Malware

New Mac malware uses OS X launch services

Security company Intego is reporting the discovery of a new malware package for OS X. The package is a Trojan horse called OSX/Dockster.A, that appears to have keylogging features to record what is being typed on an infected system in addition to remote-access features for backdoor access into the system. When installed, the Trojan attempts to contact the server "itsec.eicp.net," likely to receive instructions for allowing remote access to the system.

As with other recent malware for OS X, Dockster is a Java-based threat that will not run unless you have Java installed on … Read more

Massive worm hits Tumblr, spams big blogs like USA Today

A massive bug swept Tumblr today and infected some of the biggest blogs -- including USA Today, Reuters, The Verge, and CNET -- until Tumblr resolved the issue shortly before 10:30 a.m. PT.

GNAA, a hacker group, claimed responsibility for the attack. The group's Twitter profile earlier today said 8,600 unique Tumblr users were affected.

Tumblr didn't explain what happened but said in a blog post that no accounts were compromised, and users didn't need to take any further action.

"Our sincere apologies for the inconvenience," the company said. "As always, … Read more

Security Essentials fails latest AV-Test

Updated Monday, December 3, 2012, at 11:45 a.m. PDT with comment from Microsoft.

Updated Friday, November 30, 2012, at 1:00 p.m. PDT with comment from AV-Test.org.

In a month of uneven Windows 8 news and reviews, Microsoft is taking another hit. This time, its freeware Security Essentials finds itself in the crosshairs.

Independent German security suite evaluators AV-Test.org publish bimonthly tests that rate the effectiveness of the biggest Windows security suites out there, and the recently published results showed that MSE failed to earn certification on the most recent test. MSE was the only … Read more

E-mailed malware disguised as group coupon offers on the rise

Be sure to double check that Groupon you received in your e-mail -- spammers are using the popularity of e-mailed advertisements for group discount deals to send more malware.

The rise of malware through fake e-mail advertisements and notifications are on the rise, according to a study released today by security firm Kaspersky Lab.

"They are primarily doing so by sending out malicious e-mails designed to look like official notifications. Kaspersky Lab is seeing more and more malicious spam designed to look like coupon service notifications," the report said.

The firm said it also noted these coupon spam … Read more

Why you shouldn't watch Obama throw punches on Twitter

If you get a direct message on Twitter telling you to click a link to watch a video of President Barack Obama punching a guy, don't do it.

Spammers are using the idea of the president retaliating against someone for calling him the n-word to steal Twitter passwords and deliver malware to computers, security company PandaLabs noted today.

It's a scheme that uses the names of Twitter, Facebook, and YouTube for nefarious purposes, with spammers creating fake pages to dupe unsuspecting Twitter users.

The scam involves sending a Twitter direct message that reads "Check out Obama punch … Read more

Protect yourself from social-network malware (video)

First there was e-mail spam clogging up your in-box. Now there's social malware making its way into your Facebook newsfeed.

If you've ever seen a spammy message from a friend promising a "Free iPad" or "Free" airline tickets, chances are it's socware (pronounced "sock ware") -- a phrase coined by engineering professors and graduate students at the University of California, Riverside, in a new study.

Their study analyzed 12,000 users of MyPageKeeper, a free app they developed to identify suspicious posts and help protect Facebook users from them. Of that … Read more

Crippling Stuxnet virus infected Chevron's network too

Stuxnet, the sophisticated computer virus that attacked a nuclear enrichment facility in Iran two years ago, also inadvertently infected Chevron's network.

Reportedly created by the U.S. and Israel, the highly destructive worm was designed to infect Iran's Natanz nuclear facility. Rather than steal data, Stuxnet left a back door meant to be accessed remotely to allow outsiders to stealthily knock the facility offline and at least temporarily cripple Iran's nuclear program.

The oil giant discovered the malware in July 2010 after the virus escaped from its intended target, Mark Koelmel, Chevron's general manager of the … Read more

Is new malware Jacksbot just starting to rear its head?

In the past month a new multiplatform malware package called Jacksbot has been discovered, and while it was initially deemed a minimal threat, it might not stay that way for some Mac, Windows, and Linux users.

Jacksbot is in part a Java-based remote access Trojan (RAT) that appears to be built by a hacking group for the purpose of causing all-too-common malicious activity, including stealing passwords, forcing URLs to load (likely for click fraud), deleting and corrupting files, taking screenshots, logging keystrokes, and otherwise getting personal information.

Java is an attractive platform for criminals to use because being cross-platform means … Read more

Kaspersky builds its own antimalware OS -- but not for you

The folks at Kaspersky Lab are aiming to create their own secure operating system, but this one would run on industrial systems rather than your average home PC.

In blog posted today, company CEO Eugene Kaspersky confirmed the rumors of a new OS, describing the background behind the effort and hinting at the development process.

Cyberattacks present a growing and challenging problem for industries maintaining systems that must be powered on all the time. If a virus affects a computer at most companies, that computer can be unplugged from the network so as not to infect other devices, Kaspersky said. … Read more