Articles about malware

Dridex redux, with FTP serving the nasties

Keep your eyes open for yet-another Dridex-based malware attack. Forcepoint researchers spotted the campaign last week, noting that instead of hitting up HTTP links the attackers are targeting compromised FTP sites (and exposing those sites' credentials). The FTP sites in question were used to host the malware sent to victims …
Scary Skeleton Samba

Another round of click-fraud extensions pulled from Chrome Store

A security researcher has claimed that a cumulative half a million Chrome users have been hit by four malicious browser extensions pushing click and SEO fraud. Icebrg's Justin Warner and Mario De Tore spotted the extensions while investigating a spike in outbound traffic from a workstation in a customer's network. The company …
I AM NIKOM / Shutterstock.com

Android snoopware Skygofree can pilfer WhatsApp messages

Mobile malware strain Skygofree may be the most advanced Android-infecting nasties ever, antivirus-flinger Kaspersky Lab has warned. Active since 2014, Skygofree, named after one of the domains used in the campaign, is spread through web pages mimicking leading mobile network operators and geared towards cyber-surveillance. …
John Leyden, 16 Jan 2018
Penguins line up to dive into the icy water from the ice floe.

New Mirai botnet species 'Okiru' hunts for ARC-based kit

A new variant of the notorious Mirai malware is exploiting kit with ARC processors. The nasty, dubbed Okiru, is the first capable of infecting devices powered by ARC CPUs. This is according to Japan-based malware researcher UnixFreaxjp of the infosec group Malware Must Die. RISC-based ARC embedded processors are used in a …
John Leyden, 16 Jan 2018
android

'Mummy, what's felching?' Tot gets smut served by Android app

Researchers have found a batch of over 60 malware-carrying apps in Google's Play Store designed to rob mobile users or show them pornography, all with a kid-friendly theme. The malware, dubbed AdultSwine by security shop Check Point, was found in apps like "Drawing Lessons Lego Star Wars", "Fidget spinner for Minecraft" and " …
Iain Thomson, 12 Jan 2018
webcam

Ohio coder accused of infecting Macs, PCs with webcam, browser spyware for 13 years

A computer programmer has been accused of hacking, committing identity theft, and creating child pornography after allegedly developing custom malware to take control of thousands of computers. Phillip Durachinsky, 28, of North Royalton, Ohio, USA, was indicted on Wednesday on 16 separate charges relating to the alleged …
Iain Thomson, 11 Jan 2018

First shots at South Korea could herald malware campaign of Olympic proportions

A malware campaign has been unleashed against organisations involved with next month's Pyeongchang Winter Olympics. An email1 with a malicious Microsoft Word document attached was sent to a number of groups associated with the event, most of them targeting ice hockey organisations. "The attackers originally embedded an …
John Leyden, 8 Jan 2018
Forever 21 storefront

Shopped in Forever 21? There was bank-card-slurping malware in it for, like, forever

Clothing chain Forever 21 has admitted a malware infection on its cash registers swiped customer payment card details for most of last year. The retailer issued a statement revealing that from how last year, from April 3 to November 18, hackers were able to harvest the payment card details from point of sale (POS) terminals in …
Shaun Nichols, 3 Jan 2018
Lenovo web page editorial use only

SuperFish cram scandal: Lenovo must now ask nicely before stuffing new PCs with crapware

The US government's trade watchdog, the FTC, has finalized its settlement deal with Lenovo on charges the PC builder sold Americans machines crammed with intrusive adware. The Federal Trade Commission kicked off 2018 announcing it has approved a deal that will end lawsuits against Lenovo in more than three dozen US states – as …
Shaun Nichols, 2 Jan 2018
Kim Jong Un

UK, US govt and pals on WannaCry culprit: It woz the Norks wot done it

UK Foreign Office Minister Lord Ahmad of Wimbledon today claimed North Korea was behind the WannaCry ransomware incident. He joins the US government, Canada, Australia, New Zealand, Japan, Microsoft, Google, Kaspersky, Symantec, FireEye, and others, in blaming Kim Jong-un's hackers for unleashing WannaCry on the world. Uncle …
Kat Hall, 19 Dec 2017
botnet

OK, OK, MIRA-I DID IT: Botnet-building compsci kid comes clean

A former New Jersey college student has copped to helping create and run the massive Mirai DDoS botnet. Paras Jha, 21, pleaded guilty this month in an Alaska district court to two counts [PDF, PDF] of conspiracy to commit "fraud and related activity in connection with computers." In plea deals with US prosecutors, unsealed …
Shaun Nichols, 13 Dec 2017
Android

Android flaw lets attack code slip into signed apps

Researchers say a recently patched vulnerability in Android could leave users vulnerable to attack from signed apps. The vulnerability, dubbed Janus, would allow a malicious application to add bytes of code to the APK or DEX formats used by Android applications without affecting the application's signature. In other words, a …
Shaun Nichols, 8 Dec 2017
Microsoft patch

Microsoft emergency update: Malware Engine needs, erm, malware protection

Microsoft has posted an out-of-band security update to address a remote code execution flaw in its Malware Protection Engine. Redmond says the flaw, dubbed CVE-2017-11937, has not yet been exploited in the wild. Because it is an out-of-band critical fix, however, it should be installed as soon as possible. For most users, this …
Shaun Nichols, 7 Dec 2017
Kaspersky

Brit bank Barclays' Kaspersky Lab diss: It's cyber balkanisation, hiss infosec bods

Analysis Barclays has stopped offering free Kaspersky Lab products to new users in a move that shows, like Best Buy, commercial firms can be swayed by governmental stances on dealing with the Russian software firm. best buy Red panic: Best Buy yanks Kaspersky antivirus from shelves READ MORE As El Reg reported yesterday, the UK high …
John Leyden, 5 Dec 2017
jail

Stop us if you've heard this one: Russian hacker thrown in US slammer for $59m bank fraud

A Russian hacker already facing a lengthy prison stay in the US has been sent down for another 14 years for heading up an "organized cybercrime ring" that racked up $59m in damages across America. Roman Valeryevich Seleznev, aka Track2, the 33-year-old son of a Russian MP, was sentenced after being convicted of one count each …
Shaun Nichols, 1 Dec 2017

'Treat infosec fails like plane crashes' – but hopefully with less death and twisted metal

The world has never been so dependent on computers, networks and software so ensuring the security and availability of those systems is critical. Despite this, major security events resulting in loss of data, services, or financial loss are becoming increasingly commonplace. Brian Honan, founder and head of Ireland's first …
John Leyden, 24 Nov 2017
Hacker

Kaspersky: Clumsy NSA leak snoop's PC was packed with malware

Kaspersky Lab, the US government's least favorite computer security outfit, has published its full technical report into claims Russian intelligence used its antivirus tools to steal NSA secrets. Last month, anonymous sources alleged that in 2015, an NSA engineer took home a big bunch of the agency's cyber-weapons to work on …
Iain Thomson, 16 Nov 2017

Crouching cyber Hidden Cobra: US warns Nork hackers are at it again with new software nasty

The FBI and US Homeland Security have issued an alert about a new strain of malware infecting American corporate systems and stealing sensitive data. The remote access trojan (RAT), dubbed Fallchill, is the work of a North Korean hacking group called Hidden Cobra, which some at US-CERT believe was responsible for the WannaCry …
Iain Thomson, 15 Nov 2017

Create a news alert about malware, or find more stories about malware.

Biting the hand that feeds IT © 1998–2018