toggle

AAPL Stock: 112.01 ( -0.53 )

Subscribe to this page now.

New USB thumb drive-sized device can take over computers

12/18, 7:06pm

Requires physical access, but works on OS X, Windows, Linux

A new USB microcontroller -- roughly the size of a small thumb drive -- has been demonstrated as a proof-of-concept device that leverages a serious and unfixable vulnerability in USB easily take over and install malware on any unlocked computer. Though it requires physical access or tricking the user into inserting the controller into a USB port, the device has worrying implications for any computer left unattended for more than a minute -- the time it takes for the device to gain admin access, change network settings, install a backdoor and remove any obvious sign of intrusion.

more

Red October malware updated, targets diplomats, military, executives

12/11, 10:13pm

Un-jailbroken iOS devices safe from attack; Android, Windows smartphones at most risk

Beginning in Russia and spreading quickly to other countries, a new variation on the formerly-dormant Red October malware has been detected by security firms such as Blue Coat and Kaspersky this week. The new version -- which is notably targeting smartphones of diplomats, military leaders and business executives -- contains a level of sophistication in the function and code that suggests a rogue state, which would have the resources to assemble the talent, is backing the attack.

more

Electronic payment gateway Charge Anywhere compromised since 2009

12/10, 10:17pm

Malware gave 'unauthorized person' access to plaintext information for at least 39 days

In a statement, electronic payment gateway provider Charge Anywhere announced that it had discovered "malware that had not been previously detected by any anti-virus program" in their system. The discovery was made after an unnamed party requested the company investigate some unauthorized transactions that appeared to be made legitimately.

more

FBI warns of severe malware attack, likely used in Sony penetration

12/02, 11:36am

FBI gives guidance to major US corporations, including who to notify during attack

While not specifically naming any names, the FBI has warned that a major cyberattack has taken place against US businesses in the last two weeks. The advisory, likely given in the wake of the enormous Sony breach, gives some details about the tools used in the assault, and provides advice to the businesses on how to respond to the package, which includes informing the FBI.

more

Home Depot faces 44 civil lawsuits from breach, spent $43M on fallout

11/26, 5:21pm

Company achieves revenue growth after breach fallout, full impact still unknown

Home improvement retailer Home Depot is still locked into a battle over the security breach it reported in September that put 56 million credit cards at risk. However, the fight is no longer against cyber criminals, but rather consumers affected by the breach and government agencies. To date, the retailer is involved in "at least 44 civil lawsuits" in the US and Canada.

more

Apple says it knows of no actual cases of Masque Attack malware

11/14, 1:31am

Encourages customers to download from trusted sources, notes software warnings

Rebutting advice from the Department of Homeland Security and other sources that have sought to sow fear in users with regards to the "Masque" malware attack, Apple late on Thursday issued a statement saying it is unaware of any actual cases of the malware attacking iOS users. The statement comes on the heels of fast action by the iPhone maker to stop a similar attack dubbed "Wirelurker," in which a now-revoked Enterprise Provisioning certificate was being used to spread potential malware. Apple has not specified if it has fixed the flaw the Masque malware exploits.

more

'Wirelurker' malware targets iOS through OS X enterprise provisioning

11/05, 7:04pm

Can affect non-jailbroken iOS devices; currently distributed through unofficial Chinese store

A new malware threat to iOS has been discovered that can invade the normally well-protected mobile system through a flaw in OS X and USB that allows packages to be installed through enterprise provisioning. Called "WireLurker," the malicious OS X application (once installed) will monitor for new iOS package installs, and then exploits a weakness in USB to install malware into the target iOS device. Once it is installed, the iOS malware tries to harvest personal data like contacts.

more

White House unclassified network infected with malware, purge ongoing

10/29, 9:48am

DoD, other secure networks unaffected, claims White House official

Late Tuesday, the White House information technology department detected what it calls "unusual activity" on an unclassified network used by employees. While administration officials claim that there were no indications that classified networks had been penetrated, Electronista has learned that the entire IT suite for the Executive Office of the President (EOP), classified and not, is being swept and examined for malware suspected to be from a foreign source.

