Articles about malware

Drowning in a smartphone

LabCorp ransomed, 18k routers rooted, a new EXIF menace, and more

Roundup This was the week of blunders by Venmo, million-dollar bank heists, and beefier bug bounties. Here's a few more bits of news. Singapore sting Any large-scale data breach is bad news, but one that results in the loss of the health information of a quarter of the population is downright disastrous. Such was the case in …
Shaun Nichols, 21 Jul 2018
hacker

Scumbag confesses in court: LuminosityLink creepware was my baby

A US software developer has admitted to selling and supporting spyware after originally claiming his remote access tool was legitimate admin software. Colton Grubbs agreed to plead guilty to three felony charges – two counts of conspiracy, and one count of removal of property to prevent seizure – in a US federal district court …
Shaun Nichols, 17 Jul 2018

Kremlin hacking crew went on a 'Roman Holiday' – researchers

Researchers have claimed the infamous APT28 Kremlin-linked hacking group was behind a new cyber-espionage campaign they believe was targeted at the Italian military. Security researchers from the Z-Lab at CSE Cybsec spent the weekend unpicking a new malware-base cyber-espionage campaign allegedly conducted by APT28 (AKA Fancy …
John Leyden, 16 Jul 2018

Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders

Updated An unfortunate chain reaction was averted today after miscreants tampered with a widely used JavaScript programming tool to steal other developers' NPM login tokens. The open-source utility eslint-scope was altered by hackers so that, when used to analyze source code, it would copy the contents of the user's ~/.npmrc file to …
Shaun Nichols, 12 Jul 2018
hacker

Ransomware is so 2017, it's all cryptomining now among the script kiddies

The number of organisations affected by cryptomining malware in the first half of 2018 ramped up to 42 per cent, compared to 20.5 per cent in the second half of 2017, according to a new report from Check Point. The top three most common malware variants seen in the first half of 2018 were all cryptominers: Coinhive (25 per …
John Leyden, 12 Jul 2018
Black Market

Infosec defenders' supply chain is inferior to black hats, says Carbon Black CEO

The security industry’s supply chain is currently inferior to that of its attackers, says Carbon Black CEO Patrick Morley, but he thinks the industry is finding ways to fight back. In conversation with The Register yesterday, Morley advanced a theory that exploit brokers, malware authors and other bad actors work together. …
Simon Sharwood, 11 Jul 2018
Open barn door

It's mid-year report time, let's see how secure corporate networks are. Spoiler alert: Not at all

Companies are still leaving basic security flaws and points of entry wide open for hackers to exploit. This according to research from security house Positive Technologies, which says that its penetration testers found that enterprises were rife with things like months-old unpatched vulnerabilities and unsecured access points …
Shaun Nichols, 10 Jul 2018

Brown pants moment for BlueJeans: Dozens of AV tools scream its vid chat code is malware

Programmers at videoconferencing software house BlueJeans have been living through a developer's nightmare the past month or so – antivirus packages falsely labeling their code as malware. A Register reader, who works in corporate IT administration, tipped us off over the weekend that the software had triggered virus alerts on …
Shaun Nichols, 10 Jul 2018

Malware-slinging scum copied D-Link's code-signing certificates to dress up PC nasties

Security researchers have warned that someone's obtained copies of code-signing certificates from two Taiwanese companies – and is using them to sign malware. Abusing code-signing certificates in this way is an attempt to present software nasties as the legitimate product of the vendor whose key signed it. Security vendor …
shutterstock_mobile_theft_648

NSO Group bloke charged with $50m theft of government malware

A former worker at NSO Group – the Israeli biz infamous for selling zero-day exploits to governments nice and nasty – has been charged with stealing his employer's spyware, and trying to sell it for $50m on the black market. The 38-year-old former bod was reportedly told he was going to be fired by his bosses at NSO, and …
Iain Thomson, 6 Jul 2018
Coal miners

How polite: Fun-bucks coin miners graciously ease off CPU pounding

Cryptocurrency-mining malware writers are dialing back their use of your compute cycles in order to avoid detection. This is according to Johannes Ullrich, head of research at SANS, who today pointed out that malicious mining apps are scaling down activity and employing built-in encryption to make them harder for antivirus …
Shaun Nichols, 29 Jun 2018
Cartoon man with panicked expression

Et tu, Gentoo? Horrible gits meddle with Linux distro's GitHub code

If you have fetched anything from Gentoo's GitHub-hosted repositories today, dump those files – because hackers have meddled with the open-source project's data. The Linux distro's officials sounded the alarm on Thursday, revealing someone managed to break into its GitHub organization account to modify software and webpages …
Shaun Nichols, 28 Jun 2018
A security guard asleep

Sophos SafeGuard anything but – thanks to 7 serious security bugs

Companies running Sophos security clients will want to update their software following the disclosure of seven privilege escalation flaws in the security suite. Sophos says its SafeGuard Enterprise Client, LAN Crypt client and Easy software on Windows are all vulnerable to the bugs, which can be exploited by an attacker to run …
Shaun Nichols, 26 Jun 2018
A gamer playing Fortnite

Want to know what all that Fortnite hype is about? Whoa, Android fans – mind how you go

With online gaming hit Fornite set to make its debut on Android, malware writers are already playing on the game's hype to ensnare victims. Multiple reports have emerged of Android malware packages being disguised as the Epic Games multi-player battle royale-style shooting game, and experts want users to exercise caution , and …
Shaun Nichols, 21 Jun 2018

(Cryptographically) sign me up! Android to take bad app checks offline

Google says Android will no longer require an internet connection to check whether applications are legit or potentially malicious. From now on, the Play Store will embed metadata into apps' APKs that will be used to check whether or not the software is authentic, and confirm whether it came through the official Google souk or …
Shaun Nichols, 20 Jun 2018

Not so private eye: Got an Axis network cam? You'll need to patch it, unless you like hackers

Researchers have detailed a string of vulnerabilities that, when exploited in combination, would allow for hundreds of models of internet-linked surveillance cameras to be remotely hijacked. Security biz VDOO said today it privately alerted cam-maker Axis Communications to the seven bugs it found in its gizmos, leading to the …
Shaun Nichols, 18 Jun 2018
Rat sillhouettes - Shutterstock

US-CERT warns of more North Korean malware

The United States Department of Homeland Security's Computer Emergency Response Team (US-CERT) has warned against another malware campaign it says originates from North Korea. In its advisory, US-CERT said the “Typeframe” malware “includes malware descriptions related to HIDDEN COBRA”, the tag applied to a North Korean hacking …

What got breached this week? Ticket portals, DNA sites, and Atlanta's police cameras

Roundup This week brought new charges for Marcus Hutchins, a novel way to sneak malware into archives, and shady hotspots for World Cup fans. There was also plenty of other security bits that didn't quite make the headlines. Here are some of the best. Apple wants to be cert-ain on certs Apple is going to make it harder for sites to …
Shaun Nichols, 9 Jun 2018

Create a news alert about malware, or find more stories about malware.

Biting the hand that feeds IT © 1998–2018