As was to be expected, there has been a massive swell of scam emails riding on the coattails of the back-to-back tragedies of the Boston Marathon bombing, and the Texas fertilizer plant explosion. “CAUGHT ON CAMERA: Fertilizer Plant Explosion” reads one bogus subject line; “Aftermath to explosion at Boston Marathon” reads another.
There are few things as comforting to hear as, “Our nuclear program has been compromised again” from an Iranian nuclear facility, but it appears that someone behind a cyber attack, or possibly some snickering 12 year old boys in their parent’s basement, have unleashed a cyberattack on Iran’s Atomic Energy Organization; hard rock-style. That’s right, the latest Iranian nuclear cyberattack has the nuclear physicists shaking all night long to AC/DC rock music; “Thunderstruck” to be exact.
Up until now Mac owners have been relatively safe (and smug) when it came to the infectability of their computers. Worms, trojans, viruses, and other malware were considered to be primarily the domain of Windows. That may have changed last week, however, when the Russian security company, Dr. Web, reported that as many as a half a million Macs are already infected with what is being called the “Flashback Trojan”. Here’s how to know if you have Flashback Trojan, and how to get rid of Flashback Trojan.
The worm that infected an Iranian nuclear site, Stuxnet, or something very much like it, may be getting ready to strike again, say researchers. A recently discovered malware dubbed Duqu (for the prefix of its files, ~DQ, is designed to steal information needed to mount another such attack, and provide remote access to industrial installations such as, well, nuclear plants.
With the release of the new book, Worm: The First Digital World War, the Conficker worm (also known, depending on which variant you have, as Conficker A, Conficker B, Conficker C, Conficker D, Conficker E, and the Conficker Virus) is back in the news. This is a good thing, as it is very much still one of the biggest threats on the Internet, but as it has been around since 2008, it’s been “out of sight, out of mind” for many users, who no longer think about detection and Conficker removal. Here’s a quick refresher on how to tell if you have Conficker (the handy Conficker eyechart) and having been infected with Conficker, how to find a Conficker removal tool so that you can delete Conficker.
The Conficker worm or Conficker virus (also known as Downadup or W32/Downadup), which has been in the news a lot lately, is currently estimated to have infected more than 9 million Windows computers the world over, and continues to spread at an alarming rate. With a $250,000 bounty on its head offered by Microsoft, and set to activate on April 1st, nobody yet knows what the millions of PCs infected by the Conficker worm will be ordered to do, but it’s a sure bet that if and when it happens, it will be nasty. Fortunately there are ways to combat it and even a free Conficker removal tool.
Stupid users are the worst problem on the Internet, according to this survey of more than 600 Internet users.
A new computer worm called Downadup – also known as the Conficker worm – is spreading like wildfire across personal computers, even though it has only been on the scene for a relatively short time. First spotted just weeks ago, in November, the Downadup worm is estimated to already be resident on at least 3 1/2 million PCs.
A new worm is raising havoc for Facebook and MySpace users. Called Koobface (and alternatively the Facebook Worm, MySpace Worm, Facebook Virus, or MySpace Virus), the MySpace and Facebook worm posts messages on Facebook and MySpace with links to what it claims to be a video. When the users follow the Koobface MySpace or Facebook worm link, they are told that they need to update their video player, and to “click here”. Of course, what they download isn’t really a video player update, it’s a trojan called “codecsetup.exe” which allows their computer to be taken over and controlled remotely.
A new Skype worm, known alternately as Ramex, Pykspa, or Skipi (technical names w32/Ramex.A, W32.Pykspa.D, and W32/Skipi.A, respectively), is threatening all Skype users who are running Windows. The worm replicates itself by sending a Skype instant message from the infected user’s machine to everybody in the user’s Skype address book.
The files wgavn.exe and dcpromo.log are really the Cuebot-K worm, also known as W32/Cuebot-K, Backdoor.Win32.IRCBot.st, and Win32/IRCBot.OO. Cuebot-k is a new worm that masks itself as a “Windows Genuine Advantage Validation Notification”, part of Windows Authentication Software (WAS). But it’s really a nasty worm which gives control of your system over to the bad guys. It’s spreading via AOL Instant Messenger (AIM).
The BlackAngel.b worm infects through MSN Messenger, offering the Fantasma video which warns that “en el 1er dia te espantas”, meaning that on the first day you get scared, as indeed you should. The worm sends itself through MSN Messenger messages saying things such as “jaja look a that” or “mira este video”.
A new Yahoo worm being called the “Yamanner worm” is targeting all of Yahoo email; in fact the only version of the Yahoo email program which is at present safe from the Yamanner Yahoo email worm is a not yet fully released beta version of Yahoo mail.