Posts tagged Malware at Switched

Posts with tag malware

Latest Malicious Software Targets Macs, Takes Your Picture, Passwords

by Tim Stevens, posted Jun 24th 2008 at 8:25AM

Latest Malicious Software Targets the Mac, Takes Your Picture

More or less since the inception of the Macintosh OS, users of Apple computers have felt invulnerable to the threats that their Windows-using counterparts have faced. Viruses and other malicious bits of computer software that regularly affect Microsoft's platforms are very rare on the Mac. But contrary to popular belief, they're not absent altogether, and a new one making the rounds is a real doozy, as it disables your security software, steals your passwords, and even takes your picture using the MacBook or iMac's built-in camera.

According to Mac anti-virus developer SecureMac, the malicious program is a Trojan, an app that installs itself pretending to be friendly and useful, but actually hides an unwanted payload. This particular one is distributed as a supposed game or utility and, after installing itself, exploits a vulnerability in Mac OSX versions 10.4 and 10.5 that enables it to take complete control over your computer. From there it can do whatever it likes, including montior every keystroke you make to capture passwords, deletes ystem logs to hide its existence, and take over your camera to monitor what you're up to.

The good news is that you'll have to actually agree to download and install this thing in order for it to get onto your computer. So, make sure you know exactly what it is that you're downloading and installing and you should be okay (be extra wary of random utilities or games that offer themselves up to your for download and install). In addition, you should install an anti-virus program onto your Mac and run it regularly.

This Trojan is a nasty one, that's for sure, and a reminder that even if you're using a Mac, you should be careful where you click that mouse! [Source: NewsFactor]

New Malware Can Alter Your Wireless (Wi-Fi) Router and Steal Your Info

by Terrence O'Brien, posted Jun 12th 2008 at 3:39PM

Zlob, one of the most common pieces of malicious software (according to Microsoft), has undergone a frightening transformation. After infecting a victim's PC, Zlob checks to see if the computer is connected to a wireless router (the device that helps create the Wi-Fi hotspot in your house). If connected, then Zlob attempts to gain access by using a list of common and default username and password combinations.

Assuming Zlob gains access to the router, the software then changes the DNS settings on the router to send all traffic through a hackers' servers first. DNS servers act like a phone book for the Internet, connecting the user readable addresses like Switched.com to the IP addresses that are understood by computers.

Unfortunately, most people don't bother changing the default password on their routers, thus making it easier for Zlob to infiltrate computer networks and potentially steal personal data and information.

Avoiding being beaten by this attack is relatively easy. First, set up proper security software on your PC (anti-virus and a firewall) and keep it up to date. Second, always change the default administrator passwords on your equipment, especially your router. If an attacker is able to gain access to your router, it can access your entire computer network. [Source: Washington Post]

Malware Entrepreneurs Thrive in the Web 2.0 Marketplace

by Terrence O'Brien, posted May 30th 2008 at 9:29AM

it's an open secret that one of the downsides to the the ubiquity of Web 2.0 sites and services is the ease with which the burgeoning malware (viruses, spyware, etc) market has been able to blossom. Hacking groups have used YouTube to advertise their services and products and have used social networking sites like MySpace and LiveJournal to find and stay in touch with clients.

Many are not just using the sites to advertise however. Some are using holes in those sites security measures as a way of watching those who watch them. Researchers recently found that some criminals were using a MySpace page loaded with malicious code to automatically subscribe visitors to their video channels instantly producing a record of ever person who visited their site.

Most of these nefarious groups and individuals are hiding in plain sight. The problem is that merely creating tools which allow you to infect PCs, steal data, or hijack a computer is not illegal, only using them to actually break the law. So these groups live in a legal gray area where they don't want to necessarily draw too much attention to themselves, but are usually safe from legal action. Law enforcement officials say they could charge a vendor of malware with aiding and abetting if their product was used illegally, but they would have to prove intent, which is always difficult. [Source: Yahoo! News]

U.N. Site Hacked Spreads Malware

by Terrence O'Brien, posted Apr 25th 2008 at 4:26PM

The hacking of Barack Obama's Web site was embarrassing for the campaign, but more or less a harmless prank. An attack the Web sites for the United Nations and the United Kingdom on the other hand have resulted in the infection of computers all over the globe with malware.

The sites were specifically targeted because of their high traffic and reputation as secure places to go online. The exact number of computers infected is unknown, but due to the high volume of visitors, it could easily be in the millions.

