Malware

Is new malware Jacksbot just starting to rear its head?

In the past month a new multiplatform malware package called Jacksbot has been discovered, and while it was initially deemed a minimal threat, it might not stay that way for some Mac, Windows, and Linux users.

Jacksbot is in part a Java-based remote access Trojan (RAT) that appears to be built by a hacking group for the purpose of causing all-too-common malicious activity, including stealing passwords, forcing URLs to load (likely for click fraud), deleting and corrupting files, taking screenshots, logging keystrokes, and otherwise getting personal information.

Java is an attractive platform for criminals to use because being cross-platform means … Read more

Kaspersky builds its own antimalware OS -- but not for you

The folks at Kaspersky Lab are aiming to create their own secure operating system, but this one would run on industrial systems rather than your average home PC.

In blog posted today, company CEO Eugene Kaspersky confirmed the rumors of a new OS, describing the background behind the effort and hinting at the development process.

Cyberattacks present a growing and challenging problem for industries maintaining systems that must be powered on all the time. If a virus affects a computer at most companies, that computer can be unplugged from the network so as not to infect other devices, Kaspersky said. … Read more

How the hacker bogeyman is coming to get you

In 1947, Harry Truman wanted Congress to vote for $400 million in aid to support Greece and Turkey against the threat of communist takeover.

That was a lot of money back then. What's more, Truman had to win over a Republican-led Congress dominated by isolationists. But Sen. Arthur Vandenberg of Michigan, an influential Republican who also chaired the Senate Foreign Relations Committee, offered the president a sage piece of advice: Make a personal appearance before Congress, play up the threat of Soviet expansionism, "and scare the hell out of the American people."

Which is exactly what Truman … Read more

FBI warns users of mobile malware

As mobile malware increases at break-neck speed, the U.S. government wants to be sure users are aware of its dangers. The Internet Crime Complaint Center (IC3), which is a government task force that includes the FBI, issued a mobile malware warning on Friday.

"The IC3 has been made aware of various malware attacking Android operating systems for mobile devices," the warning said. "Some of the latest known versions of this type of malware are Loozfon and FinFisher."

The IC3 said that Loozfon lures its victims by sending them e-mails with links promising "a profitable … Read more

Newly IDed 'MiniFlame' malware targets individuals for attack

A new form of state-sponsored malware is making the rounds, this one apparently designed specifically to spy on its victims.

Dubbed "MiniFlame" by Kapersky Lab, but also known as SPE, the new malware variant is similar to the Flame virus that targeted computers in the Middle East this past summer. But MiniFlame is a cyber espionage program that can take over where Flame leaves off.

As described by Kaspersky:

First, Flame or Gauss are used to infect as many victims as possible to collect large quantities of information. After data is collected and reviewed, a potentially interesting victim … Read more

Worm spreading on Skype IM installs ransomware

A malicious worm spreading through Skype instant messages threatens to take control of a victim's machine and hold its contents for ransom.

The issue, which was first brought to light Friday by GFI, tricks users into downloading a ZIP file by displaying the socially-engineered message, "lol is this your new profile pic?" along with a link that also spreads the message to other Skype users. The ZIP filed contains an executable file that installs a variant of the Dorkbot worm and creating a backdoor via "Blackhole," an exploit kit used by criminals to infect computers … Read more

Symantec: Russian criminals sell Web 'proxy' with backdoors

A black hat Russian operation has served malware to hundreds of thousands of users a year who thought they were signing up for a paid proxy service, Symantec said today.

The security company said in a blog post that it has linked the malware to a cluster of Russian Web sites -- including one called Proxybox.name -- that claim to provide proxy access, VPN services, and antivirus scanning. Proxybox.name requires users to download what it calls "functional, simple, and convenient" proxy software.

Vikram Thakur, principal manager at Symantec Security Response, told CNET this afternoon that:

What … Read more

Regulators shut down global PC 'tech support' scam

Regulators from five countries joined together in an operation to crack down on a series of companies they say orchestrated one of the most widespread Internet scams of the decade.

The U.S. Federal Trade Commission (FTC) and other international regulatory authorities today said they shut down a global criminal network that allegedly bilked tens of thousands of consumers by pretending to be tech support providers.

FTC Chairman Jon Leibowitz, speaking during a press conference with a Microsoft executive and regulators from Australia and Canada, said 14 companies and 17 individuals were targeted in the investigation. In the course of … Read more

Lookout now blocks Dialer exploits

Android fragmentation affects security patches, too. Instead of waiting to see which devices have been protected against a Dialer app vulnerability discovered earlier this week, Lookout Mobile Security (download) has stepped into the breach with a patch for it today. So far, it's the only known Android security app to block the exploit, but even Lookout's patch requires initial user input.

The vulnerability allowed some Samsung phones to be remotely wiped from the Dialer app, the "phone" part of your smartphone. While Samsung pushed out a patch quickly, it's not clear if other phones have … Read more