Articles about malware

botnet

OK, OK, MIRA-I DID IT: Botnet-building compsci kid comes clean

A former New Jersey college student has copped to helping create and run the massive Mirai DDoS botnet. Paras Jha, 21, pleaded guilty this month in an Alaska district court to two counts [PDF, PDF] of conspiracy to commit "fraud and related activity in connection with computers." In plea deals with US prosecutors, unsealed …
Shaun Nichols, 13 Dec 2017
Android

Android flaw lets attack code slip into signed apps

Researchers say a recently patched vulnerability in Android could leave users vulnerable to attack from signed apps. The vulnerability, dubbed Janus, would allow a malicious application to add bytes of code to the APK or DEX formats used by Android applications without affecting the application's signature. In other words, a …
Shaun Nichols, 8 Dec 2017
Microsoft patch

Microsoft emergency update: Malware Engine needs, erm, malware protection

Microsoft has posted an out-of-band security update to address a remote code execution flaw in its Malware Protection Engine. Redmond says the flaw, dubbed CVE-2017-11937, has not yet been exploited in the wild. Because it is an out-of-band critical fix, however, it should be installed as soon as possible. For most users, this …
Shaun Nichols, 7 Dec 2017
jail

Stop us if you've heard this one: Russian hacker thrown in US slammer for $59m bank fraud

A Russian hacker already facing a lengthy prison stay in the US has been sent down for another 14 years for heading up an "organized cybercrime ring" that racked up $59m in damages across America. Roman Valeryevich Seleznev, aka Track2, the 33-year-old son of a Russian MP, was sentenced after being convicted of one count each …
Shaun Nichols, 1 Dec 2017

'Treat infosec fails like plane crashes' – but hopefully with less death and twisted metal

The world has never been so dependent on computers, networks and software so ensuring the security and availability of those systems is critical. Despite this, major security events resulting in loss of data, services, or financial loss are becoming increasingly commonplace. Brian Honan, founder and head of Ireland's first …
John Leyden, 24 Nov 2017
Hacker

Kaspersky: Clumsy NSA leak snoop's PC was packed with malware

Kaspersky Lab, the US government's least favorite computer security outfit, has published its full technical report into claims Russian intelligence used its antivirus tools to steal NSA secrets. Last month, anonymous sources alleged that in 2015, an NSA engineer took home a big bunch of the agency's cyber-weapons to work on …
Iain Thomson, 16 Nov 2017

Crouching cyber Hidden Cobra: US warns Nork hackers are at it again with new software nasty

The FBI and US Homeland Security have issued an alert about a new strain of malware infecting American corporate systems and stealing sensitive data. The remote access trojan (RAT), dubbed Fallchill, is the work of a North Korean hacking group called Hidden Cobra, which some at US-CERT believe was responsible for the WannaCry …
Iain Thomson, 15 Nov 2017
OnePlus 2 backs

Heads up: OnePlus phones have a secret root backdoor and the password is 'angela'

Updated An apparent factory cockup has left OnePlus Android smartphones with an exposed diagnostics tool that can be potentially exploited to root the handsets. Security researcher Robert Baptiste suggested the EngineerMode APK was made by Qualcomm, and was intended to be used by factory staff to test phones for basic functionality …
Shaun Nichols, 14 Nov 2017
threats image

Microsoft pals up with partners for threat-hunting

Windows Defender Advanced Threat Protection first landed as a public preview in September, and now its general availability, Microsoft has announced a bunch of partners to give it cross-platform support: Bitdefender for Linux and macOS, Lookout for iOS and Android, and Ziften for macOS and Linux). With Bitdefender's …

Crumbs! Crunchyroll distributed malware for a couple of hours

Popular anime streamer Crunchyroll is warning users to check their systems for malware, after attackers got access to its Cloudflare config and targeted Windows users with a malicious file. The attack only lasted 150 minutes – from 0330 to 0600 Pacific Time on Sunday November 5 (when owner Ellation took the site down). As the …
malware_security_648

Hackers abusing digital certs smuggle malware past security scanners

Malware writers are widely abusing stolen digital code-signing certificates, according to new research. Malware that is signed with compromised certificates creates a means for hackers to bypass system protection mechanisms based on code signing. The tactic extends far beyond high profile cyber-spying ops, such as the Stuxnet …
John Leyden, 1 Nov 2017
Image by Dr Flash http://www.shutterstock.com/gallery-182053p1.html

Bootkit ransomware baddy hops down BadRabbit hole in Japan

A new strain of ransomware is apparently being used for targeted attacks in Japan. MBR-ONI, a new bootkit ransomware, relies on modified version of a legitimate open-source disk encryption utility called DiskCryptor for its encryption routines – the same tool abused by the Bad Rabbit ransomware last week. While ONI and the …
John Leyden, 31 Oct 2017

Reaper IoT botnet ain't so scary, contains fewer than 20,000 drones

The Reaper IoT botnet is nowhere near as threatening as previously suggested, according to new research. Check Point Software Technologies warned last week that a new IoT botnet might have already infected "an estimated million organisations". Boffins at Arbor Networks, however, estimate that the actual size of the Reaper …
John Leyden, 27 Oct 2017

Hop on, Average Rabbit: Latest extortionware menace flopped

As the dust settles from Tuesday's Bad Rabbit ransomware outbreak, it's already clear that it is far less severe than the WannaCrypt and NotPetya infections from earlier this year. Bad Rabbit claimed notable victims including the media agency Interfax and was largely contained in Russia and Ukraine, as previously reported. …
John Leyden, 26 Oct 2017
Android

Google Play Protect is 'dead last' at fingering malware on Android

Last month, German software testing laboratory AV-Test threw malware at 20 Android antivirus systems – and now the results aren't particularly great for Google. Its Play Protect system, which is supposed block malicious apps from running on your handheld, was beaten by every other anti-malware vendor. When exposed to recent …
Iain Thomson, 26 Oct 2017

Watership downtime: BadRabbit encrypts Russian media, Ukraine transport hub PCs

Updated Computers at Russian media outlets and Ukraine's transport hubs were among Windows PCs infected and shut down today by another fast-spreading strain of ransomware. Corporate systems within Interfax and two other major Russian news publishers had their files encrypted and held to ransom by malware dubbed BadRabbit. In Ukraine, …
John Leyden, 24 Oct 2017
Elmedia

Malware hidden in vid app is so nasty, victims should wipe their Macs

It's going to be an unpleasant weekend for some Mac users who are facing a complete system wipe and reinstall – after hackers stashed malware in legitimate applications. Eltima Software, which makes the popular Elmedia Player and download manager Folx, today confessed the latest versions of those two apps came with an …
Iain Thomson, 20 Oct 2017

Canadian govt snoops emit their own malware detection tool, eh

Canada's Communications Security Establishment has open-sourced its own malware detection tool. The Communications Security Establishment (CSE) is a signals intelligence agency roughly equivalent to the United Kingdom's GCHQ, the USA's NSA and Australia's Signals Directorate. It has both intelligence-gathering and advisory …
Simon Sharwood, 20 Oct 2017

Create a news alert about malware, or find more stories about malware.

Biting the hand that feeds IT © 1998–2017