The security hole has been closed and the malicious code removed from the site, but the attack underscores the importance of properly protecting yourself and your computer by keeping your operating system, firewall, and anti-virus software up-to-date. [Source: Channel Web]

'Phishing' Becomes 'Whaling' As E-Mail Scams Go After Corporate Execs

by Tim Stevens, posted Apr 16th 2008 at 9:34AM

What do you call it when phishers, people who trick people with official looking e-mails, start aiming for bigger targets? Whaling, apparently, as that's the new term being applied to a particular breed of phisher that is going after corporate executives, adding a new angle to the traditional fake e-mail scam.

The new phishing e-mail appears to be from the United States District Court in San Diego. It indicates that if you click on a link, you'll get the full subpoena, but, of course, what you'll actually get is some malware, software that runs in the background capturing passwords and other information you'd rather were kept private.

So, regardless of your pay grade, make sure you watch what you click on when reading e-mails. Oh, and you might want to tell your secretary to do the same.

From the New York Times

Computer Viruses Hit 1 Million Mark In 2007

by Will Safer, posted Apr 10th 2008 at 2:35PM

2007 was a record-breaking year for the development of malicious software, such as viruses and Trojan horses (a virus disguised as a regular computer program), according to internet security firm Symantec.

According to a report by the BBC News, Symantec reported that the number of malicious programs has passed the 1 million mark for the first time, although nearly half of these programs were actually developed and unleashed during the last calendar year. Most of these programs are variations on those which were previously developed and proved successful in infiltrating computers and network systems.

Many of the attacks that occur on computer systems consist of more than one element of so-called "malware." First, a trojan application, which, like the Trojan Horse from mythology, gains access disguised as something that appears safe. Then, once the computer security is compromised another malware application is employed to steal data, or to direct the computer to further spread the malware to other systems.

From BBC News.

Related links:

Valentine's Day e-Card Could Be Virus In Waiting

by Will Safer, posted Feb 13th 2008 at 11:01AM

Storm Worm is coming this Valentine's Day.

Be wary when opening e-mail greeting cards this Valentine's Day if you don't know the sender. As Switched.com has been warning all its readers for a few weeks now, the message could turn out to be a computer virus, in this case known as a "botnet," which can take over your computer to send more viruses out, link to other computers doing the same, or even steal your personal information.

The FBI suggests not opening e-mail if you don't know the sender.

This particular e-mail baddy is known as the Storm Worm virus, and saw activity around several holidays last year. It takes advantage of people who let down their guard because an e-mail greeting card is often entertaining and seen as non-threatening.

Typically, the e-card arrives in a user's in-box, the e-mail is opened, and the user is directed to click on a link within the text to retrieve the full card. That's when the virus download occurs. The Storm Worm will be downloaded to that computer and begin its bad work, which ultimately is to deny service to a large network.

Storm Worm (so named because the subject line of the e-mail messages originally contained the line "Many Dead As Storm Batters Europe") was the most pervasive Internet attack last year.

Here are Switched.com's quick three tips to avoid Storm Worm and other viruses, trojans and malwares from being downloaded to your computer:

Don't click on a link in an e-mail message from someone you don't know.
Turn on your e-mail reader's spam prevention.
If an advertisement you find on a Web page looks suspicious, type in the company Web address yourself instead of clicking directly on the ad (Sometimes Web ads are another way viruses and trojans get distributed.)

Are you looking for a safe way to send a Valentine's Day greeting card -- or a card for any other occasion? Try Hallmark, Bluemountain, or, of course, our parent, AOL, which has a whole site dedicated to just that.

From News.com.au.

Related Links:

Malicious Websites Trick Google, Infect Computers

by Tim Stevens, posted Nov 30th 2007 at 9:01AM

A number of malicious websites have popped up online over the past few weeks, and unlike most dangerous destinations that lurk in the dark recesses of the Internet, these have been showing up at or near the top of some seemingly innocuous Google searches for words like "Christmas". The sites, believed to be run by a high-tech wing of the Russian mafia, used flaws in older versions of Microsoft's Internet Explorer browser to install malicious software that could take control of your computer.

The delivery of malicious software through web sites is nothing new, but what is new was the rank these pages were able to achieve at search engines like Google and MSN Search. Through extensive campaigns of comment spam, posting innocuous things on popular blogs with links to their bogus sites, these sites were able to work up a virtual reputation. Google and other search engines see these links from popular blogs and are tricked into thinking that the site being linked to is also reputable, resulting in prioritized search results.

The sites of course were not reputable, and Google at least has already removed most of them, but it's a troubling trend that's all too similar to the hacking of Al Gore's blog earlier this week. So, as always, be safe out there and keep your operating system and browser up to date.

From BBC News

Related Links:

Stripper Used to Break Security System

by Terrence O'Brien, posted Nov 14th 2007 at 12:39PM

Malicious Software Breaks CAPTCHA With Stripper Game

The battle between malicious software makers and computer security companies has taken a new turn. Spammers have turned users against themselves and against the security firms trying to protect them.

