Articles about Trojans

The Register breaking news

PrevX piles in against bank Trojans, phishing

The fight against banking Trojans and phishing attacks has stepped up a gear with the launch of a new product on Wednesday targeted at securing online transactions. PrevX SafeOnline, a client-side security software package that isolates transactions from everything else on a user's Windows PC, is designed as an added layer of …
John Leyden, 04 Nov 2009
Evil Android

Researchers warn of preloaded spyware in Android handsets

Security firm G-Data is warning users about their discovery of malware shipping preinstalled on some Chinese mobile phones. The German researchers said that they followed up on customer tips to study the Star N9500 mobile phone. The handsets, sold on eBay and many other online retail sites, are said to primarily be shipped out …
Shaun Nichols, 17 Jun 2014
Fraud image

Half a meellion euros stolen in week-long bank smash 'n' grab

Attackers have pulled off a lucrative lightning raid on a single beleaguered bank stealing half a million euros in a week, Kaspersky researchers say. The crims stole between €17,000 and €39,000 from each of 190 Italian and Turkish bank accounts, with a single continuous attack. Man-in-the-middle attackers used stolen bank login …
Darren Pauli, 26 Jun 2014
Kronos

'Father of Zeus' banking trojan appears at very reasonable price

A banking trojan dubbed the father of the infamous Zeus malware is being flogged on cybercrime marketplaces for a pricey $7000, says fraud specialist Etay Maor. The Kronos malware was sold on a cybercrime forum, pitched particularly to Zeus trojan customers given its capabilities to re-use that trojan's form grabbing templates …
Darren Pauli, 15 Jul 2014
The Register breaking news

Regional banking Trojans sneak past security defences

Cybercrooks have developed regionally-targeted banking Trojans that are more likely to slip under the radar of anti-virus defences. Detection rates for regional malware vary between zero and 20 per cent, according to a study by transaction security firm Trusteer. This company markets browser security add-ons to banks, which …
John Leyden, 01 Jul 2010

So which miscreants wrote the CosmicDuke info-slurping nasty?

Security researchers have uncovered a link between a Trojan and a recently discovered cyber-espionage tool which suggests cyber-spies behind recent attacks on Western governments cut their teeth writing conventional Trojans. CosmicDuke combines elements from the Cosmu Trojan and a backdoor known as MiniDuke, previously …
John Leyden, 04 Jul 2014
The Moon

German space centre endures cyber attack

Germany’s space research centre in Cologne has been the victim of a co-ordinated and covert targeted attack carried out by state-sponsored hackers, according to a Der Spiegel report. The paper's report says that last Sunday the German Aerospace Centre (DLR) contacted the National Cyber Defence Centre in Bonn after it found …
Phil Muncaster, 15 Apr 2014

Germany dumps Verizon for Deutsche Telekom over NSA spying

The German government has said it will cancel its contract with US telecoms provider Verizon, citing spying fears. "The pressures on networks as well as the risks from highly-developed viruses or Trojans are rising," the country's Interior Ministry told Reuters on Thursday. "Furthermore, the ties revealed between foreign …
Neil McAllister, 26 Jun 2014

NBN Co hoses down 'scary Russian crackers' report

NBN Co, the company building Australia's National Broadband Network, has found itself having to refute reports in the finance press that its networks had been “penetrated” by “cyber gangs”. While attacks and scans are the lot of any and every network administrator, the company says the reported Trojan infections never got past a …
The Register breaking news

Computer forensics tool for banks aims to trace Trojans

Transaction security firm Trusteer has launched a remote forensics service designed to allow banks to diagnose if a client's PC has been infected with malware following incidents of suspected fraud. The Flashlight service is designed to allow strains of malware to be quickly identified without having to physically examine a …
John Leyden, 16 Mar 2010

Trojans besiege online gamers

Online games have become a major target for fraud in recent years. A study from Kaspersky Labs, published today, dissects the techniques and targets used by hackers to make "easy money" by selling stolen login credentials of users or in-game items on the black market. Online games and fraud: using games as bait by Sergey …
John Leyden, 11 Sep 2007
Money image

Hackers steal trade secrets from major US hedge firm

Criminals have successfully attacked a hedge fund, delaying trades and stealing profitable secrets in a rare direct raid on the financial services sector, according to BAE Systems Applied Intelligence. The clever hack cost the unnamed US-based hedge fund millions of dollars over two months, the firm alleges. Attackers apparently …
Darren Pauli, 23 Jun 2014
Shot of a girl with a mask biking through Beijing

Web protection: A flu mask for the internet

The internet is no longer optional for organisations. It is where business lives. Unfortunately, it is also probably the worst neighbourhood on the planet, filled with cybercriminals, hacktivists, and corporate and state spies. And the internet is both the largest and the smallest neighbourhood. All of these people live just …
Robin Birtstone, 09 Mar 2015
arrow3china

Israel's Iron Dome missile tech stolen by Chinese hackers

A Chinese hacking team previously accused of being behind raids against US defence contractors has been accused of a new data heist: plundering the tech behind Israel's Iron Dome missile defence system. Beijing's infamous Comment Crew hacking group is thought to have executed the intrusions into the corporate networks of top …
Darren Pauli, 29 Jul 2014

Roll up, come see the BOOMING HACKER BAZAAR!

