeing the commercial above air again any time soon.

[Via Newlaunches]

Read

27 Comments
Software
November 22, 2008
by

Security vendors say Mac OS X Trojan and backdoor tool are on the loose

By on November 22, 2008 at 1:29 PM.

Security vendors say Mac OS X Trojan and backdoor tool are on the loose

Ruh roh, as Scooby would say. Once relatively untouchable, security experts have now found what they claim to be two new pieces of malware specifically targeting OS X. The first, ‘OSX.RSPlug.D’, is a Trojan capable of rerouting internet traffic to a malicious DNS server which will draw users to phishing sites and ads. So far the only reported sources of the Trojan are porn sites where it sits masked as a codec needed to display certain videos. The second piece of malware, ‘OSX.Lamzev.A’, is much less of a threat. While is is surely capable of doing some serious damage by letting hackers install backdoors in an affected user’s system, a hacker would need physical access to the user’s computer in order to place it. This news might not be terribly huge for most users right now, odds are it is indeed a sign of things to come as Apple computers grow more popular thus drawing the attention and resources of malicious hackers. No need to panic for the time being however, just watch where you go for, err, entertainment.

Read

16 Comments