The latest security system to undergo assault by spammers is CAPTCHA, or "Completely Automated Public Turing Test to Tell Computers and Humans Apart." CAPTCHA displays a series of letters and number that are distorted and overlaid with visual artifacts (as seen above) in order to prevent automated systems from sending spam, hijacking services, and overtaking forums and blogs. You've probably seen these optical illusions countless times when signing up for a variety of services.

The new tool -- also known as malware -- in the spammers box of tricks is a PC program that shows pictures of a woman in increasingly scanty states of undress each time users correctly spell out these scrambled images of letters. This malware program arrives via e-mail and shows up on your computer as soon as you open the Internet Explorer Web browser.

The woman, called Mellisa, is currently being used to help spammers break through the protection on Yahoo! Mail sign ups, but it's not hard to imagine its use becoming more widespread soon.

We shouldn't have to say it, but here's how you can prevent these types of malware scams from infecting your computer: Run spyware removal software and virus scans on a regular basis, don't open e-mails or attachments from unfamiliar sources, and immediately remove any software if you don't know where it came from.

From The BBC

Related Links:

Online Videos Could Deliver Viruses, Experts Say

by Tim Stevens, posted Oct 2nd 2007 at 11:11AM

We told you about phishing. We also told you to be careful about which Wi-Fi spots you connect to, that buying Nigerian dogs online is probably a bad idea, and that you should really be careful when reading your e-mail. Now, according to experts, you need to worrying about which videos you view online lest you find your computer infected with a virus or some sort of malware.

Malware are small programs that typically installs themselves through a security flaw in your operating system or Internet browser. They then do nasty and annoying things like pop up advertisements all the time or redirect your online clicks so someone else gets credit for your surfing. Bogus blogs and shady adult content sites are favorites for malware purveyors, but some security experts believe that online videos may be the next big target for hackers and seedy businesses to deliver their malware. That will be one of the topics of discussion for today's summit at the Georgia Tech Information Security Center, where 300 such experts will discuss emerging threats in a conferenced entitled "Emerging Cyber Security Threats and Countermeasures".

Don't panic, just yet: Right now there is minimal malware danger at even the somewhat shady video sites online, while the popular YouTube is perfectly safe. In fact, you're far more likely to be mentally scarred by seeing some sort of disturbing skateboarding accident than you are getting yourself a computer virus. But, that may change, so watch this space.

From Newsvine

Related Links:

Joyswag: C&C 3: Kane's Wrath (Xbox 360) giveaway, Day Five Confront the SOCOM: Confrontation trailer Burnout Paradise 'Cagney' update for Xbox 360 delayed until July 14	FormatFactory Kicks Media Conversion Ass and Takes Names Download Squad Week in Review Evri.com: Zeitgeist for news
TUAW Best of the Week Apple posts Japanese iPhone guided tour Found Footage: Waiting in line for an iPhone 3G	Earnings highlights: BP, Discover, Corel, Citigroup, WD-40, MSCI and others Is Merrill shopping its Bloomberg stake? Florida coast shows promise for oil drilling
Airplanes in Burnout Paradise? Burnout's Cagney update delayed a few days MK VS DC new screens, plus "Brutalities"	Dissolution of Mercedes-McLaren partnership confirmed Forbes lists top 10 family cars Spy Shots: 2011 BMW 5 Series
Live outside in Sunny Day Sky Will Fallout 3 be banned in Australia? We'll trade you a Heavy for two Demomen . . .	Ana Ivanovic Appears on August FHM Cover Another Win Goes to Busch in Crazy Finish UFC 86 Classic Slugfest: Forrest Griffin Beats Quinton 'Rampage' Jackson

Latest Malicious Software Targets Macs, Takes Your Picture, Passwords

New Malware Can Alter Your Wireless (Wi-Fi) Router and Steal Your Info

Malware Entrepreneurs Thrive in the Web 2.0 Marketplace

U.N. Site Hacked Spreads Malware

'Phishing' Becomes 'Whaling' As E-Mail Scams Go After Corporate Execs

Computer Viruses Hit 1 Million Mark In 2007

Valentine's Day e-Card Could Be Virus In Waiting

Malicious Websites Trick Google, Infect Computers

Stripper Used to Break Security System

Online Videos Could Deliver Viruses, Experts Say

Breaking news Feed

Featured stories Feed

AOL Tech Network

Resources

Categories

cnet reviews

downloads

Features

Hot Topics

Latest Reviews from CNET.com

Top Product Reviews

Weblogs, Inc. Network