Articles about Trojans

Monty Python's singing Vikings

Oi, bank manager. Only you've got my email address - where're these TROJANS coming from?

Santander customers are continuing to complain about receiving trojans and other junk to email addresses exclusively used with the bank. The reports began last month, prompting promises of an investigation by Santander. It's still unclear whether email addresses leaked from the bank or one of its affiliates. Independent experts …
John Leyden, 19 Dec 2013

Rejoice, Blighty! UK is the TOP of the WHOLE WORLD ... for PHISHING

British punters are being served three times as many phishing links to trojans and exploit kits than the US, and five times more than the Germans, according to a ProofPoint study. The security researchers say that while the English were being served more malicious links, Germans were hit with the greatest amount of unsolicited …
Darren Pauli, 16 Sep 2014
Malware

158 new malware created EVERY MINUTE

Malware monitors PandaLabs says 227,747 new malware samples are released every day. The findings from its recent survey found 20 million samples were created in the third quarter of 2014. Three quarters of infections were trojans while only 9 percent were viruses and 4 percent worms. The number of trojans rose 13 percent over …
Darren Pauli, 06 Nov 2014
The Register breaking news

Frenchie bean-counters sweet-talked into slipping on Trojans

Crooks hoping to empty company bank accounts are calling up the firms' bean-counters to chase invoices packed with hidden malware. Finance staff are tricked into opening the booby-trapped messages in phone calls from con men, who claim to have emailed in legit paperwork that needs urgent attention. The documents instead include …
John Leyden, 14 May 2013

Beware Brit cops bearing battering rams. Four nabbed over Trojan claims

British cops have arrested four people suspected of using Trojans to illegally take control of computers. The arrests were made as part of a international operation led by Europol which aimed to clamp down on the criminal use of Remote Access Trojans (RATs). These malware nasties are capable of taking command of a target's …
Jasper Hamill, 21 Nov 2014

Hackers-for-hire raided 300 banks, corporates for TWELVE YEARS

A band of hackers for hire have raided some 300 banks, corporations and governments undetected for 12 years, possibly the longest campaign of its kind. The German hackers registered 800 front businesses in the UK to target and fully compromise organisations in Germany, Switzerland, and Austria at the request of customers. Elite …
Darren Pauli, 16 Sep 2014
emma watson

Facebook scammers punt fake 'sexy vid' of Emma Watson

Scammers are taking advantage of Emma Watson’s growing popularity by using the Harry Potter star as bait to spread malware on Facebook. The supposed “sexy videos” of the British actress – who has recently stood up against sexism in her new role as Goodwill Ambassador for Women – drop Trojans rather than the promised salacious …
John Leyden, 10 Oct 2014

FinFisher spyware used to snoop on Bahraini activists, police told

Allegations that three Bahraini activists resident in Britain were spied on by Bahraini authorities using British spyware have led to a criminal complaint. Privacy International is calling on the National Cyber Crime Unit of Britain's National Crime Agency to investigate the unlawful surveillance of three human rights …
John Leyden, 16 Oct 2014
Spying image

Securobods claim Middle East govts' fingerprints all over malware flung at journos

Researchers at Toronto-based Citizen Lab have shot down denials by Syria, Bahrain and the United Arab Emirates regarding attacks against activists, journalists and dissidents, labelling some of the assaults as incompetent. The team gathered tens of thousands of documents and files detailing the malware and social engineering …
Darren Pauli, 31 Jul 2014
The Register breaking news

Wave of Trojans breaks over Android

Fraudsters have cranked up production of malware targeting Android devices with with a rash of Trojans, many of which apply tricks long used against Windows PCs. F-Secure reports that a rogue developer has modified a harmless app that displays pictures of bikini-clad babes into a tool that secretly establishes a rudimentary …
John Leyden, 01 Jun 2011
The Register breaking news

