Mac Malware OSX/OpinionSpy
A spyware application Intego calls OSX/OpinionSpy is being spread as part of the installation process for a number of screensavers and other apps.
A spyware application Intego calls OSX/OpinionSpy is being spread as part of the installation process for a number of screensavers and other apps.
While the jury’s still out about whether the intent of the past month’s mass webserver breaches are fully criminal, Dancho reports new developments which also link Koobface activity into this command and control structure:
Yet another mass sites compromise is currently taking place, this time targeting DreamHost customers, courtesy of the same gang behind the U.S Treasury/GoDaddy/NetworkSolutions mass compromise campaigns.
This week there have been several major malware injection campaigns against WordPress blogs and other php-based content management systems. This malware injection battle began last week with Network Solutions and GoDaddy. Recently researcher Dancho Danchev has found evidence linking two US Treasury sites into the malware injection campaign: What’s particularly interesting about this campaign is
Insider Threat – your ATM may now be hacked from the inside. According to Wired’s Threat Level Blog… A Bank of America worker installed malicious software on his employer’s ATMs that allowed him to make thousands of dollars in fraudulent withdrawals, all without leaving a transaction record, according to federal prosecutors. According to the
Looking into their crystal balls (no jokes, please) at the end of 2009, our colleagues in Latin America came up with a prophecy that was later incorporated into a white paper (2010: Cybercrime Coming of Age): In June 2010, one of the most popular regular sports events, the soccer World Cup, will take place in
SC Magazine recently reported a malicious application in Google’s Android online market store http://www.scmagazineus.com/malicious-apps-found-in-googles-android-online-store/article/161001/. Due to the highly open nature of Android applications, this is going to probably be a huge problem. Here is the real irony. Many people will probably switch from Android to the iPhone because of the security concerns. Why is it
There is an interesting and humorous work of fiction at http://www.appleinsider.com/articles/09/09/07/inside_mac_os_x_snow_leopard_malware_protection.html. Humorous as long as you don’t believe it! The article starts out saying “Safari, like other modern browsers, already flags certain websites that are known to be used to distribute malicious software”. That’s a nice layer of defense, but there are sites many sites
An interesting comment was made to my last blog on Snow Leopard, Mac malware and all that. I’ve approved the comment, but since people who read the blog earlier won’t necessarily go back to see what comments it’s attracted, I’ll answer it here, at more length. Mac User said that “Currently, the only way to get
Mac User has reported in a little more detail than I’ve seen elsewhere so far on the Trojan detection in Snow Leopard, quoting freelance OS X and iPhone developer Matt Gemmell. In fact, the meat of the story is Gemmell’s tweets, which state that:the system checks for only two known Trojans, RSPlug and iServices, and
There’s been a certain amount of buzz in the past couple of days about messages claiming to link to Wire Transfer information, but actually related to a Trojan commonly called Delf or Doneltart. ESET is detecting the examples we’ve been seeing as a variant of Win32/TrojanDownloader.Delf.OZG. The messages generally look something like this (at least,
I’ve mentioned here before that targeted malware, often delivered by “spear phishing” carried by apparently “harmless” documents such as PDFs, .DOCs and spreadsheets rather than overt programs, can have much more impact than the raw numbers of such attacks suggest. In fact, some sources now use the term “whaling” rather than “spear phishing” to reflect the
There are different techniques that can be used by a program to identify in which country it has been installed. It can check for time zone information, public IP addresses or even domain names. Lately, we have seen two different malware families trying to discover their geographic location in an effort to avoid infecting PCs
The election may be over, but the bad guys are still milking it, and there are lessons to be learned. I guess there’s nothing that brings out the worst in human nature like an election. There were all those chain letters, rumours and hoaxes about how various candidates were undesirable, un-American, immoral etc. Then there were
In “Viruses Revealed”, Robert Slade and I said that “”In many ways, the Internet Worm is the story of data security in miniature.”