Underground hacker markets are booming with counterfeit documents, premiere credit cards, hacker tutorials, and "complete satisfaction guarantees", according to a new report from Dell SecureWorks. The means to create a false identity are easily purchased through the cracker bazaars. A fake social security card can be obtain for …
John Leyden, 15 Dec 2014

Miscreants leak banking baddie's secret source

Miscreants have released the source code for the Tinba banking Trojan in a move that may spawn the development of copycats. The secret source behind early versions of the small (some versions weigh in at just 20KB) but pernicious banking Trojan was released through an underground forum last week, reports Danish security …
John Leyden, 11 Jul 2014
An alternative Yahoo! logo, courtesy of a Flickr user

Malware! tainted! ads! infect! thousands! of! Yahoo! users!

Thousands of Yahoo! users have been exposed to malware through malicious advertisements over the past few days, according to research by Dutch security firm Fox-IT. Malware-tainted ads served from ads.yahoo.com were shown to victims in Romania, Great Britain and France, infecting tens of thousands every hour. The first infection …
John Leyden, 06 Jan 2014
channel

Trojans are the New Model Army

Amateur virus writers are going the way of amateur athletes, morris dancing and the May Pole, according to a survey by Panda Software. Seventy per cent of malware detected by the developer’s scanning service in the first quarter had a cybercrime or financial motive. Forty per cent of malware detected was spyware, the firm said …
Team Register, 08 May 2006
Cartoon of  green skeletal figure reaching out of phone

Malware-as-a-service picks Android apart

Quite possibly the most expensive and capable Android malware the world has yet seen is for sale at $US5000 on underground markets, replete with software-as-a-service support. The iBanking malware has evolved from a simple SMS-stealer to a highly capable application that records audio within the range of a device's microphone, …
Darren Pauli, 22 May 2014
The Register breaking news

Data-sniffing trojans burrow into Eastern European ATMs

Security experts have discovered a family of data-stealing trojans that have burrowed into automatic teller machines in Eastern Europe over the past 18 months. The malware logs the magnetic-stripe data and personal identification number of cards used at an infected machine and provides an intuitive interface for retrieving the …
Dan Goodin, 03 Jun 2009
The chinese characters for China as used in the new .中国  domain

Pictures of elite 'Chinese military hacker' published

'Putter Panda' hack crew part of PLA SIGINT apparat, allege security bods American security bods have unmasked a shady state-sponsored Chinese hacking group dubbed Putter Panda. Analysts at Crowdstrike traced the shadowy group to an address in Shanghai, and even outed its alleged leader. The research firm claimed a 35-year-old bloke known online as "cpyy" registered domain names to which Putter Panda …
Jasper Hamill, 10 Jun 2014
The Register breaking news

Banking Trojans double as scareware runs wild

The prevalence of scareware packages has reached epidemic proportions, with 485,000 different samples detected in the first half of 2009 alone. The figure is more than five times the combined figure for the whole of 2008, according to statistics from the Anti-Phishing Working Group (APWG). The huge figures are explained by the …
John Leyden, 02 Oct 2009
Buncefield fire scene

Sorry, chaps! We didn't mean to steamroller legit No-IP users – Microsoft

Updated Microsoft has admitted that it did disrupt a significant number of legitimate users of No-IP's dynamic DNS service, but says the problem is now sorted out. "Yesterday morning, Microsoft took steps to disrupt a cyber-attack that surreptitiously installed malware on millions of devices without their owners' knowledge through the …
Iain Thomson, 01 Jul 2014
arrow pointing up

Get your Mac, it's raining Trojans

Security firm Sophos has issued a call for home computer users to ditch the Windows operating system and switch to Macs for the sake of their safety online. The call came as part of a report detailing the main trends in malicious software so far this year. The main finding was that all of the top ten threats to online users …
Lucy Sherriff, 05 Jul 2006

TomTom includes Trojans with satnav device

A small number of satellite navigation devices manufactured last year by TomTom were shipped containing malware, the company confirmed in a terse statement that raised more questions - and user ire - than answers. An "isolated, small number" of TomTom's GO 910 models produced in September and November may be infected with a …
Dan Goodin, 29 Jan 2007

Google teaches Chrome Canary to sing when it sniffs dodgy downloads

Google has equipped its experimental "Canary" distribution of the Chrome web browser with a malware-spotting capability to protect users from malicious downloads. The security upgrade was announced by Google on Thursday and means the browser will scan downloaded executable files for the presence of viruses and Trojans, and …
Jack Clark, 01 Nov 2013
Bitcoins

Brainboxes caught opening Bitcoin fraud emails. Seriously, guys?