Israeli cops penetrated by army of fake generals with trojans

Israeli police departments were pulled offline last Thursday following the discovery of a Trojan especially targeted at law enforcement networks in the Jewish state. The malware was distributed using spammed messages, spoofed so that they appeared to come from the head of the Israel Defense Forces, Benny Gantz. The malicious …
John Leyden, 30 Oct 2012

Privacy bods Detekt Hacking Team code nasty dressed as bookmark manager

The Detekt privacy tool has discovered Hacking Team's Windows spyware masquerading as a benign bookmark manager. Detekt was launched last week and offers users of Windows systems to inspect their machines for traces of known government spyware. Developer Claudio Guarnieri said on Twitter the tool discovered the malicious …
Darren Pauli, 26 Nov 2014
The Register breaking news

Trojans target pro-Tibet organisations

Security experts are warning of yet another targeted malware campaign using socially engineered emails to infiltrate pro-Tibet organisations in a bid to covertly nab sensitive files. Trend Micro threat research manager Ivan Macalintal explained in a blog post that the attacks are linked to the same command and control server …
Phil Muncaster, 11 Apr 2012

FBI opens Malware Investigator portal to industry

The Federal Bureau of Investigations has released a formerly in-house malware-analysing portal to help speed up incident responses and help industry and law enforcement with investigations. The G-men hope the Malware Investigator portal can let businesses build responses to new malware without such heavy reverse-engineering …
Darren Pauli, 30 Sep 2014
Crime in Russia

Hacker-hunters finger 'Keyser Soze' of Russian underground card sales

A hacker based in Odessa, Ukraine has become the main provider of data stolen from compromised credit cards, a new study claims. According to Russian cyber-security consultancy Group-IB, a person or persons operating under the pseudonym “Rescator” (AKA Helkern and ikaikki) uploaded details of over five million cards onto the …
John Leyden, 16 Oct 2014
Sean Connery in Dr. No

Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER

Amnesty and Privacy International are offering a free-of-charge spyware detection tool designed to help journalists and human rights activists stay one step ahead of government surveillance. The Windows-only Detekt anti-spyware tool is designed to be a supplement, rather than an alternative, to pre-existing anti-virus protection …
John Leyden, 20 Nov 2014

Lads from Lagos using 'Predator Pain' on hapless 419 victims

Advanced-fee fraudsters are adopting the tactics of state-sponsored hackers in attacks targeting small- to medium-sized businesses, rather than large corporates, according to research from Trend Micro. 419 gangs are using the Predator Pain and Limitless keyloggers to steal network credentials through spear-phishing attacks, …
John Leyden, 13 Nov 2014

Welcome the world's new Most Phished Country: Australia

Move over Brazil: Australia has become the most phished country on Earth, accounting for a quarter of all targeted malicious emails sent globally. Down Under has worked hard at the title, according to Kasperksy, more than doubling its share of phishing attacks received. This despite that a mere 23 million people inhabit the …
Darren Pauli, 26 Sep 2014
Spin

Firm issues soft denial against Iron Dome hack

An Israeli defence firm linked to Israel's Iron Dome missile defence platform has denied reports it was hacked by Chinese attackers who made off with information on the military technology. Israel Aerospace Industries (IAI) spokeswoman Eliana Fishler said in statement emailed to outlets including The Register that reports it had …
Darren Pauli, 30 Jul 2014

'Regin': The 'New Stuxnet' spook-grade SOFTWARE WEAPON described

A highly advanced malware instance said to be as sophisticated as the famous Stuxnet and Duqu has has been detected. "Regin" has security researchers opining it may be nastier than both. "Regin" malware is thought to have been developed by a nation-state because of the financial clout needed to produce code of this complexity. …
Darren Pauli, 24 Nov 2014

