Feeds

Articles about Trojans

The Register breaking news

Phishers use less strident subject lines to deliver new cunning attacks

The use of exploit kits is allowing phishing fraudsters to develop scams that only rely on tricking prospective marks into clicking a link, rather than submitting all their details to a bogus website. Many recent phishing runs spotted by Trend Micro have made use of the notorious Blackhole Exploit kit. The hacker favourite is …
John Leyden, 13 Jul 2012
The Register breaking news

'World's BIGGEST online fraud': Suspect's phone had 'location' switched on

Two Russians arrested over their suspected involvement in the largest online fraud in US history were tracked down by analysing photos they posted to social media sites and tracking the location of one suspect's mobile phone, Reuters reports. Four Russians and a Ukrainian national were named as suspects in a credit card hacking …
John Leyden, 29 Jul 2013
arrow pointing up

Get your Mac, it's raining Trojans

Security firm Sophos has issued a call for home computer users to ditch the Windows operating system and switch to Macs for the sake of their safety online. The call came as part of a report detailing the main trends in malicious software so far this year. The main finding was that all of the top ten threats to online users …
Lucy Sherriff, 05 Jul 2006
The Register breaking news

REVEALED: Cyberthug tool that BREAKS HSBC's anti-Trojan tech

Cybercrooks on an underground forum have developed a technique to bypass anti-Trojan technology from Trusteer used by financial institutions worldwide – including HSBC and Paypal – to protect depositors from cybersnoopers. Trusteer has downplayed the vulnerability and said it's in the process of rolling out beefed-up protection …
John Leyden, 06 Aug 2013
The Register breaking news

Camby cash crypto-coders Cronto chomped on pronto by Vasco

Swiss software firm Vasco has bought Cambridge-based banking security specialist Cronto in a deal valued at up to £14.5m. Vasco will pay $19.3m (€15m, £12.7m), and a further $2.6m (€2m, £1.8m) depending on future earnings, to get its hands on the British upstart's malware-defeating technology. Its software attempts to shield …
John Leyden, 22 May 2013
The Register breaking news

The Pirate Bay's new censorship-dodging browser 'not secure'

The Pirate Bay has released a bundle of add-ons to help people search for and access bits of the internet that governments and ISPs have locked away. The only hitch is: despite the fact that it contains a Tor client, security experts have said that it doesn't completely anonymise internet traffic. This has raised concerns about …
Jasper Hamill, 12 Aug 2013
Facebook logo

Crims take to Facebook to flog ZeuS kits

Not content with hawking their wares in underground forums and other insalubrious parts of the darknet, criminals are now advertising their wares on Facebook, says RSA. The Facebook page in question is now unavailable, but appears to have been packed full of handy info for the budding cyber criminal, according to Limor Kessem, …
Phil Muncaster, 29 Apr 2013

Microsoft seizes Chinese dot-org to kill Nitol bot army

Microsoft has disrupted the emerging Nitol botnet - and more than 500 additional strains of malware - by taking control of a rogue dot-org website. The takedown is the latest in Microsoft's war against armies of hacker-controlled PCs. The Windows 8 giant's Operation b70 team discovered crooks were selling computers loaded with …
John Leyden, 13 Sep 2012
Licensed under creative commons (Kafa4Prez) http://creativecommons.org/licenses/by-sa/2.0/deed.en

'Hand of Thief' banking Trojan reaches for Linux – for only $2K

Cybercrooks have created a banking Trojan that targets Linux users, which is been touted for sale on underground cybercrime forums for just $2,000 a pop. The "Hand of Thief" malware is a rare example of malicious code written especially to target the open-source operating system. The digital nasty includes form-grabbers for HTTP …
John Leyden, 08 Aug 2013
The Register breaking news