more

Ransomware found on online advertising networks used by major sites

10/24, 11:41am

CryptoWall 2.0 ransomware discovered being pushed by malicious advertisements

A new ransomware attack has been taking place, infecting victims by spreading malware via advertising networks on major sites, a report claims. Appearing on a number of high-profile websites, the malicious advertising pushed the CryptoWall 2.0 ransomware using Flash exploits, encrypting the victim's local storage and demanding a fee to decrypt it before a payment deadline elapses.

more

Kmart suffers huge breach, all shoppers since September likely victims

10/11, 11:22am

Kmart offering identity theft protection, credit monitoring

Sears-owned retailer Kmart has declared that it has suffered a massive data breach. The company said late Friday that a malware attack that began harvesting data from it its point-of-sale computer systems in early September was "new form of malware" and "similar to a computer virus." Few details have been released by Kmart, but the company warns that it could include every shopper between September 1 and Thursday, October 9. Online shoppers were not impacted by the breach.

more

Pro-democracy protesters targeted with malware on iOS, Android

10/02, 1:47am

Malware entry vector not yet identified; may capitalize on jailbreak compromise

In an almost unheard-of claim, Lacoon Mobile Security has said that it has discovered a new spyware attack that targets both iOS and Android devices and which appears to be aimed specifically at Hong Kong pro-democracy protesters. Lacoon says it made the discovery while investigating the Android version, but did not clarify how the malware might be installed, or overcome the security built into iOS that has, thus far, kept it largely immune to serious malware or viruses.

more

Jimmy John's discovers malware-laden POS in July, all-clear given

09/24, 5:56pm

Assault detected July 30, all stores purged by September 5.

Sandwich chain Jimmy John's has reported a security breach, exposing information from customers of 216 locations. According to the chain, the company discovered at the end of July that an unknown assailant stole credentials from a vendor, and accessed the point-of-sale system. This action installed data-collecting malware at some locations between June 16 and September 5 of this year, with most infestations cleared out before the middle of August. The company reports that the security problem has been addressed, and it is once again safe to use credit cards at all stores.

more

Home Depot reveals more details on breach, 56M credit cards at risk

09/18, 8:19pm

Security steps, including terminal removal, outlined, malware evaded detection

More information on the breach of home improvement retailer Home Depot was announced today. While the company still says that only stores in North America are affected by the breach, it now adds that the information from 56 million unique payment cards was at risk. The company provided further insight into the steps taken since the breach, including adding stronger encryption, after the malware from terminals was completely removed.

more

Malware spreading over Twitch chat empties Steam account items

09/14, 3:08pm

Malware injected by raffle link sells items in Steam inventory, trades to specific account

Security firm F-Secure was recently alerted to a wave of malware targeting the Twitch game streaming audience as a way to turn a quick buck. The target of the Windows-based malware infection isn't aimed at stealing credit card information or joining into an click-through advertising botnet, but rather selling items of value that are associated with a Steam account.

more

Home Depot confirms data breach for United States, Canada stores

09/08, 7:18pm

Breach confirmed for April forward as investigation continues, no evidence of PIN theft

An initial investigation by Home Depot into an intrusion of its payment data systems has revealed that its systems were indeed breached. The home improvement retailer began looking into the breach of its systems after it noticed irregular activity and subsequent sale of its customer data last week. Home Depot was apparently hit by the same malware responsible for the breach of Target's systems.

more

Report: Eight high-profile sites hit by browser exploits last week

08/27, 11:45pm

Security firms says malvertising hit sites such as Java, DeviantArt and Photobucket

A "malvertising" campaign made the rounds last week hitting at least eight high-profile websites according to security firm Fox-IT. The firma noticed that the sites were redirecting their visits to other places, allowing it to discover that sites were using vulnerabilities in software like Java and Flash to inject malicious programs. The purpose of the "malvertising" was to infect machines with botnet malware involved in boosting advertisement clicks.

more

UPS Stores hit by 'malware intrusion,' customer data possibly exposed

08/21, 3:30pm

Stores in 24 states affected by breach, spanned up to seven months in some cases

The UPS Store chain of delivery and packaging facilities has reported that a number of its stores have been the target of a "broad-based malware intrusion," adding that customer data could have been accessed. The United Parcel Service (UPS) subsidiary became aware of the breach on July 31, the same day that the Department of Homeland Security sent out notices regarding a malware called "Backoff," according to the New York Times.

