In September 2011, security companies first noticed a new malware scam for OS X, which posed as a fake Adobe Flash installer, and hence became known as Flashback. Unlike prior scams, this malware took on some new approaches to tricking users by infecting common browsers, disabling Apple's XProtect system, and eventually morphing into a Java-based exploit that resulted in approximately 600,000 Macs being infected worldwide.
The risk that an Internet-connected computer is infected with malware will never be reducible to zero. It's just the nature of software that errors happen. Where there are software-design errors, there are people who will exploit those errors to their advantage.
The best PC users can hope for is to minimize the chances of an infection and to mitigate the damage a piece of malware can inflict -- whether it intends to steal a user's sensitive data or to commandeer the machine as part of a cyber attack on servers thousands of miles away.
Last week, Internet users … Read more
"[U]sing information from a 10-country survey of … Read more
Following news of the new adware Web plug-in Trojan found to be affecting OS X systems, Apple has released an XProtect malware definitions update to protect anyone who stumbles across it.
The Trojan, called Yontoo, is initially disguised as a media player or download manager plug-in and distributed on underground file-sharing and movie trailer Web sites. When installed it pretends to be a player called Twit Tube but installs the Yontoo plug-in. This plug-in will work in all Web browsers to track your browsing behaviors and then present ads on legitimate Web sites.
Unlike other malware that can hide itself … Read more
South Korea apparently still has a mystery on its hands. Who launched a cyberattack against several of its banks and broadcasters this week?
Regulators for the country initially pointed the finger at China, saying that the attacks originated from a Chinese IP address. But they admitted today that they jumped the gun.
The IP address used in the attack was actually traced to one of the banks hit on Wednesday. South Korea's NongHyup Bank had been using the address as a virtual one for its internal network, according to Reuters. By coincidence, that address matched one registered in China.… Read more
Security company Dr. Web is reporting on a new adware Trojan attack that is targeting Mac users, where malicious Web sites will trick users into installing a plugin that will track your browsing and display ads to you.
The malware, called "Yontoo," will be first encountered as a media player, download manager, or other plug-in requirement for viewing contents on some maliciously crafted Web sites disguised as sources for file sharing and movie trailers. When the plug-in prompt is clicked, you're redirected to a site that downloads the Trojan installer and requires you to run it. The … Read more
Security researchers say they have identified a botnet that steals more than $6 million per month by generating fake customer clicks on online display ads.
Dubbed Chameleon, the botnet has infected more than 120,000 Windows-based computers in the U.S., mimicking human behavior on select Web sites to generate billions of ad impressions and fraudulent income for its creators, according to security firm Spider.io.
Click fraud costs Web advertisers in lost revenue by making them pay for illegitimate clicks. Spider.io reported that advertisers paid an average of 69 cents per one thousand impressions generated by the botnet. … Read more
It's not pretty when a Web site gets a "this site may be compromised" or "this site may harm your computer" status note. Many webmasters and Web site owners can be at a loss of what to do in these situations.
For this reason, Google has launched "Help for Hacked Sites" informational series, which has a dozen articles and videos aimed to help people avoid having their sites hacked and also teach them how to gain back control of compromised sites.
"Every day, cybercriminals compromise thousands of websites. Hacks are often invisible … Read more
New findings show the recent malware attack that affected employees of Facebook, Apple, and Twitter was able to do so in part by bypassing Apple's GateKeeper security system in OS X.
Gatekeeper is a new technology in OS X Mountain Lion that allows programs to only execute if they are properly signed or if they only come from the Mac App Store. This works by the system blocking all execution and then settings up group-based rules to allow specific program types to run. For example, the default rule sets are for signed applications and those from the Mac App … Read more
Android usually gets smacked around for playing host to mobile malware, but iOS isn't totally immune, according to researchers at Skycure Security.
iOS profiles, aka mobileconfig files, are used by mobile carriers to configure key settings for e-mail, Wi-Fi, and other features. But these files could be abused by attackers to sneak past Apple's normally tight security and and hijack a mobile device, the security firm revealed in a blog post today.
The process would be similar to that of a typical malware infection.
An attacker might tempt users to visit a malicious Web site by promising something … Read more