Articles about malware

Down the drain - Shutterstock

Security bods liberate EITest malware slaves

One of the world's longest-lived malware networks, EITest, has gone offline. EITest was part of several infection chains, used by attackers to redirect users from legitimate sites to compromised sites that shipped exploit kits. In 2016, for example, it was part of an attack that used shampoo brand Just for Men to push the RIG …
Spy vs Spy cosplayers

Data exfiltrators send info over PCs' power supply cables

If you want your computer to be really secure, disconnect its power cable. So says Mordechai Guri and his team of side-channel sleuths at the Ben-Gurion University of the Negev. The crew have penned a paper titled PowerHammer: Exfiltrating Data from Air-Gapped Computers through Power Lines that explains how attackers could …
Close-up of man undergoing CT scan

Imagine you're having a CT scan and malware alters the radiation levels – it's doable

As memories of last May's WannaCry cyber attack fade, the healthcare sector and Britain's NHS are still deep in learning. According to October's National Audit Office (NAO) report (PDF), 81 NHS Trusts, 603 primary care organisations and 595 GP practices in England and Wales were infected by the malware, with many others in …
John E Dunn, 11 Apr 2018
Delta flight over a beach

Bot-ched security: Chat system hacked to slurp hundreds of thousands of Delta Air Lines, Sears customers' bank cards

Hackers are feared to have swiped sensitive personal information held by two of the best known companies in the US – after malware infected a customer support software maker. Both Sears and Delta Air Lines said Wednesday that hundreds of thousands of customers' payment card numbers, expiration dates, and CVV security codes, …
Shaun Nichols, 5 Apr 2018
A woman in a fur coat looking surprised

Hacks Fifth Avenue: Crooks slurp bank cards from luxury chain Saks

Updated Luxury store chain Saks Fifth Avenue has confirmed it was the victim of a massive cyber-attack that could compromise millions of shoppers. The Fin7 hacking group bragged it compromised Saks' computer systems, and lifted about five million payment cards from those who made purchase at the upscale clothing store's brick-and- …
Shaun Nichols, 2 Apr 2018

Exploit kit development has gone to sh$t... ever since Adobe Flash was kicked to the curb

There was a big drop in exploit kit development last year, and experts have equated this to the phasing out of Adobe Flash. In 2017, exploit kit development declined 62 per cent, with only a few kits including AKBuilder, Disdain and Terror showing significant activity, according to a study by threat intel firm Recorded Future …
John Leyden, 27 Mar 2018
Hacker

Cash-machine-draining €1bn cybercrime kingpin suspect cuffed by plod

European cyber-cops have felt the collar of a bloke suspected of running a network of crims that used malware to pinch €1bn (£874.8m, $1.24bn) from cash machines and other banking systems. The crew developed the software nasty Anunak, later updated to Carbanak, as well as cyber-weapons based on Cobalt Strike's penetration …
Richard Speed, 27 Mar 2018
disk head crash

'R2D2' stops disk-wipe malware before it executes evil commands

Purdue University researchers reckon they've cracked how to protect data against “disk-wipe” malware. Led by Christopher Gutierrez, the team has created a shim of software that analyses write buffers before they reach storage, and if the write is destructive, it steps in to preserve the data targeted for destruction. Dubbed …

Researchers create AI attacker to defeat AI malware defender

Adversarial models, already known to defeat the artificial intelligence behind image classifiers and computer audio, are also good at defeating malware detection. Last year, researchers from NVIDIA, Booz Allen Hamilton, and the University of Maryland probably felt justifiably pleased with themselves when they trained a neural …
Stupid computer

Russian anti-antivirus security tester pleads guilty to certifying attack code

A Russian coder who ran and franchised a dark web service that optimized malware and checked it against antivirus engines has pled guilty to one charge of conspiracy and one charge of aiding and abetting computer intrusion. Jurijs Martisevs was arrested while on a trip to Latvia and extradited to the US after the authorities …
Iain Thomson, 14 Mar 2018
diagram from MOSQUITO research paper

Air gapping PCs won't stop data sharing thanks to sneaky speakers

Computer speakers and headphones make passable microphones and can be used to receive data via ultrasound and send signals back, making the practice of air gapping sensitive computer systems less secure. In an academic paper published on Friday through preprint service ArXiv, researchers from Israel's Ben-Gurion University of …
Thomas Claburn, 12 Mar 2018
Ransomware, photo via Shutterstock

Less than half of paying ransomware targets get their files back

Paying off a ransomware demand is a great way to end up losing both your money and your files. This according a study from security company CyberEdge, which found that for those hit by a ransomware infection the best bet is probably to just restore from a backup. The survey, based on a poll of information security …
Shaun Nichols, 9 Mar 2018

Slingshot malware uses cunning plan to find a route to sysadmins

If you’re trying to hack an organization then pwning the sysadmin's machine gives you the keys to the kingdom, and an advanced malware writer has found a clever way to do just that. The malware, dubbed Slingshot by researchers at Kaspersky Lab and showcased at the firm’s Security Analyst Summit, resides in Mikrotik routers – …
Iain Thomson, 9 Mar 2018

Surprise: Norks not actually behind Olympic Destroyer malware outbreak – Kaspersky

A close analysis of the code that took down part of the 2018 Winter Olympics computer network reveals a cunning plan to seemingly falsely pin the blame on North Korea. On the first day of the games in Pyeongchang, South Korea, the main website crashed, Wi-Fi networks around the events became unusable, and data was wiped from …
Iain Thomson, 8 Mar 2018
blood splatter

RedDrop nasty infects Androids via adult links, records sound, and fires off premium-rate texts

A newly discovered strain of Android malware makes live recordings of ambient audio around an infected device. The RedDrop nasty also harvests and uploads files, photos, contacts, application data, config files and Wi-Fi information from infected kit. Both Dropbox and Google Drive are being used as temporary storage by the …
John Leyden, 2 Mar 2018
A rat sits on a fibre-optic cable

RAT king thrown in the slammer for peddling NanoCore PC nasty

A bloke has been jailed for nearly three years for developing and selling malware that allowed miscreants to snoop on and remote-control victims' Windows PCs. Taylor Huddleston, of Arkansas, USA, pleaded guilty in July 2017 to one charge of aiding and abetting computer intrusions by building and peddling his $25 software nasty …
Shaun Nichols, 27 Feb 2018
Goncalo Esteves' police mugshot. Pic: National Crime Agency

Essex black hat behind Cryptex and reFUD gets two years behind bars

A 24-year-old Essex man behind the reFUD.me antivirus evasion site, who made an estimated half a million pounds from Bitcoin, has been jailed for two years. Goncalo Esteves, of Cape Close, Colchester, England, admitted two computer misuse offences and one charge of money laundering in January. He was sentenced today at …
Gareth Corfield, 15 Feb 2018
hacker

Shock horror! Telegram messaging app proves insecure yet again!

Telegram has fixed a security flaw in its desktop app that hackers spent several months exploiting to install remote-control malware and cryptocurrency miners on vulnerable Windows PCs. The programming cockup was spotted by researchers at Kaspersky in October. It is believed miscreants have been leveraging the bug since at …
Iain Thomson, 13 Feb 2018

Create a news alert about malware, or find more stories about malware.

Biting the hand that feeds IT © 1998–2018