more

Synology unable to aid decryption of SynoLocker afflicted devices

08/06, 1:40pm

Malware strikes un-updated Synology NAS units

Synology product users affected by the SynoLocker attack may have lost their files to the cryptoware. Representatives from Synology have informed Electronista that at this time, they are unable to provide assistance recovering data that has been forcibly encrypted by the malware.

more

Android malware tool iBanking commands $5,000 price for attackers

05/21, 8:52pm

Evolving malicious tool adopts service model, grows increasingly complex

The market for malware tools is expanding, including the purchase of pre-made tools for a hefty fee from underground developers. One such tool aimed at Android, iBanking, promises to conduct a number of malicious actions including intercepting text messages, stealing phone information, pulling geolocation data and constructing botnets with infected devices. All it would cost to obtain the program is $5,000, even after its source code leaked earlier in the year.

more

Briefly: Facebook's anti-malware, Pinterest's new analytical API

05/20, 11:00pm

Facebook introduces free downloads of anti-malware software

Facebook has announced that it has added downloadable anti-malware software to its abuse detection and prevention systems. Provided in conjunction with F-Secure and Trend Micro, Facebook's new service is aimed at Windows users with infected devices. A pop-up notification appears upon signing into Facebook on an infected device; the app sends scan notifications within Facebook, and when the scanning is completed, the software uninstalls.

more

Google updates Verify Apps, adds post-install malware scanning

04/10, 3:51pm

Verify Apps updated to check for Android malware regularly after installation

Google is attempting to improve the security of Android, by changing the way it monitors apps on mobile devices. The Verify Apps service, which protects smartphones and tablets by checking the apps for malware at the time of installation and warning over potentially harmful software, will be updated to provide constant on-device monitoring of apps after the installation.

more

Update: Apple pulls malware-ridden fake 'Tor Browser'

03/20, 9:22pm

Media attention succeeds where developer reports failed

Thanks to media attention, Apple has now pulled an adware- and malware-laced fake "Tor browser" app from the App Store, months after it was first reported to be a fraud. The Tor project team has repeatedly complained about the fake app since December, as it was neither submitted by the team nor in any way official, but only when iOS news sites like this one picked up on the story did Apple take action.

more

Target POS malware found, ignored on November 30, December 2

03/13, 10:58am

Malware identified before it sent any customer data outside Target

Reports are circulating that Target knew of its "Black Friday" data breach much earlier than it said it did. Allegedly, the company was alerted by security firm FireEye that there was a potential problem as early as November 30, but no action was taken. Additionally, auditors discovered that Target had disabled features of its security suite that could have removed the infection, prior to it purloining millions of sets of customer's payment method data.

more

Snowden: NSA used false Facebook servers for malware implantation

03/12, 2:04pm

NSA shifting from personal hack to 'industrial scale' widespread attacks

Recently-examined Snowden-leaked documents have shown that the NSA is looking at significantly growing its ability to install malware on a large scale, using automated systems and falsified websites. The documents detail efforts to fake a Facebook server, with the targeted population infected upon visitation of the spoof site.

more

New commercial Android RAT makes creating malware apps easier

03/08, 1:20pm

Remote access tool Dendroid injects malware code into APK files

A HTTP new remote access toolkit (RAT) that is cause for concern has surfaced, according to anti-virus/anti-malware program maker Symantec, which makes turning legitimate Android apps into malware easier than before. The program, Dendroid (tagged as Android.Dendoroid by the security company), offers an easy-to-use commercial solution to inject malicious code for trojan access into APK files for placement on Android marketplaces, bypassing security checks.

more

Report: trojan malware spreading, hiding in other Bitcoin apps

02/13, 12:51am

Now being spread through Bitcoin programs found on download.com

The newly-detected OS X malware dubbed "OSX/CoinThief.A," a "trojan horse" that disguises itself as a copy of a legitimate app, has spread to other Bitcoin applications. SecureMac, an anti-virus software seller, discovered the original implementation of the malware disguised as a pre-compiled version of an open-source Bitcoin tool. It has now been seen pretending to be other Bitcoin apps, some of which are available on Download.com.