Patch often: Cyber-crim toolkits love stinky old gaping holes

More than two in three exploits kits that attempt to inject malware into web surfers' computers were developed in Russia - and at least one in two exploit rather old vulnerabilities. Blackhole 2.0 is the most often used hacking toolkit - installed on websites to attack and take over visitors' computers - but it targets fewer …
John Leyden, 28 Jan 2013
The Register breaking news

5 Tokyo devs cuffed over 'The Movie' Android app scam

Japanese cops have arrested five developers accused of planting malware in smartphone applications. A video app for Android phones created by the group allegedly harvested information from 90,000 smartphones. Details in early reports are sketchy but thehackernews.com reports that the apps were marketed to customers by adding the …
John Leyden, 01 Nov 2012
The Register breaking news

Earn £8,000 a MONTH with bogus apps from Russian malware factories

Just 10 professionally run malware-making workshops in Russia are responsible for 30 per cent of the Trojans, spyware and other nasties infecting smartphones globally. That's according to a study by mobile security outfit Lookout. These underground crime labs churn out DIY kits ideal for scriptkiddies looking to make a fast buck …
John Leyden, 05 Aug 2013
The NSA Unchained

NSA tactics no better than a CYBERCRIME GANG, says infosec'er

The NSA operates like a state-sponsored cybercrime gang using much the same tools and techniques as miscreants slinging banking trojans, one cynic has suggested. Anyone following the Snowden revelations knows by now that the NSA uses exploits and malware to spy on the online activities of targets, but ponytailed infosec expert …
John Leyden, 11 Oct 2013
Smartphone user on Tube

Don’t let mobile malware steal your company data

The mobile malware landscape is changing. Standardisation might be a good thing for building ecosystems and making phones more useful, but the emergence of Android and iOS as leaders in the operating-system wars makes life easier for those who would target the data on your corporate devices. It also means there is more to steal …
Simon Rockman, 16 Oct 2013
The Register breaking news

Trying to kill undead Pushdo zombies? Hard luck, Trojan is EVOLVING

The crooks behind the Pushdo botnet agent have developed variants of the malware that are more resistant to take-down attempts or hijacking by rival hackers. Dell SecureWorks and Damballa warned (PDF) on Wednesday that the latest variant of Pushdo comes packed with a fallback mechanism for cases where zombie clients are unable …
John Leyden, 17 May 2013
unhappy

Trojans fuel ID theft boom

Identity theft, both offline and online, is on the rise with keylogging Trojan software often forming the weapon of choice for would-be fraudsters, according to a new study by net security firm McAfee. McAfee reckons the number of keylogging malware packages increased 250 per cent between January 2004 and May 2006. The number …
John Leyden, 16 Jan 2007
The Register breaking news

New Google Play terms ban non-store app updates

Google has amended the policies of its Play app store for Android to prohibit third-party app update mechanisms, in a move seemingly designed to put the kibosh on a contentious feature being tested by Facebook. As of Friday, the "Dangerous Products" section of the Chocolate Factory's Google Play Developer Program Policies - …
Neil McAllister, 26 Apr 2013
The Register breaking news

Adobe Reader 0-day exploit surfaces on underground bazaars

Miscreants have reportedly discovered a zero-day vulnerability in latest version of Adobe Reader. Exploits based on the vulnerability, which circumvents sandbox protection technology incorporated into Adobe X and Adobe XI, are on sale in underground forums. Pricing starts at a hefty $30,000 but the exploit has already made its …
John Leyden, 08 Nov 2012
The Register breaking news

Android Trojan distracts Japanese with anime and porn

Security experts are warning of yet more malicious applications found on Google’s official online apps market Play, this time designed to steal personal data in the background while promising to show trailers for Japanese anime, video games and porn. McAfee malware researcher Carlos Castillo explained in a blog post that the new …
Phil Muncaster, 16 Apr 2012
The Register breaking news

RAT-flingers target human right activists in watering-hole attack

The Reporters without Borders website was compromised on Tuesday to run a watering-hole attack. Researchers speculated that the attackers were likely targeting the human rights activists who visit the NGO's online address. So-called watering hole attacks are named for the passive technique of injecting malicious code where its …
John Leyden, 24 Jan 2013
The Register breaking news

