Apple is planning to release an update in the near future specifically to deal with the MacDefender malware that’s been making the rounds for the last couple of weeks. There’s blood in the water now, though – I wouldn’t be surprised to see significant amounts of new malware on OS X in the near future, now that it’s a proven target.
Macdefender
May 4, 2011Macintosh users – welcome to the fake antivirus party.
A new piece of malware called “Macdefender” has been seen in the wild. It is a Javascript installation inside of a compressed ZIP folder, which means that users running as administrators with “Open Safe Files After Download” checked in Safari will launch and install it automatically. Some users are reporting that they were not even prompted for a confirmation password on the installation.
Leave a Comment » | 
Malware | 
Permalink
Posted by matt
Individual Security
March 29, 2011Are the days of individual computer security behind us? The president of the Australian Internet Industry Association seems to think so.
While security was once implemented on a per-machine basis, new threats require countermeasures at the network and protocol levels. Nowhere is this more obvious than in hosted applications and other SaaS implementations. Man-in-the-middle attacks, session hijacks, even attacks against “cloud” providers are all beyond the capabilities of an individual user to handle.
Brave new world.
Leave a Comment » | Malware | Permalink
Posted by matt
Rustock Takedown
March 23, 2011Brian Krebs has done his usual excellent job outlining the Microsoft takedown of the Rustock botnet. Because of the resiliency of the architecture, a combination of technical and legal maneuvers were employed to seize the control structure of the botnet and render the compromised clients ineffective.
Leave a Comment » | Legal, Malware | Permalink
Posted by matt
Autorun Update
March 3, 2011Microsoft is now pushing out Autorun Update from their Automatic Updates repository. This means that home and SOHO users who are patching their machines from Microsoft, without benefit of WSUS or other management platforms, will have their Autoplay restricted to CDs and DVDs. Since the autoplay of USB keys and other volumes was being badly abused by malware, this is a good thing – just keep it in mind for when your less computer savvy friends call to ask why they aren’t getting that neat popup menu any more when they put in the SD card from their camera.
This update affects WinXP and newer systems.
Leave a Comment » | Exploits, Malware, Windows | Permalink
Posted by matt
Applications Pulled from Android Market
March 2, 2011Google has just removed 21 malicious applications from the Android market – they were all pirated knock-offs of other software, loaded with malware and intended to compromise the handset they were installed upon. Despite their quick action, 50,000 copies had already been downloaded.
Leave a Comment » | Incidents, Malware, Smartphones | Permalink
Posted by matt
New Android Spyware
February 27, 2011Two new pieces of spyware for the Android smartphone platform have shown up this week – unlike past threats, these are spreading in the US and not just in the Chinese market.
SW.SecurePhone looks especially nasty, recording both data within in the phone and sounds in the physical environment and uploading them to a remote server every twenty minutes.
Leave a Comment » | Malware, Smartphones | Permalink
Posted by matt
OddJob
February 22, 2011A new trojan, named OddJob, has been discovered. It surreptitiously hijacks a web banking session, cutting off “logoff” attempts and allowing the criminals who operate the trojan remotely to access victims’ accounts.
This is a nasty one.
Leave a Comment » | Exploits, Malware | Permalink
Posted by matt
Credit Union Breach
January 24, 2011The Pentagon Federal Credit Union, the third-largest Credit Union in America, has suffered a security breach exposing the personal data of an unknown number of members. Their explanation is malware brought in on an infected laptop.
There was a time when you could depend on a firewall to protect your network, when data and work would stay in one place and something like this couldn’t happen. There was also a time when a city had a huge wall around it, with one or two gates. Now people have locks on their individual houses, but apparently, the computing world hasn’t caught up yet.
Leave a Comment » | Malware | Permalink
Posted by matt
Resume of a Trojan Horse
January 24, 2011The Internet Crime Complaint Center has a cautionary tale for prospective employers. An email attachment on a response to an online job posting was actually a Trojan Horse program, used to steal the financial credentials of the hiring company and defraud them of over a hundred thousand dollars.
It might be wise to have a dedicated machine or VM for handling untrusted attachments like that; at the very least, make sure that your antivirus software is up-to-date and use it to explicitly scan unknown attachments before opening.
Leave a Comment » | Malware | Permalink
Posted by matt