Articles about malware

TNT

Virus (cough, cough, Petya) goes postal at FedEx, shares halted

FedEx has suspended trading of its shares on the New York stock exchange after admitting that its subsidiary TNT Express has been hit by "an information system virus." The big package giant said no information had been stolen by the cyber-nasty and only some offices of TNT Express appear to have been disrupted. After yesterday …
Iain Thomson, 28 Jun 2017

Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide

Analysis It is now increasingly clear that the global outbreak of a file-scrambling software nasty targeting Microsoft Windows PCs was designed not to line the pockets of criminals, but spread merry mayhem. The malware, dubbed NotPetya because it masquerades as the Petya ransomware, exploded across the world on Tuesday, taking out …
Iain Thomson, 28 Jun 2017
kangaroo

WikiLeaks doc dump reveals CIA tools for infecting air-gapped PCs

WikiLeaks has published online more top-secret documents it has obtained from the CIA describing the agency's hacking tools. This time the dossier details software codenamed Brutal Kangaroo that agents can use to infect targets' air-gapped computers with malware. The documents, originally written on May 11, 2015 and revised on …
Iain Thomson, 22 Jun 2017
honda crv engine

Honda plant in Japan briefly stops making cars after fresh WannaCrypt outbreak

Honda said today that it had briefly halted operations at a car plant in Sayama, Japan earlier this week because of the infamous WannaCrypt ransomware. The Japanese car maker halted production for one day at a domestic vehicle plant on Monday after finding samples of the WannaCrypt ransomware in its computer network, Reuters …
John Leyden, 21 Jun 2017
A skull atop money

It's 2017, and UPnP is helping black-hats run banking malware

Another banking malware variant has been spotted in the wild, and it's using UPnP to pop home routers to expose unsuspecting home users, recruited as part of the botnet. McAfee Labs says the new campaign uses a variant of the ancient “Pinkslipbot”, and says it uses Universal Plug'n'Play (UPnP) to open ports through home …
Office Space

If you haven't already obliterated your Jaff-infected comp, there is an antidote available

Security researchers have developed a free decryption tool for victims of the ‪Jaff‬ ransomware, meaning they can regain access to files without paying crooks. The utility – developed by boffins at Kaspersky Lab – works on all variants released to date. Of course there is still the possibility that the criminals behind Jaff …
John Leyden, 15 Jun 2017

Don't all rush out at once, but there are a million devices ripe to be the next big botnet

A wormable vulnerability involving an estimated one million digital video recorders (DVR) is at risk of creating a Mirai-style botnet, security researchers warn. UK-based security consultancy Pen Test Partners said that the issue stems from a zero-day (unpatched) flaw in networking software from Chinese manufacturer XiongMai …
John Leyden, 15 Jun 2017

Don't touch that mail! London uni fears '0-day' used to cram network with ransomware

Updated University College London is tonight tackling a serious ransomware outbreak that has scrambled academics' files. It is feared the software nasty may be exploiting a zero-day vulnerability, or is a previously unseen strain of malware as antivirus defenses did not spot it in time, we're told. Eggheads at the UK uni are urged to …
Shaun Nichols, 14 Jun 2017
Raspberry Pi Official Case

Raspberry Pi sours thanks to mining malware

Anti-virus vendor Dr. Web has found something nasty: malware named “Linux.MulDrop.14” that turns the Raspberry Pi into a cryptocurrency mining machine. To catch the malware you'll need to leave your rPi on with SSH ports open. If you've done so and the malware's scripts make their way in to your Pi, they'll install zmap, …
Simon Sharwood, 13 Jun 2017

Move over, Stuxnet: Industroyer malware linked to Kiev blackouts

Security researchers have discovered malware capable of disrupting industrial control processes. Industroyer can cause the same sort of damage as BlackEnergy, a malware strain blamed for attacks on energy firms that caused blackouts in Ukraine in December 2015. The malware may have featured in follow-up attacks last December …
John Leyden, 12 Jun 2017

Say hello to Dvmap: The first Android malware with code injection

A powerful Android trojan with novel code injection features that posed as a game was distributed through the Google Play Store before its recent removal. The Dvmap trojan installs its malicious modules while also injecting hostile code into the system runtime libraries. But Dvmap has other tricks up its sleeve. Once …
John Leyden, 9 Jun 2017
Britney Spears Instagram showing C&C comment

Russian hackers and Britney Spears in one story. Are you OK, Reg?

The malware scum behind the ongoing Turla campaign have been spotted experimenting with Instagram accounts as a C&C channel. The Russian-sourced (and allegedly state-backed) Turla espionage tool has repeatedly re-emerged since its discovery in 2014. ESET has turned up a Firefox extension that implements a simple backdoor on …

Goodness gracious, great Chinese 'Fireball' malware infects 250m systems worldwide

A strain of Chinese browser-hijacking malware dubbed Fireball has infected 250 million computers. The malware takes over web browsers and turns them into zombies, security firm Check Point warns. Fireball is capable of executing any code on the infected machines, resulting in a wide range of actions from stealing credentials …
John Leyden, 2 Jun 2017
judy

Android apps punched out by Judy malware

As many as 36.5 million Android users may have been infected by advertising fraud malware that could have been lurking in Google Play Store for years. The malware, dubbed "Judy" by the researchers at Check Point who discovered it, was found in 41 apps in the Store, all made by Korean publisher ENISTUDIO. While Google has now …
Iain Thomson, 30 May 2017
A Chipotle store

Chipotle: Hackers did to our registers what our burritos did to your colon

Fast-food chain Chipotle says hackers infected its point of sale terminals to gain access to card data from stores in 47 states and Washington, DC. The self-described "Mexican Grill" says that the malware was active earlier this year from March 24 to April 18, when it was detected, triggering the company to issue an alert. " …
Shaun Nichols, 26 May 2017
 Donald Trump . Editorial use only. Editorial Credit: a katz / Shutterstock.com

TRUMP SCANDAL! No, not that one. Or that one. Or that one. Or that one.

The FBI and CIA are investigating an attempted hack on the Trump Organization. According to a report from ABC citing unnamed officials with the intelligence agencies, it is believed someone overseas attempted to breach the President's international real estate holding company. The report claims that officials and …
Shaun Nichols, 26 May 2017
Liam Neeson, Taken

Feeling Locky, punk? Ransomware grew eight-fold last year

Ransomware saw a more than eight-fold (752 per cent) increase as a mode of attack in 2016, according to Trend Micro. The infosec firm estimates file-scrambling malware families such as Locky and Goldeneye raked in $1 billion in 2016. 2016 was the year when ransomware ruled, and this danger has been maintained by recent …
John Leyden, 24 May 2017
malware

64-bit malware threat may be itty-bitty now, but it's only set to grow

The volume of 64-bit malware in the wild remains low even though computers running 64-bit operating systems became ubiquitous years ago. The vast majority (93 per cent) of new computers sold worldwide operate on 64-bit Windows but most nasties were written to infect 32-bit systems, according to a new study by security firm …
John Leyden, 24 May 2017

Create a news alert about malware, or find more stories about malware.

Biting the hand that feeds IT © 1998–2017