Articles about Malware

There’s a good chance the cloud apps you use at work are laced with malware. Those are the findings of the latest report by cloud access security broker Netskope. In its February 2016 Netskope Cloud Report, the company says the usage of cloud apps in enterprises has never been this high -- ever.

In Q4 of 2015, employees used on average 769 different cloud apps, representing a 26.5 percent increase from the previous report. But (there’s always a but) -- 4.1 percent of enterprises have sanctioned malware-infected cloud apps.

Continue reading →

Mobile enterprise security firm MobileIron has released its Q4 2015 Mobile Security and Risk Review, discussing the threats and risks that enterprises face in their mobile deployments.

The report reveals the worrying find that more than 50 percent of enterprises have at least one non-compliant device, creating a broader attack surface for malware and data theft.

Continue reading →

German intelligence agencies are set to gain greater NSA-style surveillance powers after the German Interior Ministry announced plans to use Trojans to spy on the internet activities of suspects. Known as Bundestrojaner, the Trojan would give the government the ability to not only track which sites a target visits, but also record conversations, make use of webcams, access data and log keystrokes.

The Trojan has been in testing since late last year, and having received governmental approval could now be widely dispatched. Widely described as malware and spyware, the tool cannot be used without a court order, but this will do little to assuage the fears of privacy groups.

Continue reading →

Signature-based security could be virtually useless as 97 percent of malware is unique to a specific endpoint says a new report.

This is among the findings of the latest annual Webroot Threat Brief which shows that today's threats are truly global and highly dynamic. Many attacks are staged, delivered, and terminated within a matter of hours, or even minutes, having harvested user credentials and other sensitive information.

Continue reading →

The Zika virus has been all over the news lately and people are treating it as if it is something new. In fact, the virus named for the Zika Forest in Uganda, was first discovered way back in 1947. During the time since then, it was isolated to a narrow region near the equator, but several years ago it began to spread, jumping to south Pacific islands and finally landing in Mexico and South America.

Of course, anytime something is making news and playing to people's fears then there are at least two sectors you can count on to try and latch onto it – the media and cyber criminals. Three if you care to lump in politicians, four if you include recent statements from the Pope.

Continue reading →

Banking trojans, like ransomware, have become big business today. And the people behind all of these malicious products are always moving forward, innovating with the times in an effort to keep up with technology and victims.

There is a virtual smorgasbord of malware out there just looking for ripe pickings. One is the Gozi Banking Trojan, which injects its code into the operating system via the browser. With Windows 10 being offered (pushed) for free, malware makers are scrambling to cover the adoption rate by updating their products.

Continue reading →

Security experts are warning about a new malware attack that targets Android users. Mazar Bot is delivered via SMS, is able to gain root access to devices, installs software including Tor, and can even go as far as completely wiping a victim's phone.

Mazar Bot was discovered by Heimdal Security whose researchers analyzed a text message that had been found sent to random numbers. The message purports to provide a link to an MMS, but in fact tricks recipients to install the malicious mms.apk -- Mazar Android BOT in disguise.

Continue reading →

Cryptowall 3.0 is the most successful ransomware of all time, a new report by security firm Imperva says. Ransomware is a type of malware which, once active on a device, encrypts all the data and demands payment from the victim, typically through Bitcoin.

In its report on the dangers of ransomware, and the impotent attitude of the FBI, which usually advises victims to pay the ransom, Imperva says Cryptowall 3.0 has caused $325 million (£225.7m) in damages so far.

Continue reading →

Technology website BleepingComputer is being sued by Enigma Software (ESG) over a negative review of its SpyHunter antimalware software. In fact, it's not really a review that has caused Enigma Software to start complaining about "false, disparaging, and defamatory statements", but a thread on its forums.

The lawsuit also suggests that BleepingComputer is "driving traffic and sales to Malwarebytes and driving traffic and sales away from ESG" (Bleeping Computer runs an affiliate program involving Malwarebytes) The timing of this is interesting, as it comes at the same time as the European Court of Human Rights ruled that website owners are not responsible for comments posted by readers.

Continue reading →

Widely used by cyber criminals to introduce malware onto systems, the Dridex banking trojan has been subject to a number of high profile investigations, and a takedown by US authorities last year.

These things don't stay dead for long, however, and Dridex is back in business. But in an interesting new twist it seems that the Dridex botnet has been hijacked to deliver the free Avira antivirus program rather than its more usual malicious payload.

Continue reading →

UK's businesses have had a bigger chance of being attacked by a malware than those in the US or the Republic of Ireland in December 2015, a new report by security researchers suggest.

According to a report by Check Point, in December 2015, UK was the 99th most attacked country globally, surpassing the US (122nd) and the Republic of Ireland (116th).

Continue reading →

Earlier today we learned that a new API is bringing adblocking to Samsung's own mobile web browser. Adblock Fast was the first to take advantage of the new option and now, hot on its heels, comes the big guns -- Adblock Plus.

Today Samsung is rolling out an Android 6.0 Marshmallow update and once this has been installed, Adblock Plus can also be installed. The extension brings content blocking capabilities to Samsung's own web browser, but you'll have to jump through the relevant hoops to gain the privacy and bandwidth preserving capabilities.

Continue reading →

American email and web security firm AppRiver has released its end-of-the-year report, where it showcased a detailed analysis of malware and spam trends in 2015.

The report, entitled Global Security Report, says that the number of email messages containing malware doubled, year-on-year. From January to November, AppRiver quarantined 944 million messages, and in December alone, another 705 million.

Continue reading →

Trend Micro may still be smarting from the revelation that there was a serious vulnerability in its Password Manager tool, but today the security company warns of the dangers of sharing ransomware source code.

The company says that those who discover vulnerabilities need to think carefully about sharing details of their findings with the wider public as there is great potential for this information to be misused, even if it is released for educational purposes. It says that "even with the best intentions, improper disclosure of sensitive information can lead to complicated, and sometimes even troublesome scenarios".

Continue reading →

Around a year and a half ago, Symantec warned about the personal data stealing malware Android.Bankosy. Now the Trojan has been updated so it can steal passwords delivered via voice call-based two-factor authorization systems.

Such 2FA systems are often used by banks to communicate one-time passcodes to people. While these have usually been delivered via SMS, voice call delivery is becoming increasingly common. Malware makers are keen not to miss out on data stealing opportunities, and the Android.Bankosy introduces a call-forwarding feature that sends 2FA calls to a C&C server so the code can be intercepted and exploited.

Continue reading →