more

Briefly: VirusBarrier blocks OSX/Crisis.B., MeteoEarth for Mac

01/09, 10:06am

Trojan horse Flashback botnet returns, Intego VirusBarrier includes protection

The Flashback botnet -- a malware attack which first appeared in 2011 -- has been noted as being still a threat in 2014, according to Intego. Beginning January 2, Intego studied command and control domains, and its sinkhole servers recorded all connections from Macs where Flashback is still active, trying to contact the command and control servers. This research, as of Tuesday, counted 14,248 unique identifiers of Flashback variants.

more

Schmidt claims Android 'more secure' than iOS, draws laughter

10/08, 1:53am

Claims 'real-world' security testing by users makes it better

In the face of security studies that show that more than 90 percent of new mobile malware is found on the Android platform, Google's Chairman Eric Schmidt raised eyebrows and drew laughter at a Gartner symposium and IT expo by refuting a presenter's statement that the platform has serious security and fragmentation issues, claiming both that Android is "more secure than the iPhone," and that access to Google Play eliminates the issue of Android fragmentation.

more

Webroot updates SecureAnywhere antivirus with phishing protection

10/07, 10:09am

More uniform cross-platform interface, offers iOS, Android security

Webroot has launched the latest versions of its SecureAnywhere range of home computer security suites. The new Webroot SecureAnywhere Antivirus, Internet Security Plus, and Internet Security Complete adds new detection technology for protecting against new malware and phishing attacks, along with a redesigned interface for easier monitoring.

more

Feds: Overwhelming majority of mobile malware on Android

08/27, 1:20am

Apple's iOS seen to have 0.7 percent of threats targeting it

A memo written by the US Department of Justice and the Department of Homeland Security last year found that around 79 percent of mobile malware is designed to attack vulnerabilities in Android, with another 19 percent exploiting flaws in the discontinued but still widespread Symbian. Apple's iOS was seen to be threatened by 0.7 percent, while system such as Windows Mobile and BlackBerry drew only 0.3 percent of threats.

more

Researchers get malware app approved by Apple

08/19, 6:15am

More questions raised about Apple app approval process

The security of Apple’s App Store approval process has had its credibility challenged following revelations that it approved an app that was submitted by researchers with remotely assembled malware hidden in its code. According to Technology Review, the team from Georgia Tech monitored the app throughout the approval process and found that Apple only ran the app for a few seconds before approving it. This did give Apple the time to detect the malicious code which subsequently assembled into malware that could steal personal information, device IDs, photos as well as send texts and emails.

more

FBI able to remotely activate, record audio from Android devices, PCs

08/02, 1:14pm

Exploits, malware, tools purchased by FBI for remote surveillance hacks

The Federal Bureau of Investigation is able to listen into and record conversations through microphones connected to computers, as well as through Android smartphones, according to a report. The bureau is said to have used hacking tools, including spyware and other malware, that it has purchased from individuals and hacker collectives to gain access to mobile devices, in order to eavesdrop.

more

Fix coming soon for iOS 'power adapter' hack, says Apple

07/31, 11:12pm

Already in iOS 7 beta; hack demonstrated earlier today

Apple says it has already fixed an obscure security flaw that could have allowed hackers to access data on an iOS device through the use of a specially-designed custom USB device that looks like a charger but in fact contains a tiny Linux-powered computer designed to insert malware. The fix is already present in the most recent iOS 7 beta and will be incorporated into the OS when it is released to the public this fall, the company says, and involves notifying users whenever they connect to another computer, even through the power adapter.

more

New 'ransom' malware exploits JavaScript flaw to plague OS X users

07/15, 11:59pm

Until XProtect updated, only cure is to reset browser

A new bit of "ransomware" that has long been a plague to Windows users has been "ported" to work on Mac browsers, taking advantage of a flaw in JavaScript (not to be confused with Java) to prevent it from being easily dismissed or gotten rid of. The exploit takes advantage of the "restore from crash" to keep bothering the user, and scares them into thinking they must surrender payment information in order to "unlock" their browser and use it normally again, often under threat of persecution. There is a relatively easy fix, though inconvenient.