Regulator sniffs mobile services bods: 'Something's off. Hand me the probe'

UK premium rate regulator PhonepayPlus has launched an investigation into five mobile phone subscription services after it said that evidence had emerged that each had been marketed though ransomware-style browser lock-in tactics. Bafona Ltd’s Zovut subscription service, which costs £4.50 per week, is billed as a chance to …
John Leyden, 03 Jul 2013
The Register breaking news

Rotten spam causing more infections than ever – study

Anti-spam tools have evolved to a degree where many of us hardly see much spam anymore. But when we do, the threat posed by those messages is greater than it has ever been, according to a new report from independent security firm AV-Test. The report, entitled "Spam – More Dangerous than Ever Before," was based on an 18-month …
Neil McAllister, 11 Apr 2013
The Register breaking news

2 in 3 Android anti-malware scanners not up to the job

Two-thirds of Android anti-malware scanners failed to protect against a range of malware in independent tests. AV-Test put 41 different virus scanners for Android through their paces. Almost two-thirds of these scanners are not yet suitable for use as reliable products, identifying less than 65 per cent of the 618 types of …
John Leyden, 07 Mar 2012
The Register breaking news

SourceForge pulls off fake, 'Trojan-wrapped' Anonymous OS tool

Prominent members of Anonymous have said that a open-source distro bearing the hacktivist group's moniker is nothing to do with them and is likely to be riddled with Trojans. Anonymous OS Live – supposedly an Ubuntu-based OS, which advertises itself as being pre-loaded with various hacking tools and utilities (Tor, John the …
John Leyden, 16 Mar 2012
The Register breaking news

Trojans exploit Windows DRM loophole

Virus writers have subverted digital rights management features in Windows Media Player to spread Trojans and other malware. License-protected movie (.wmv) files infected with the WmvDownloader-A or WmvDownloader-B Trojans have entered circulation on P2P networks, reports Madrid-based antivirus firm Panda Software. Normally …
John Leyden, 13 Jan 2005

They've taken my storage hostage ... now what?

There's an encrypting ransomware Trojan making the rounds called Cryptolocker. I will save the details on my battle with this beastie for later*, but suffice it to say that if this encrypts your stuff you are done. There is no getting your data back unless you have backups or pay the ransom. Let's set aside the ultra-well …
Trevor Pott, 24 Oct 2013
Great Wall of China

China is world's most malware-ridden nation

Some 55 per cent of Chinese computers are infected with malware, the highest of any country worldwide, according to the latest Annual Security Report from Panda Security. The Spanish security vendor’s Panda Labs research team reported 27 million new strains of malware in 2012, bringing the total in its database to 125m. It said …
Phil Muncaster, 07 Feb 2013

Reg HPC man relives 0-day rootkit GROUNDHOG DAY

This is a difficult article to write, and I’ve put it off for way too long. But it’s time to bite the bullet and make an embarrassing admission to the Register audience. I’ve been hacked and hacked hard. Admitting this publicly to Reg readers is like chumming shark-infested waters with my own blood. Or like telling people that I …
The Register breaking news

Condom compartment hidden in iPhone case

Australian Company Annex Products has unveiled* an iPhone case with a sliding compartment designed to store two condoms without revealing the popular prophylactics' telltale bulge. The idea for the product, according to a promotional video, came after a young Australian man visited his girlfriend's home for the first time, …
Simon Sharwood, 04 Apr 2012
The Register breaking news

Malware devs offer $100 a pop for 'active' Google Play accounts

Virus writers are paying top dollar for access to "active" Google Play accounts to help them spread mobile malware across the Android ecosystem. Google charges $25 to Android developers who wish to sell their wares through the Google Play marketplace but a denizen of an underground cybercrime forum is offering to purchase these …
John Leyden, 08 Mar 2013

Antivirus bods grilled: Do YOU turn a blind eye to government spyware?

