Articles about malware

Chip flinger TSMC warns 'WannaCry' outbreak will sting biz for $250m

Chipmaker TSMC has warned that a previously disclosed virus infection of its Taiwanese plant may cost it up to $250m. The malware struck on Friday, and affected a number of unpatched Windows 7 computer systems and fab tools over two days. "The degree of infection varied by fab," the firm said in an update on Sunday. "TSMC …
John Leyden, 6 Aug 2018
Man in tie smashes printer with baseball bat in a field.

Ever seen printer malware in action? Install this HP Ink patch – or you may find out

HP Inc has posted an update to address a pair of serious security vulnerabilities in its InkJet printers. The firmware update patches CVE-2018-5924 and CVE-2018-5925, two flaws that can be exploited by printing a file that triggers a stack or static buffer overflow, giving you the ability to then execute malicious code on the …
Shaun Nichols, 3 Aug 2018
Coal miners

MikroTik routers grab their pickaxes, descend into the crypto mines

Researchers have found thousands of MikroTik network routers in Brazil serving up crypto-coin-crafting CoinHive code. Trustwave researcher Simon Kenin said this week one or more attackers have exploited a known vulnerability in Mikrotik's enterprise routers to inject error pages with code that uses visitors' machines to mine …
Shaun Nichols, 3 Aug 2018

Well, well, well. Crime does pay: Ransomware creeps let off with community service

Two men who masterminded various Coinvault ransomware infections will carry out 240 hours of community service as punishment for screwing over 1,200 computers and banking around €10,000 (£9k, $12k) in profit. The sentence was handed down by a court in Rotterdam, in the Netherlands, where it was ruled brothers Melvin and Dennis …
Shaun Nichols, 27 Jul 2018
container_ship_hamburg_shutterstock_648

Oh no, what a rough blow: Cosco at a lossco over ransomware tossco

International shipping giant Cosco says it is recovering from an apparent ransomware infection on its American computer network. The biz said late Wednesday that its freight shipping operations will not be impacted, but phone and email systems were down in the US, Canada, and in some of the corp's Panama, and Peru and other …
Shaun Nichols, 26 Jul 2018
Drowning in a smartphone

LabCorp ransomed, 18k routers rooted, a new EXIF menace, and more

Roundup This was the week of blunders by Venmo, million-dollar bank heists, and beefier bug bounties. Here's a few more bits of news. Singapore sting Any large-scale data breach is bad news, but one that results in the loss of the health information of a quarter of the population is downright disastrous. Such was the case in …
Shaun Nichols, 21 Jul 2018
hacker

Scumbag confesses in court: LuminosityLink creepware was my baby

A US software developer has admitted to selling and supporting spyware after originally claiming his remote access tool was legitimate admin software. Colton Grubbs agreed to plead guilty to three felony charges – two counts of conspiracy, and one count of removal of property to prevent seizure – in a US federal district court …
Shaun Nichols, 17 Jul 2018

Kremlin hacking crew went on a 'Roman Holiday' – researchers

Researchers have claimed the infamous APT28 Kremlin-linked hacking group was behind a new cyber-espionage campaign they believe was targeted at the Italian military. Security researchers from the Z-Lab at CSE Cybsec spent the weekend unpicking a new malware-base cyber-espionage campaign allegedly conducted by APT28 (AKA Fancy …
John Leyden, 16 Jul 2018

Now Pushing Malware: NPM package dev logins slurped by hacked tool popular with coders

Updated An unfortunate chain reaction was averted today after miscreants tampered with a widely used JavaScript programming tool to steal other developers' NPM login tokens. The open-source utility eslint-scope was altered by hackers so that, when used to analyze source code, it would copy the contents of the user's ~/.npmrc file to …
Shaun Nichols, 12 Jul 2018
hacker

Ransomware is so 2017, it's all cryptomining now among the script kiddies

The number of organisations affected by cryptomining malware in the first half of 2018 ramped up to 42 per cent, compared to 20.5 per cent in the second half of 2017, according to a new report from Check Point. The top three most common malware variants seen in the first half of 2018 were all cryptominers: Coinhive (25 per …
John Leyden, 12 Jul 2018
Black Market

Infosec defenders' supply chain is inferior to black hats, says Carbon Black CEO

The security industry’s supply chain is currently inferior to that of its attackers, says Carbon Black CEO Patrick Morley, but he thinks the industry is finding ways to fight back. In conversation with The Register yesterday, Morley advanced a theory that exploit brokers, malware authors and other bad actors work together. …
Simon Sharwood, 11 Jul 2018
Open barn door

It's mid-year report time, let's see how secure corporate networks are. Spoiler alert: Not at all

Companies are still leaving basic security flaws and points of entry wide open for hackers to exploit. This according to research from security house Positive Technologies, which says that its penetration testers found that enterprises were rife with things like months-old unpatched vulnerabilities and unsecured access points …
Shaun Nichols, 10 Jul 2018

Brown pants moment for BlueJeans: Dozens of AV tools scream its vid chat code is malware

Programmers at videoconferencing software house BlueJeans have been living through a developer's nightmare the past month or so – antivirus packages falsely labeling their code as malware. A Register reader, who works in corporate IT administration, tipped us off over the weekend that the software had triggered virus alerts on …
Shaun Nichols, 10 Jul 2018

Malware-slinging scum copied D-Link's code-signing certificates to dress up PC nasties

Security researchers have warned that someone's obtained copies of code-signing certificates from two Taiwanese companies – and is using them to sign malware. Abusing code-signing certificates in this way is an attempt to present software nasties as the legitimate product of the vendor whose key signed it. Security vendor …
shutterstock_mobile_theft_648

NSO Group bloke charged with $50m theft of government malware

A former worker at NSO Group – the Israeli biz infamous for selling zero-day exploits to governments nice and nasty – has been charged with stealing his employer's spyware, and trying to sell it for $50m on the black market. The 38-year-old former bod was reportedly told he was going to be fired by his bosses at NSO, and …
Iain Thomson, 6 Jul 2018
Coal miners

How polite: Fun-bucks coin miners graciously ease off CPU pounding

Cryptocurrency-mining malware writers are dialing back their use of your compute cycles in order to avoid detection. This is according to Johannes Ullrich, head of research at SANS, who today pointed out that malicious mining apps are scaling down activity and employing built-in encryption to make them harder for antivirus …
Shaun Nichols, 29 Jun 2018
Cartoon man with panicked expression

Et tu, Gentoo? Horrible gits meddle with Linux distro's GitHub code

If you have fetched anything from Gentoo's GitHub-hosted repositories today, dump those files – because hackers have meddled with the open-source project's data. The Linux distro's officials sounded the alarm on Thursday, revealing someone managed to break into its GitHub organization account to modify software and webpages …
Shaun Nichols, 28 Jun 2018
A security guard asleep

Sophos SafeGuard anything but – thanks to 7 serious security bugs

Companies running Sophos security clients will want to update their software following the disclosure of seven privilege escalation flaws in the security suite. Sophos says its SafeGuard Enterprise Client, LAN Crypt client and Easy software on Windows are all vulnerable to the bugs, which can be exploited by an attacker to run …
Shaun Nichols, 26 Jun 2018

Create a news alert about malware, or find more stories about malware.

Biting the hand that feeds IT © 1998–2018