Cryptolocker flogged on YouTube

Cryptolocker is being flogged over YouTube by vxers who have bought advertising space, researchers Vadim Kotov and Rahul Kashyap have found. The researchers made the discovery while monitoring YouTube and website banners for instances where malware writers had actually purchased space to foist their wares on unpatched web users …
Darren Pauli, 20 Aug 2014
Syrian electronic army

Second hacking crew joins Syrian Electronic Army on Team Assad

A second hacking crew has weighed into the conflict in Syria on the side of embattled Syrian president Bashar al-Assad. Net security firm FireEye reckons it has identified 11 members of the "Syrian Malware Team" after analysing a strain of malware called BlackWorm. The malware is used by the group to infiltrate targets, say the …
John Leyden, 01 Sep 2014
android tongue

That sub-$100 Android slab you got on Black Friday? RIDDLED with holes, say infosec bods

Those fighting through hordes of fellow crazed bargain junkies this Black Friday should avoid some of the cheapo Android tablets on offer. Security researchers at Bluebox Labs bought a dozen Android fondleslabs, each costing less than $100, and tested them for poor patching, dodgy OS installation, and sloppy security practices …
Iain Thomson, 28 Nov 2014
Pandemia

Entirely new trojan quietly wheeled into black hat forums

An RSA researcher claims to have found an entirely new trojan during his trawls of the criminal underground. RSA researcher Eli Marcus says the "Pandemiya" trojan comprises about 25,000 lines of fresh code. With most malware based on proven platforms, entirely new code is a rarity. Pandemiya is nasty: it infects Windows PCs, …
Darren Pauli, 13 Jun 2014
Evil Android

Researchers warn of preloaded spyware in Android handsets

Security firm G-Data is warning users about their discovery of malware shipping preinstalled on some Chinese mobile phones. The German researchers said that they followed up on customer tips to study the Star N9500 mobile phone. The handsets, sold on eBay and many other online retail sites, are said to primarily be shipped out …
Shaun Nichols, 17 Jun 2014
Fraud image

Half a meellion euros stolen in week-long bank smash 'n' grab

Attackers have pulled off a lucrative lightning raid on a single beleaguered bank stealing half a million euros in a week, Kaspersky researchers say. The crims stole between €17,000 and €39,000 from each of 190 Italian and Turkish bank accounts, with a single continuous attack. Man-in-the-middle attackers used stolen bank login …
Darren Pauli, 26 Jun 2014
The Register breaking news

Biz urged to blast DNSChanger Trojans before safety net comes down

Half of all Fortune 500 companies still contain computers infected with the DNSChanger Trojan, weeks after a FBI-led takedown operations targeting the botnet's command-and-control infrastructure. DNSChanger changed an infected system's domain name system (DNS) resolution settings to point towards rogue servers that redirected …
John Leyden, 03 Feb 2012
Kronos

'Father of Zeus' banking trojan appears at very reasonable price

A banking trojan dubbed the father of the infamous Zeus malware is being flogged on cybercrime marketplaces for a pricey $7000, says fraud specialist Etay Maor. The Kronos malware was sold on a cybercrime forum, pitched particularly to Zeus trojan customers given its capabilities to re-use that trojan's form grabbing templates …
Darren Pauli, 15 Jul 2014

So which miscreants wrote the CosmicDuke info-slurping nasty?

Security researchers have uncovered a link between a Trojan and a recently discovered cyber-espionage tool which suggests cyber-spies behind recent attacks on Western governments cut their teeth writing conventional Trojans. CosmicDuke combines elements from the Cosmu Trojan and a backdoor known as MiniDuke, previously …
John Leyden, 04 Jul 2014
The Register breaking news

Trojans likely to follow Win 7 activation hack

Trojan attacks are likely in the wake of the Windows 7 product activation system cracks developed last week, less than a month after the release of Microsoft's latest operating system. The RemoveWAT (and the similar ChewWGA) utility allow a prospective Windows 7 user to bypass the Windows Genuine Advantage registration procedure …
John Leyden, 17 Nov 2009

