Articles about Malware

Ramnit, a botnet that infected millions of computers around the world, has been tamed, thanks in part to Microsoft Malware Protection Center. The takedown operation was a collaboration between Microsoft, Europol, Symantec and others, and it successfully stopped the malware which worked by disabling virus protection before stealing banking details and personal information from infected machines.

With an estimated 3.2 million computers infected globally, Ramnit has been used by cybercriminals the world over, but the majority of infections were found in Britain. The botnet was brought under control by shutting down several servers used by the group responsible for Ramnit.

Continue reading →

Much is made of the "Android malware problem", but the truth is, there isn't a very bad problem. That does not mean there is no problem though. Visuses for Google's mobile platform do exist and some folks manage to let phones and tablets contract a virus. Now a new and interesting bug seems to be floating around.

According to security software maker AVG this latest malware comes with a unique feature -- it can spy on you when you think your device is shut off. It does so by mimicking the shutdown screen, but not actually powering off the handset.

Continue reading →

In a new twist to the on-going NSA story, security firm Kaspersky Lab has discovered that a threat actor of previously unknown complexity and sophistication has been embedding surveillance software on hard drives produced by a number of well-known manufacturers. With names such as Western Digital, Seagate and Toshiba mentioned, and the reach of the spy program stretching to dozens of countries, it's not clear quite how many people may be affected.

Although Kapersky does not go as far as naming the NSA, or even specifying which country is responsible for the advanced surveillance, it seems that the spying campaign is somehow related to Stuxnet -- the tool used by the NSA to attack Iran -- and the Flame group.

Continue reading →

However much money you have flowing through your bank account, you probably take measures to keep it secure. You protect your PIN, you use secure passwords for online banking, and ensure that your computer is free from keyloggers and malware. It's only right that you expect your bank to be similarly eagle-eyed about security... right?

A new report from security firm Kaspersky Lab shows that banks' security is not up to the standard that many would expect. In fact Kaspersky says that sophisticated malware has allowed criminals to help themselves to up to $1 billion. Has your bank been hit? The affected financial institutions are now aware of the attacks, but non-disclosure agreements and on-going investigations prevent them from being named.

Continue reading →

Threat protection company Damballa has released its latest State of Infections report for the fourth quarter of 2014 which highlights the limitations of a prevention-focused approach to security.

The report finds that within the first hour of submission, AV products missed nearly 70 percent of malware. Further, when rescanned to identify malware signatures, only 66 percent were identified after 24 hours, and after seven days the total was 72 percent. It took more than six months for AV products to create signatures for 100 percent of new malicious files.

Continue reading →

The "pay or lose your files" concept of ransomware seems to have taken off with hackers and crime syndicates, becoming the modern cyber equivalent of the mob shakedown. Sort of like paying "protection money".

Now a new ransomware variant has been spotted in the wild, spreading via email, just as previous ones had. The latest is being referred to by the catchy name of Trojan.DownLoad3.35539, and appears in a message as a ZIP file with hopes that unsuspecting recipients will launch it.

Continue reading →

Whether you're a home or business user, one thing you've probably had drummed into you for years is the importance of virus protection, an effective firewall and malware guards. Well, as we start our journey into 2015 such security tools may not be anywhere near as effective as they used to be. Is it worth investing in them at all?

The suggestion isn’t that we should ditch firewalls and malware protection altogether -- that would be insanity. But security expert Ilia Kolochenko says that we need to rethink our reliance on automated security tools.

Continue reading →

As part of an on-going battle against malware and abuse of the social network, Facebook has joined up with security firm ESET. The partnership follows on from the news back in May that Facebook was working with both Trend Micro and F-Secure to try to combat the threat of malware. The addition of ESET makes a trio of security partners, and Facebook has incorporated the company's technology into its own security systems.

Facebook hopes that by combining the power of F-Secure, Trend Micro and ESET, it should be possible to block the appearance of more malicious links from newsfeeds. The thinking is that adding more security providers will helps to catch even more malware without the need to rely on users having antimalware software installed.

Continue reading →

A large proportion of websites are built on a CMS rather than raw HTML. Three of the most common are WordPress, Joomla and Drupal, and security researchers at Fox-It warn that site administrators are at risk of being socially engineered into installing the CryptoPHP backdoor on their server.

Distributed through pirated themes and plugins, CryptoPHP's spread is thanks to the light-fingeredness of site admins. It was first detected in 2013 and is still actively spreading. The capabilities of the "well developed" backdoor include remote control of an infected server, and Blackhat SEO -- a form of illegal search engine optimization.

Continue reading →

Using e-cigarettes, or vaping, is widely touted as being healthier for you than smoking tobacco, however, it may not be so healthy for your PC.

Many e-cigarettes offer a USB charging option but a story on social news site Reddit suggests that this is a potential source of malware attack. An executive's PC became infected after he'd recently given up smoking and the infection was traced to his e-cigarette charger.

Continue reading →

Security firm Symantec has released details of an advanced cyberespionage it has discovered. Called Regin, the backdoor Trojan is described as having a structure that "displays a degree of technical competence rarely seen". Symantec goes as far as saying that the levels of resources required to create such a highly advanced tool indicate that it was created by a nation state -- although there is no suggestion about who it might be.

The report says that Regin has already been used in mass surveillance programs not by but against government organizations. Symantec estimates that the tool may have been years in development, as it delivers multi-stage attacks, and great lengths are taken to hide each stage. The framework was designed to facilitate long-term surveillance, and the concealment techniques used make Regin difficult to fully understand.

Continue reading →

Free software that can detect the presence of surveillance spyware has been launched by a global coalition of human rights and tech organizations.

Organizations including Amnesty International, Privacy International, Digitale Gesellschaft and Electronic Frontier Foundation have teamed up to unveil the open source tool Detekt.

Continue reading →

Traditional malware infections usually require a file object to be placed on the system which makes it relatively easy for them to be detected and removed.

Now though there’s a stealthier threat uncovered by security company Malwarebytes. Poweliks is an infection that runs without a filesystem object, completely from the registry and memory using rundll32.exe, javascript and a create on-the-fly dll.

Continue reading →

Most people are aware that they need to have some form of protection on their PC if it's attached to the internet. Yet it seems that a lot of users still don't know how to properly protect themselves.

Many believe that the security software that comes with their PC is enough to protect them. Security company Check Point ZoneAlarm has released an infographic which shows that 71 percent don’t have both a firewall and antivirus solution on their PCs.

Continue reading →

Independent testing organization AV-Comparatives has released the results of its latest Real World Protection and File Detection tests showing which security products perform best at dealing with malware.

The Real World Protection test results are based on over 600 live threats including drive-by downloads, malicious URLs, and infected email attachments. 22 products were tested and rated against the 'out of the box' protection provided by Windows (80.4 percent).

Continue reading →