Kaspersky

Flame can sabotage computers by deleting files, says Symantec

The infamous Flame virus can delete files from a computer and is likely the cause of a cyberattack against Iran in April, according to new findings.

Flame was originally identified for its ability to steal data and capture information from keystrokes, PC displays, and audio conversations.

But a new component of Flame uncovered by security firm Symantec gives its operators the power to delete important files from compromised computer systems, Symantec researcher Vikram Thakur revealed yesterday.

Such power means that the virus can disrupt critical software and "completely disable operating systems," Reuters reported based on Thakur's findings.… Read more

Shared code indicates Flame, Stuxnet creators worked together

A chunk of code used in both Stuxnet and Flame shows that the developers of the two pieces of malware shared their work, researchers at Kaspersky Lab said today.

There were two independent developer teams, with Flame development preceding Stuxnet and each team developing its own code platform since 2007-2008 at the latest, the researchers said. Both projects were state-sponsored, and Stuxnet was specifically designed to sabotage Iran's nuclear program, experts believe.

In addition, a previously undiscovered elevation-of-privilege Windows exploit is in Stuxnet.A, an early variant of the malware, Roel Schouwenberg, senior researcher at Kaspersky Lab, said in … Read more

Flame virus can hijack PCs by spoofing Windows Update

The infamous Flame virus can infect even secure PCs by tricking them into believing its malicious payload is actually an update from Microsoft.

As we already know, Flame has gained traction by tapping into security certificates for Microsoft's Terminal Server. Though they appear to be digitally signed by Microsoft, the certificates are actually cooked up by the people behind Flame, thereby tricking PCs into accepting them as legitimate.

Microsoft and Symantec revealed yesterday that the virus can up the ante by using the fake certificates to spoof Microsoft's own Windows Update service. As such, Windows PCs could receive … Read more

Flame malware network based on shadowy domains, fake names

The mysterious Flame malware used domain names registered with fake names to communicate with infected computers in the Middle East for at least four years, researchers said today.

Someone began creating the 86 domains and more than 24 IP addresses that host the command-and-control (C&C) servers as early as 2008, using fake identities and addresses in Austria and Germany to register them with GoDaddy and others, Roel Schouwenberg, senior researcher at Kaspersky Lab, said in a Web conference with reporters this morning. He speculated that stolen credit cards were used for the transactions.

The IP addresses point to … Read more

Flame virus could attack other nations

The Flame virus recently found in Iran could be used to infect other countries, according to the International Telecommunications Union.

As the United Nations agency charged with helping members protect their data networks, the ITU plans to issue a warning about the danger of Flame.

"This is the most serious (cyber) warning we have ever put out," Marco Obiso, cyber security coordinator for the ITU, told Reuters. The warning will paint the virus as a "dangerous espionage tool that could potentially be used to attack critical infrastructure," Reuters added.

Flame was recently identified as a culprit … Read more

Kaspersky to cut phisher lines before they hook you

SAN FRANCISCO--Ever click a link to a Web site and discover that while it looks like your banking site, or Facebook, the URL didn't match your expectations? That's called phishing. Kaspersky revealed a new feature at a reviewer's conference here yesterday that the company says can stop such credential-stealing attacks before you get hooked.

Automatic Exploit Prevention, as the feature is called, is expected in the Kaspersky 2013 security suites due in August. The premise behind it is simple: Phishing attacks are on the rise, due in large part to the plummeting cost of entry to the … Read more

Kaspersky: Apple needs to face up to Mac threats

Last updated: 12:18 p.m. PT.

One of Apple's more outspoken critics investigated the security of the Mac OS, and the company may not be too happy with the results.

Apple is turning a blind eye to the security of its operating system, says Kaspersky Chief Technology Officer Nikolai Grebennikov, who conducted an analysis of the platform independent of Apple. Kaspersky has concluded that the company isn't taking the security of its own platform seriously enough.

In an interview with computing.co.uk, Grebennikov said the Mac is "really vulnerable" to malware, pointing to the … Read more

Kaspersky: Mac security is '10 years behind Microsoft'

Forrester's CEO isn't the only one spouting doom and gloom for Apple today.

Now Eugene Kaspersky, the CEO of security firm Kaspersky Lab, says Apple is headed for a rough patch. However, this one's in the world of computer security, and he says Apple is already getting into the thick of it.

Speaking to Computer Business Review at Info Security 2012 show in London this week, Kaspersky said that when it comes to computer security, Apple's Mac platform was a decade behind Microsoft's, and that it's got some things to learn from its rival. … Read more

Flashback malware removal tool roundup

The Apple community is tackling the Flashback malware threat for OS X. Despite these efforts, the malware is still out there with the potential to infect unpatched Mac systems or even those that are patched, but for which the user fell for the fake Flash updater traps used by earlier variants of the malware.

You can check for the presence of the malware using our instructions or others, or use automated online options such as Dr. Web's checker to determine if your system may be compromised. So far, a number of tools have been released by some reputable security … Read more