Security guru Bruce Schneier has joined with the Electronic Frontier Foundation and 23 other privacy and digital rights activists to call on antivirus firms to publicly state they do not turn a blind eye towards state-sponsored malware. Antivirus vendors have been given until 15 November to go on the record about detection of …
John Leyden, 05 Nov 2013
The Register breaking news

Bank man: System's down, let's have coffee. Oh SNAP, where's all the CASH?

Cybercrooks are running distributed denial of service attacks as a smokescreen to distract bank security staff while they plunder online banking systems, according to a researcher. Avivah Litan, vice president at Gartner Research, reports that cyber criminals looking to attack financial institutions are getting more ambitious by …
John Leyden, 21 Aug 2013
The Register breaking news

McAfee warns of Project Blitzkrieg hack attack on US banks

Security firm McAfee warns that there is a credible threat of a coordinated Spring offensive against at least 30 US banks next year by Eastern European fraudsters. Talk of Project Blitzkrieg started after a message in September on a hacking board from a user identifying himself as vorVzakone, who was looking for recruits for a …
Iain Thomson, 15 Dec 2012
bug on keyboard

Microsoft borks botnet takedown in Citadel snafu

Security researchers are complaining about collateral damage from the latest botnet take-down efforts by Microsoft and its partners. The Windows 8 giant worked with financial service organisations, other technology firms and the Federal Bureau of Investigation to disrupt more than a thousand botnets. The botnets in question …
John Leyden, 10 Jun 2013
The Register breaking news

One in seven North American home networks full of malware

One in seven home networks in North America are infected with malware, a recent study has revealed. Half the threats detected during Q3 2012 were made up of spam-spewing zombies or banking Trojans while the remainder were mostly adware and other lesser threats, according to a study by Kindsight Security Labs. The study was based …
John Leyden, 02 Nov 2012
The Register breaking news

Trojans as spam robots: the evidence

German magazine c't says it has evidence that virus writers are selling the IP addresses of PCs infected with Trojans to spammers. Spammers use these infected systems to unlawfully distribute commercial email messages, without the knowledge of their owners. The Trojan involved was spread by a virus called Randex. This small …
Jan Libbenga, 22 Feb 2004
The Register breaking news

Polish knights slay Virut, the brazen virus army that has its own EULA

Security researchers have decapitated a spam-spewing network of hacked computers by pulling the plug on the central command-and-control servers. The compromised PCs were infected by the Virut virus and were being remotely controlled from these servers by miscreants. The takedown operation was coordinated by CERT Polska, the …
John Leyden, 21 Jan 2013
The Register breaking news

'Red October' has been spying on WORLD LEADERS for 5 years - researchers

Security watchers have discovered a malware-based cyber-espionage campaign targeting diplomats, governments and scientific research institutions worldwide. Operation Red October has targeted Eastern Europe, former Soviet republics, and countries in Central Asia for the past five years, according to Kaspersky Lab. The attack has …
John Leyden, 14 Jan 2013
Bacteria on a mobile phone

Got a mobile phone? Then you've got a Trojan problem too

Something wonderful has happened: phones have got smart, but the bad news is they may open the door to those you don’t want to let in. Time was when getting software to run properly on your mobile phone was such a challenge that it was nigh on impossible for bad guys to write malware that worked. Most phones used proprietary …
Simon Rockman, 18 Oct 2013
The Register breaking news

Chinese Nitol botnet host back up after Microsoft settles lawsuit

Microsoft has reached a settlement with the Chinese site linked to the Nitol DDoS botnet. The emerging Nitol botnet was hosted by the 3322.org domain. In order to stem the threat, Microsoft filed a suit to take control of the 70,000 malicious subdomains hosted on 3322.org, gaining control of the domain in mid September. Redmond …
John Leyden, 04 Oct 2012
The Register breaking news