Germany dumps Verizon for Deutsche Telekom over NSA spying

The German government has said it will cancel its contract with US telecoms provider Verizon, citing spying fears. "The pressures on networks as well as the risks from highly-developed viruses or Trojans are rising," the country's Interior Ministry told Reuters on Thursday. "Furthermore, the ties revealed between foreign …
Neil McAllister, 26 Jun 2014
The Moon

German space centre endures cyber attack

Germany’s space research centre in Cologne has been the victim of a co-ordinated and covert targeted attack carried out by state-sponsored hackers, according to a Der Spiegel report. The paper's report says that last Sunday the German Aerospace Centre (DLR) contacted the National Cyber Defence Centre in Bonn after it found …
Phil Muncaster, 15 Apr 2014
Money image

Hackers steal trade secrets from major US hedge firm

Criminals have successfully attacked a hedge fund, delaying trades and stealing profitable secrets in a rare direct raid on the financial services sector, according to BAE Systems Applied Intelligence. The clever hack cost the unnamed US-based hedge fund millions of dollars over two months, the firm alleges. Attackers apparently …
Darren Pauli, 23 Jun 2014

Roll up, come see the BOOMING HACKER BAZAAR!

Underground hacker markets are booming with counterfeit documents, premiere credit cards, hacker tutorials, and "complete satisfaction guarantees", according to a new report from Dell SecureWorks. The means to create a false identity are easily purchased through the cracker bazaars. A fake social security card can be obtain for …
John Leyden, 15 Dec 2014
arrow3china

Israel's Iron Dome missile tech stolen by Chinese hackers

A Chinese hacking team previously accused of being behind raids against US defence contractors has been accused of a new data heist: plundering the tech behind Israel's Iron Dome missile defence system. Beijing's infamous Comment Crew hacking group is thought to have executed the intrusions into the corporate networks of top …
Darren Pauli, 29 Jul 2014

Miscreants leak banking baddie's secret source

Miscreants have released the source code for the Tinba banking Trojan in a move that may spawn the development of copycats. The secret source behind early versions of the small (some versions weigh in at just 20KB) but pernicious banking Trojan was released through an underground forum last week, reports Danish security …
John Leyden, 11 Jul 2014

NBN Co hoses down 'scary Russian crackers' report

NBN Co, the company building Australia's National Broadband Network, has found itself having to refute reports in the finance press that its networks had been “penetrated” by “cyber gangs”. While attacks and scans are the lot of any and every network administrator, the company says the reported Trojan infections never got past a …
An alternative Yahoo! logo, courtesy of a Flickr user

Malware! tainted! ads! infect! thousands! of! Yahoo! users!

Thousands of Yahoo! users have been exposed to malware through malicious advertisements over the past few days, according to research by Dutch security firm Fox-IT. Malware-tainted ads served from ads.yahoo.com were shown to victims in Romania, Great Britain and France, infecting tens of thousands every hour. The first infection …
John Leyden, 06 Jan 2014
Cartoon of  green skeletal figure reaching out of phone

Malware-as-a-service picks Android apart

Quite possibly the most expensive and capable Android malware the world has yet seen is for sale at $US5000 on underground markets, replete with software-as-a-service support. The iBanking malware has evolved from a simple SMS-stealer to a highly capable application that records audio within the range of a device's microphone, …
Darren Pauli, 22 May 2014
The chinese characters for China as used in the new .中国  domain

Pictures of elite 'Chinese military hacker' published

'Putter Panda' hack crew part of PLA SIGINT apparat, allege security bods American security bods have unmasked a shady state-sponsored Chinese hacking group dubbed Putter Panda. Analysts at Crowdstrike traced the shadowy group to an address in Shanghai, and even outed its alleged leader. The research firm claimed a 35-year-old bloke known online as "cpyy" registered domain names to which Putter Panda …
Jasper Hamill, 10 Jun 2014
Buncefield fire scene