more

US Commission report: implant malware to stop IP theft worldwide

05/27, 4:54pm

US Government-sponsored report claims China biggest offender

The US Commission on the Theft of American Intellectual Property has released a report, calling for the use of malware and root kits to enforce US corporate-owned copyrights and media. As proposed, the report calls for the infringing file to be "rendered inaccessible and the unauthorized user’s computer could be locked down, with instructions on how to contact law enforcement to get the password needed to unlock the account."

more

New OS X 'KitM.A' malware discovered, mostly impotent

05/16, 4:01pm

App dumps screenshots into a folder, command and control servers inactive

A new semi-functional malware has been found for OSX. Discovered on a computer at the Oslo Freedom Forum by researcher Jacob Appelbaum, the OSX/KitM.A is a backdoor application which launches on boot and captures screenshots on a regular basis, which are then dumped in a folder.

more

Report: iOS app has accidental malware, but not a threat to users

05/07, 12:04am

Trojan horse points to non-functional webpage, part of sound file

A bit of malware -- a Trojan horse file that tries to redirect to a website -- has been found inside an iOS app, but the code has turned out to be harmless. The app in question is called Simply Find It ($2) and comes from a legitimate developer that has produced a number of legitimate games -- suggesting that the malware was probably inserted into the app accidentally. The bigger issue (since there is no direct threat posed by the bad code) is how Apple's testing procedure missed it -- and how two well-known anti-malware scanners couldn't pick up on it either.

more

Report: Android, Symbian liable for for most mobile malware

03/07, 6:17am

BlackBerry, iOS, Windows Mobile have fewest and most innocuous threats

(Updated with Phil Schiller Twitter post) For years, Mac owners have gently rebuffed the myth that the Mac is so resistant to viruses because of "security through obscurity." No, they'd say, it's because the OS is better hardened against threats. Now the malware discussion has moved on to mobile, and that case is being debated anew: the most popular and one of the fastest-fading current cellphone OSes are responsible for a whopping 89 percent of all mobile device malware, while three of the most well-known smartphone platforms -- iOS, Blackberry and Windows Mobile -- have the fewest issues.

more

Adobe issues 'emergency' Flash update to stop new malware

02/07, 10:00pm

Exploits affect both platforms, one targets the Mac specifically

Adobe has issued a patch to update Flash on both the Mac and Windows platform in order to fix two new vulnerabilities already being exploited "in the wild" to spread malware. One of the targeted attacks using the exploit works equally well against Mac users as it does against Windows users. Visitors are tricked into downloading and opening MS Word files that contain malicious Flash content, while the other vulnerability users a similar technique but only affects Windows users.

more

Microsoft, Symantec take down central Bamital botnet servers

02/07, 1:36pm

Users of infected machines warned about malware

Microsoft and Symantec have shut down the Bamital botnet, after obtaining a court order to seize the network's controlling servers. The network, dedicated to redirecting users of computers infected with malware to incorrect search results and online advertisements, is estimated to have earned around $1 million per year for it's operators.

more

Microsoft Security Essentials fails anti-virus security test

01/17, 6:09am

Security program manager challenges test results

Security Essentials, the anti-virus and anti-malware software supplied by Microsoft has failed in anti-virus certification tests. Out of 25 consumer antivirus programs tested by independent laboratory AV-Test in late 2012, only three failed to pass muster, with Microsoft Security Essentials 4.1 being joined by PC Tools Internet Security 2012 and AhnLab Internet Security 8.0.

more

Java zero-day exploit seen in malicious advertising

01/10, 4:29pm

Vulnerability found in Java 7 Update 10

A previously unknown vulnerability in Java is being used online by hackers, according to security researchers. The 0-day exploit has also reportedly been included in two malware toolkits used by hackers, with the best form of protection currently being to turn off the Java plug-in for all browsers until the hole is patched.

more

Report: new Mac malware hides as fake software installer

12/12, 1:50am

Uses 'SMS activation' to hide subscription charge on cell bill

A Russian security firm with a mixed track record is warning about a new malware threat for the Mac, which masquerades as an installer for various types of software. Doctor Web, who claimed to have discovered the malware, says it is widely available on various sites -- though at present it is targeting Russian Mac users. The Trojan is apparently a Mac variation on a widespread Windows and Android trickware ruse that asks users for their cell number in order to send an activation code by SMS.