Apple's two-factor security isn't as good as Microsoft or Google's, say experts

Apple's two-factor authentication system does not protect users' private files backed up to the iCloud, it is claimed. Fanbois have been able to secure their Apple accounts with a two-step login process since March: these accounts are important because they are used to bung or retrieve backups into and out of Cupertino's iCloud …
John Leyden, 31 May 2013
The Register breaking news

Cryptome.org hacked to dish out malware

Cybercrooks have planted malicious scripts on top of whistle-blowing nerve centre Cryptome.org. cryptome_b The website this morning... The attack, which used the well-known Blackhole toolkit, exposed surfers visiting any page of Cryptome.org to a hacker-controlled page that leveraged browser exploits and the like to …
John Leyden, 14 Feb 2012
The Register breaking news

Crooks, think your Trojan looks legit? This one has a DIGITAL CERTIFICATE

Security researchers have discovered a banking Trojan that comes with its own built-in digital certificate. The Brazilian banking password-sniffer was signed with a valid digital certificate issued by DigiCert, MalwareBytes reports. DigiCert responded promptly to inquiries by El Reg to confirm it had a had pulled the offending …
John Leyden, 05 Feb 2013
The Register breaking news

Cryptoboffin: Secure boot a boon for spooks' spyware

A leading computer scientist has warned that the latest so-called Trusted Computing proposals may restrict the market for anti-virus and security software. Cambridge University Professor Ross Anderson warns that the secure boot features in the UEFI firmware specification - understood to be required on certified Windows 8 …
John Leyden, 25 Oct 2011
The Register breaking news

'Gozi Trojan trio' blamed for multimillion-dollar bank raid spree

US prosecutors have accused three people of using a bank-account raiding Trojan to infect at least one million computers and steal millions of dollars. Russian national Nikita Kuzmin, 25, Latvian resident Deniss Calovskis, 27, and Mihai Ionut Paunescu, a 28-year-old Romanian, were behind the scam, according to charges filed …
John Leyden, 24 Jan 2013
The Register breaking news

New 'Madi' cyber-espionage campaign targets Iran AND Israel

Security researchers have discovered a new cyber-espionage campaign targeting victims in the Middle East. Kaspersky Lab and Seculert identified more than 800 victims located in Iran, Israel, Afghanistan and elsewhere in the course of monitoring control servers associated with cyber/espionage operation over the last eight months …
John Leyden, 17 Jul 2012
The Register breaking news

Schneier spanks AV industry over Flame failures

Security guru Bruce Schneier has questioned some of the excuses coming from the antivirus industry as to why it is taking them so long to pick up advanced malware like Flame and Stuxnet. Schneier's scolding was inspired by a mea culpa published in Wired by F-Secure's top security man, Mikko Hypponen. He admitted that when Flame …
Iain Thomson, 19 Jun 2012
The Register breaking news

Cyberspies send ZOMBIES to steal DRUGS from medical research firms

Cyber-espionage crews have been targeting the lucrative medical and life science industries using custom malware and spear-phishing, according to new research. According to a current US counterintelligence report which it delivered to US Congress, healthcare services and medical equipment are expected to be two of the five …
John Leyden, 21 Mar 2013
The Register breaking news

'Looming menace' of evil browser extensions to be demo'd this week

A security researcher has developed a proof-of-concept browser botnet extension to illustrate the perils of what he describes as a "looming menace". Zoltan Balazs of Deloitte Hungary developed the code to illustrate the risk from malicious browser add-ons, which he argues anti-virus vendors are ill-equipped to defend against. …
John Leyden, 23 Oct 2012
The Register breaking news

Malware baddies crank up Trojan production

Malware authors have stepped up production rates still further in their efforts to overwhelm anti-virus defences with banking Trojans and other crud. During the first three months of 2011 an average of 73,000 new strains of malware have been created every day: 10,000 more than during the same period last year, according to stats …
John Leyden, 06 Apr 2011