Sorry, chaps! We didn't mean to steamroller legit No-IP users – Microsoft

Updated Microsoft has admitted that it did disrupt a significant number of legitimate users of No-IP's dynamic DNS service, but says the problem is now sorted out. "Yesterday morning, Microsoft took steps to disrupt a cyber-attack that surreptitiously installed malware on millions of devices without their owners' knowledge through the …
Iain Thomson, 01 Jul 2014
The Register breaking news

Card-sniffing trojans target Diebold ATM software

Security researchers from Sophos have discovered sophisticated malware that siphons payment card information out of automatic teller machines made by Diebold and possibly other manufacturers. Sophos researcher Vanja Svajcer found three samples after combing through VirusTotal and a similar online database earlier this month. If …
Dan Goodin, 17 Mar 2009
The Register breaking news

PrevX piles in against bank Trojans, phishing

The fight against banking Trojans and phishing attacks has stepped up a gear with the launch of a new product on Wednesday targeted at securing online transactions. PrevX SafeOnline, a client-side security software package that isolates transactions from everything else on a user's Windows PC, is designed as an added layer of …
John Leyden, 04 Nov 2009
Bitcoins

Brainboxes caught opening Bitcoin fraud emails. Seriously, guys?

Cybercrooks have launched a phishing campaign targeting Bitcoin users – and it's enjoying high response rates despite the seemingly random spraying of corporate email addresses with the spam-based scam. Security-as-a-service provider Proofpoint has detected 12,000 messages sent in two separate waves to more than 400 …
John Leyden, 22 Aug 2014
Evil Android

Android SMS worm punts dodgy downloads... from your MATES

Internet ne'er-do-wells have put together a strain of Android malware that spreads like a email worm rather than acting like a conventional trojan. Selfmite spreads by automatically sending a text message to contacts in the infected phone’s address book. Theses SMS messages contain a URL that redirects to the malware: ‘Dear [ …
John Leyden, 27 Jun 2014
Kindle Big Brother

Cops and spies should blame THEMSELVES for smartphone crypto 'problem' - Hyppönen

IP Expo Law enforcement and intel agencies have no right to complain about the improved security of smartphones because they brought the problem on themselves, according to security guru Mikko Hyppönen. Policing and government officials on both sides of the Atlantic have been vociferous in their complaints about Apple and Google's …
John Leyden, 13 Oct 2014
The Register breaking news

Regional banking Trojans sneak past security defences

Cybercrooks have developed regionally-targeted banking Trojans that are more likely to slip under the radar of anti-virus defences. Detection rates for regional malware vary between zero and 20 per cent, according to a study by transaction security firm Trusteer. This company markets browser security add-ons to banks, which …
John Leyden, 01 Jul 2010
The Register breaking news

Computer forensics tool for banks aims to trace Trojans

Transaction security firm Trusteer has launched a remote forensics service designed to allow banks to diagnose if a client's PC has been infected with malware following incidents of suspected fraud. The Flashlight service is designed to allow strains of malware to be quickly identified without having to physically examine a …
John Leyden, 16 Mar 2010

Google teaches Chrome Canary to sing when it sniffs dodgy downloads

Google has equipped its experimental "Canary" distribution of the Chrome web browser with a malware-spotting capability to protect users from malicious downloads. The security upgrade was announced by Google on Thursday and means the browser will scan downloaded executable files for the presence of viruses and Trojans, and …
Jack Clark, 01 Nov 2013
Cloud security image

Skiddies turn Amazon cloud into 'crime-as-a-service' – security bod

Amazon Web Services' share of cloud-hosted malware-slingers has more than doubled in the last six months. That's according to NTT subsidiary Solutionary, which revealed the finding in its Q2 2014 Security Engineering Research Team (SERT) report published on Tuesday. The infosec researchers said that, out of the top ten ISPs and …
Jack Clark, 17 Jul 2014