Cybercrooks have launched a phishing campaign targeting Bitcoin users – and it's enjoying high response rates despite the seemingly random spraying of corporate email addresses with the spam-based scam. Security-as-a-service provider Proofpoint has detected 12,000 messages sent in two separate waves to more than 400 …
John Leyden, 22 Aug 2014
Evil Android

Android SMS worm punts dodgy downloads... from your MATES

Internet ne'er-do-wells have put together a strain of Android malware that spreads like a email worm rather than acting like a conventional trojan. Selfmite spreads by automatically sending a text message to contacts in the infected phone’s address book. Theses SMS messages contain a URL that redirects to the malware: ‘Dear [ …
John Leyden, 27 Jun 2014
Kindle Big Brother

Cops and spies should blame THEMSELVES for smartphone crypto 'problem' - Hyppönen

IP Expo Law enforcement and intel agencies have no right to complain about the improved security of smartphones because they brought the problem on themselves, according to security guru Mikko Hyppönen. Policing and government officials on both sides of the Atlantic have been vociferous in their complaints about Apple and Google's …
John Leyden, 13 Oct 2014
unhappy

Trojans fuel ID theft boom

Identity theft, both offline and online, is on the rise with keylogging Trojan software often forming the weapon of choice for would-be fraudsters, according to a new study by net security firm McAfee. McAfee reckons the number of keylogging malware packages increased 250 per cent between January 2004 and May 2006. The number …
John Leyden, 16 Jan 2007
Cloud security image

Skiddies turn Amazon cloud into 'crime-as-a-service' – security bod

Amazon Web Services' share of cloud-hosted malware-slingers has more than doubled in the last six months. That's according to NTT subsidiary Solutionary, which revealed the finding in its Q2 2014 Security Engineering Research Team (SERT) report published on Tuesday. The infosec researchers said that, out of the top ten ISPs and …
Jack Clark, 17 Jul 2014

Scared yet, web devs? Google smears malware warnings over PHP.net

Google's Safe Browsing technology is blocking access to PHP.net as a precaution, after apparently detecting that some of its pages were booby-trapped with links to malicious software. The move put warning blocks in the way of accessing a site that's widely used by web developers. Google didn't specify the types of Trojans …
John Leyden, 24 Oct 2013
Targeted Spam

Spam drops as legit biz dumps mass email ads: Only the dodgy remain

Spam email was down in volume last year, but junk mail messages still comprise two in three items of electronic communication sent over the interwebs. Kaspersky Lab reports the portion of spam in email flows was as high as 69.6 per cent in 2013 – which is 2.5 percentage points lower than 2012. The biggest sources of spam were …
John Leyden, 24 Jan 2014
The Register breaking news

Trojans exploit Windows DRM loophole

Virus writers have subverted digital rights management features in Windows Media Player to spread Trojans and other malware. License-protected movie (.wmv) files infected with the WmvDownloader-A or WmvDownloader-B Trojans have entered circulation on P2P networks, reports Madrid-based antivirus firm Panda Software. Normally …
John Leyden, 13 Jan 2005
Iphone_hard_case

Put down that iPad! Snoopware RECORDS your EVERY gesture, TAP on iOS, Android

A security researcher has developed a proof-of-concept malware capable of capturing the actions of users on touchscreen devices. Senior security consultant Neal Hindocha and his colleagues at Trustwave were able to brew up similar strains of prototype malicious code for both rooted Android and jailbroken iOS devices. The line of …
John Leyden, 05 Feb 2014
Cartoon of  green skeletal figure reaching out of phone

After the cyberpunks, prepare to fight a new wave of nasties

Presagers of doom in the IT industry have sometimes got it horribly wrong. One need only look back 14 years to the millennium bug, which was supposed to bring down the world’s critical systems. The year 2000 came and went with no digital cataclysm in sight. Even the smartest people make grand claims about imminent threats. …
Tom Brewster, 27 May 2014

Your browser may be up to date: But what about the PLUGINS?