more

Adobe reveals details of two-month-old server intrusion

09/27, 10:04pm

Authentication server penetrated; code signed as Adobe-authentic

Adobe warned today that an internal digital code signing server was hacked by "sophisticated threat actors" focusing on Adobe. The early-July hack led to the compilation of a minimum of two malicious files that were digitally signed and authenticated as Adobe genuine software. The hack gave the attackers the means to build malware that the operating system views as legitimate Adobe-created software, making it that much harder for security packages to detect and eliminate the threat.

more

Intego unveils iOS version of VirusBarrier as preventative

09/27, 1:29am

Stops infected email, files from passing on Mac or Windows malware

Although iOS is widely considered to be all but completely malware-free, Mac security company Intego has created an iOS version of its malware scanner VirusBarrier that works with all iOS 4.0 and higher devices. The program is mainly used to scan email attachments for potential Windows viruses, but can also detect any Mac or UNIX malware, adware, keyloggers and Trojan Horse-type programs. The program can also scan ZIP archives and files stored in some cloud locations such as Dropbox, FTP and websites or WebDAV disks.

more

Microsoft seizes partial control of Chinese 3322.org botnet

09/14, 1:10am

Hundreds of strains of malware hosted on 70,000 domains

Microsoft announced Thursday that it was granted permission by the US District Court for the Eastern District of Virginia to wrest control of the "Nitol" botnet. In the filing, Microsoft described how it purchased computers from several districts in China, and approximately 20 percent of them came pre-infected with the malware. Titled "Operation B70" by Microsoft, the seizure of the botnet hubs is the latest attack that the manufacturer has undertaken in an attempt to derail large-scale internet crime operations based off of its operating system.

more

Second Mideast energy company struck by unknown virus

09/03, 12:21pm

Energy production not affected, no estimated time of recovery

Another Mideast energy firm has been infected by malware, the second in as many weeks, with energy firm RasGas forced to disconnect itself from the Internet as a precautionary measure after an "unknown virus" overcame countermeasures. Natural gas production has thus far not been affected. Both attacks have been intended for data destruction rather than theft, and spread around internal networks by lurking on shared hard drives.

more

Forum roundup: trouble with malware, Mac minis and more

08/31, 12:26pm

Possibly infected MacBook Pro and more

This week in the MacNN forums one forum member is trying to see if it's possible to install and run Mac OS X on a computer that previously ran Windows, click here to give advice. One disgruntled forum goer is concerned about a MacBook Pro possibly infected with malware, and seeks help to solve the problem.

more

Flame malware extinguished by creators

06/08, 6:56pm

Code auto-uninstalls using newly-sent command

The originators of the accidentally-discovered Flame malware may have sent commands to the controlled machines to delete and overwrite itself. Interestingly, rather than use a pre-existing command in the code, aptly titled SUICIDE, the controllers sent a whole new directive file that assisted in the auto-uninstallation.

more

'Flame' cyber-attack aimed at Middle Eastern countries

05/29, 3:51pm

Complex data vacuum likely government-backed

Russian security firm Kaspersky has uncovered a massive malware attack, referred to as Flame, that is believed to have gathered sensitive data from a wide array of countries, including Israel and Iran. The malware is said to be modular and expandable in a manner reminiscent of a smartphone app library. The BBC reports that the complexity of the malware has led experts to believe that it could only have been developed with the assistance of a government entity.

more

MacNN Sponsor

MacNN Newsletter

FREE Apple, iPhone and Mac Newsletter

  • We will not share your email address with anyone.

    toggle

    Most Popular

    MacNN Sponsor

    Recent Reviews

    Dell AD211 Bluetooth speaker

    For all of the high-priced, over-engineered Bluetooth speakers in the electronics market, there is still room for mass-market solution ...

    VisionTek 128GB USB Pocket SSD

    USB flash drives dealt the death blow to both the floppy and Zip drives. While still faster than either of the old removable media, sp ...

    Kodak PixPro SL10 Smart Lens Camera

    Smartphone imagery still widely varies. Large Megapixel counts don't make for a good image, and the optics in some devices are lackin ...

    toggle

    Most Commented