Category: Virus & AntiVirus
New iWorm Worm Specifically Targets OS X – How to Know if Your Mac is Infected
Security researchers have discovered a new worm that specifically targets OS X on Macs, and which controls them through Reddit.com. Dubbed the “iWorm”, or the “Mac.BackDoor.iWorm”, the iWorm was first publicly reported last week on the Dr. Web anti-virus site. There is a way to check to see if you have the iWorm on your Mac, which we explain below.
New Malware Spam Thanks You for Purchasing and Shopping with Them
In the last 24 hours some malicious agent has sent out a massive spam run with a malware payload behind a link to “open your invoice”, “download details” or “open your payment details”. The emails seem to come from senders such as email@example.com, firstname.lastname@example.org, email@example.com, firstname.lastname@example.org, email@example.com and firstname.lastname@example.org, and the text is all very gappy.
Windows XP Users Can’t Connect to Internet After Latest Kaspersky Anti-Virus Update
If you are a Windows XP user running Kaspersky anti-virus and you can’t connect to the internet from your computer, you are not alone. The latest update to the AV software is preventing many users from being able to connect to the internet, causing users to swarm to the Kaspersky forum to grumble.
Computer Users Urged to Disable Java Because of Security Flaws
The U.S. Department of Homeland Security alerted users of Java to a serious and urgent security risk, recommending that users disable Java until a suitable fix has been released. In the statement, the United States Computer Emergency Readiness Team (US-CERT), the branch of the federal government that manages computer security risks, warned that any system using Oracle Java 7 (1.7, 1.7.0) including Java Platform Standard Edition 7 (Java SE 7), Java SE Development Kit (JDK 7) and Java SE Runtime Environment (JRE 7) are at risk.
Study Reveals that as Many as 16% of All Visits to Websites are from Bots, and 26% of All Traffic is “Aberrant”
Bots generate at least 10% of all online traffic, according to data released today by Solve Media, a company that provides security authentication solutions through CAPTCHA-based advertising technology. Solve Media indicates that they have seen a 400% increase in what they term ‘aberrant’ traffic across web-based services such as commenting, voting, registration, contact and commenting.
Cyber Attack Unleashes Most Brutal Attack Yet on Iranian Nuclear Plant: AC/DC
There are few things as comforting to hear as, “Our nuclear program has been compromised again” from an Iranian nuclear facility, but it appears that someone behind a cyber attack, or possibly some snickering 12 year old boys in their parent’s basement, have unleashed a cyberattack on Iran’s Atomic Energy Organization; hard rock-style. That’s right, the latest Iranian nuclear cyberattack has the nuclear physicists shaking all night long to AC/DC rock music; “Thunderstruck” to be exact.
Fake Kindle E-Book Order Confirmations Lead to Malicious Sites
Starting early this morning, a rash of fake Kindle ebook orders hit the Internet. Sent out as part of the Sakura exploit malware, the email is designed to alarm the recipients into thinking that their Amazon accounts have been charged outrageous amounts for ebooks that they didn’t order, going to addresses they don’t recognize (including “Gahanna, United States”), but the links to “your account” actually take the unsuspecting recipients to malicious sites where the Sakura exploit will infect their computer, adding it to their botnet. The subject of the email is usually “Your Amazon.com Kindle e-book order confirmation” or “Your Amazon.com Kindle e-book order receipt” and appears to come from email@example.com “Thanks for your order (your email address)!” the email starts out, going on to say “Did you know you can view and edit your orders online, 24 hours a day? Visit Your Account.” Don’t fall for it!
First Serious Mac Infection: Flashback Trojan
Up until now Mac owners have been relatively safe (and smug) when it came to the infectability of their computers. Worms, trojans, viruses, and other malware were considered to be primarily the domain of Windows. That may have changed last week, however, when the Russian security company, Dr. Web, reported that as many as a half a million Macs are already infected with what is being called the “Flashback Trojan”. Here’s how to know if you have Flashback Trojan, and how to get rid of Flashback Trojan.
Stuxnet Worm that Struck Iran Nuke Site May be on the Move Again
The worm that infected an Iranian nuclear site, Stuxnet, or something very much like it, may be getting ready to strike again, say researchers. A recently discovered malware dubbed Duqu (for the prefix of its files, ~DQ, is designed to steal information needed to mount another such attack, and provide remote access to industrial installations such as, well, nuclear plants.
Conficker Worm Hiding on Millions of PCs Around the World, How to Tell if Your Own PC has the Conficker Worm
With the release of the new book, Worm: The First Digital World War, the Conficker worm (also known, depending on which variant you have, as Conficker A, Conficker B, Conficker C, Conficker D, Conficker E and the Conficker Virus) is back in the news. This is a good thing, as it is very much still one of the biggest threats on the Internet, but as it has been around since 2008, it’s been “out of sight, out of mind” for many users, who no longer think about detection and Conficker removal. Here’s a quick refresher on how to tell if you have Conficker (the handy Conficker eye chart) and having been infected with Conficker, how to find Conficker removal tools so that you can remove Conficker.
The Facebook “Dislike Button” Virus Scam
If a link to “activate dislike button” shows up on your Facebook page – do not, Do Not, DO NOT click that link! The scam link, spreading like wildfire, appears as a post on your wall that says “Facebook just added the dislike button! Click on ‘Activate Dislike Button’ below to enable it on your account!” Of course, the FB dislike button is another Facebook scam, carrying with it a Facebook virus and a bonus of malware that it downloads to your computer in the background.
The “Rejected ACH Transaction Canceled” Scam Email
A brand new scam, trying to get you to download malware, has just hit the Internet. “The ACH transaction recently sent from your checking account (by you or any other person), was canceled by the Electronic Payments Association” says the spam in which it is contained. There is a link to a file that you are supposed to download to “see the details of the report”. Don’t download that file! The file name format is “report_FakeTransaction#.pdf.exe” so, for example, report_33047451352379.pdf.exe. So far the scam mail has pretended to come from NACHA.org, although they are actually coming through an ISP in the Ukraine (ukrtel.net). ACH, by the way, stands for Automated Clearing House, which is a system that processes electronic banking transactions.
New Facebook Virus Spam Offers “Click 2 See Your Stalkers”
“OMG! Its unbeliveable now you can get to know who views your facebook.”. Did someone post that on your Facebook wall? If so, whatever you do, don’t click the link that says “CLICK 2 SEE YOUR STALKERS”!! Yes, it’s just another in a round of Facebook virus spams.
“Web Security” Pop-Up Trojan Making Rounds Again, This Time Attacking Both Windows and Macs
The “Security Alert” trojan, sometimes known as a ‘rogue antivirus’ attack, is making the rounds again. First spotted a few years ago, until recently the “web security” antivirus alert trojan targeted mainly PCs, tricking Windows users into downloading the evil ‘BestAntivirus2011.exe’ file by telling them that “To help protect your computer Windows web security have detected trojans and ready to remove them.” (Note the poor language usage.) Now this same tactic is being used to attack Mac users – all that has changed is the “Windows” to “Apple” and the file name (‘MacProtector.mpkg for Macs’) – even the poor language remains the same! “To help protect your computer Apple web security have detected trojans and ready to remove them.” says the pop-up. Don’t fall for it, and whatever you do, don’t click on “Remove all”, which will cause the malware to be downloaded to your computer.
Fatal Commerical Airplane Crash Caused by Computer Malware
Two years ago, almost to the day, a Spanish airliner belonging to Spanair crashed just after takeoff. Of the 172 people on board, 154 were killed. New information now reveals that one of the airplane’s central computer systems was infected with malware, and that the crash was likely directly attributable to this malware infection.