Two in five (39 per cent) of computers submitted for testing to a free browser security test from Qualys were affected by critical vulnerabilities, mostly related to browser plug-ins. The findings, based on 1.4 million BrowserCheck computer scans, paint a picture of e-commerce buyers left wide open to attacks by cybercriminals …
John Leyden, 02 Dec 2013

IBM snaps up banking security biz Trusteer, won't say what it paid

IBM has announced a deal to acquire transaction security firm Trusteer and open a new cybersecurity lab in Israel. Financial terms of the buyout, announced Thursday, were not disclosed. Big Blue said the deal would allow it to offer improved cloud-delivered software and services to defend against advanced security threats to its …
John Leyden, 15 Aug 2013

Ethiopian journos hit by Hacking Team spyware, say infosec bods

Ethiopian journalists in the US were targeted by malware sold exclusively to governments by the Hacking Team company, according to security researchers. Staffers at Ethiopian Satellite Television Service (ESAT), an independent TV, radio, and online news outlet run by Ethiopian ex-pats, was targeted repeatedly by spyware in late …
John Leyden, 13 Feb 2014
The Register breaking news

Child abuse ransomware tweaked to tout bogus antivirus saviours

Cybercrooks have found another application for ransomware, the horrible software that locks up a PC until money is handed over: it's now being used to push fake antivirus onto victims. Reveton - a widespread piece of ransomware that infects machines, falsely accuses marks of downloading images of child abuse and demands a fine …
John Leyden, 08 Aug 2013
NSA's Fort Meade headquarters

Does F-Secure's antivirus turn a blind eye to spook spyware? CEO hits back

Antivirus maker F-Secure has responded to privacy campaigners' concerns over the handling of spook-grade surveillance malware – by insisting its security software slays government spyware wherever it can. In an open letter to the Bits of Freedom team, F-Secure president and chief exec Christian Fredrikson said his firm stands by …
Shaun Nichols, 07 Nov 2013

China's mobile underground revealed in new report

China plays host to a vast and highly sophisticated “mobile underground” where cyber criminals can buy the tools to launch attacks for as little as 100 yuan (£9.70), according to a new report from security vendor Trend Micro. The Mobile Cybercriminal Underground Market in China is the firm's follow up to two separate reports on …
Phil Muncaster, 04 Mar 2014

Lads from Lagos turn from 419 scams to basic malware slinging

Nigerian scammers are developing beyond 419 advance-fee fraud scams against individuals by using trojans to steal valuable information from businesses instead. Security researchers at Palo Alto Networks reports that cyber criminals in Nigeria have evolved common malware campaigns to infiltrate businesses that have not previously …
John Leyden, 22 Jul 2014

When ZOMBIES go shopping: 40m Target customer breach? That's NOTHING!

Malware linked to fraud in the retail sector may be a bigger problem than even the recent revelation about the compromise of systems US retailer Target suggests. Shopping giant Target and luxury retailer Neiman Marcus both announced significant data breaches during the 2013 holiday shopping season. The Target breach at least …
John Leyden, 23 Jan 2014
Linux mascot Tuz

Linux backdoor squirts code into SSH to keep its badness buried

Security researchers have discovered a Linux backdoor that uses a covert communication protocol to disguise its presence on compromised systems. The malware ‪was used in an attack on a large (unnamed) hosting provider ‬back in May. It cleverly attempted to avoid setting off any alarm bells by injecting its own communications …
John Leyden, 15 Nov 2013

Poker ace's vanishing hotel laptop WAS infected by card-shark – F-Secure

A laptop apparently stolen from a top-flight poker pro's hotel room and mysteriously returned while he played in a card tournament was infected by spyware. That's according to security firm F-Secure, which today said it had analyzed the computer, owned by ace player Jens Kyllönen. The Java-written malware on the machine could …
Shaun Nichols, 11 Dec 2013
The Register breaking news

Trojans as spam robots: the evidence

German magazine c't says it has evidence that virus writers are selling the IP addresses of PCs infected with Trojans to spammers. Spammers use these infected systems to unlawfully distribute commercial email messages, without the knowledge of their owners. The Trojan involved was spread by a virus called Randex. This small …
Jan Libbenga, 22 Feb 2004
Q and Bond, Skyfall

JUST LIKE US: Hackers who work for gov seem almost... ORGANISED

State-sponsored hackers are looking less like traditional hacking crews and more like military units as they share infrastructure and adopt strict hierarchies, according to new research. Infosec firm FireEye has identified links between 11 APT campaigns, including use of the same malware tools, shared code, binaries with the …
John Leyden, 14 Nov 2013

Ex-Google, Mozilla bods to outwit EVIL BOTS with 'polymorphic' defence

Startup Shape Security is re-appropriating a favourite tactic of malware writers in developing a technology to protect websites against automated hacking attacks. Trojan authors commonly obfuscate their code to frustrate reverse engineers at security firms. The former staffers from Google, VMWare and Mozilla (among others) have …
John Leyden, 21 Jan 2014

ZeuS KICKS that SaaS: Trojan raids Salesforce.com accounts

Miscreants have forged a variant of the infamous ZeuS banking Trojan that targets enterprise data held by clients of CRM giant Salesforce.com. The ZeuS variant does not exploit a vulnerability in the Salesforce.com platform itself but rather penetrates the insecure devices of corporate workers accessing Salesforce.com. The …
John Leyden, 26 Feb 2014