trojan

In the latest update to Snow Leopard, Apple included software to protect Mac computers from a Trojan horse that has been distributed by attackers disguised as iPhoto, but which opens a back door on the machine, security firm Sophos said on Friday.

When Apple released OS X 10.6.4 on Tuesday, the company said it addressed certain compatibility issues with VPN connections and other things, but failed to mention anything about adding an anti-malware update.

But buried in the code is an update to the XProtect.plist file, which contains signatures of malware written to target the Mac. The … Read more

The earthquakes in Haiti and Chile, the Toyota recall, and Apple's iPad are just some of the search terms that cybercriminals are using to corrupt search-engine results, according to McAfee's first-quarter Threats Report released Tuesday.

Following a significant rise in search-engine spam last year, the bad guys are adopting the latest items in the news to trick search engines into indexing links that lead to malicious Web sites, the report says (PDF). Like other professionals, cybercriminals use analytics and page ranking to determine the most popular search terms to use to capture their victims, a trend that was … Read more

Though not a grave security risk for Mac users, a new Trojan horse called "OSX/HellRTS.D" has been identified by Intego (developers of VirusBarrier X). The new Trojan is a variant of a backdoor server called "HellRaiser," which was developed to allow full control of an infected PC by a remote attacker.… Read more

Most major U.S. corporations--up to 88 percent of the Fortune 500 companies--may be affected by botnet activity from computers compromised by the Zeus data-stealing Trojan, according to an RSA study released Wednesday.

RSA's FraudAction Anti-Trojan services analyzed data stolen by Zeus from infected computers in August and traced evidence back to IP addresses and e-mail addresses belonging to the corporations, said Sean Brady, manager of the Identity Protection and Verification Group at RSA, which is the security division of EMC.

Specifically, "domains individually representing 88 percent of the Fortune 500 were shown to have been accessed to … Read more

The world's largest botnet, Zeus, has had its traffic disrupted by repeated disconnections of a Kazakhstani ISP, but a series of reconnections has revived its banking Trojan activity, according to security researchers.

The botnet mainly pushes out the Zeus banking Trojan, an information-stealing keylogger that relays sensitive data back to its controllers. The Kazakhstani Internet service provider AS Troyak provides network connectivity to six other ISPs that host Zeus botnet command-and-control servers. On Wednesday, the upstream connectivity to AS Troyak was cut by unidentified agents.

This disconnection resulted in the shutdown of 25 percent of the Zeus botnet, said … Read more

Weren't the folks who ordered an Intel Core i7 surprised when they got a Styrofoam fake instead? Well, yes. But we still haven't heard from Newegg how this happened. However the fake was incredibly well done. So props to that. We also discuss Apple's first iPad ad and Ubisoft's incredible DRM failure.

And the BitTorrent award goes to… http://torrentfreak.com/and-bittorrents-oscar-goes-to-district-9-100307/

Apple airs first iPad commercial during Oscars, Steve Jobs at event http://www.macrumors.com/2010/03/07/apple-airs-first-ipad-commercial-during-oscars/… Read more

Software that can be downloaded for use with the Energizer Duo USB battery charger contains a backdoor that could allow an attacker to remotely take control of a Windows-based PC, Energizer and US-CERT is warning.

"The installer for the Energizer Duo software places the file UsbCharger.dll in the application's directory and Arucer.dll in the Windows system32 directory," the U.S. Computer Emergency Readiness Team said in an advisory on Friday. "Arucer.dll is a backdoor that allows unauthorized remote system access via accepting connections on 7777/tcp. Its capabilities include the ability to list … Read more

More than 74,000 PCs at nearly 2,500 organizations around the globe were compromised over the past year and a half in a botnet infestation designed to steal login credentials to bank sites, social networks, and e-mail systems, a security firm said Wednesday.

The systems were infected with the Zeus Trojan and the botnet was dubbed "Kneber" after a username that linked the infected PCs on corporate and government systems, according to NetWitness.

The Wall Street Journal reported that Merck, Cardinal Health, Paramount Pictures, and Juniper Networks were among the targets in the attack. NetWitness speculated that … Read more

Last week, Firefox users were warned by Mozilla of two add-ons that had been discovered to contain malware and removed from their add-on Web site. Mozilla backtracked on one those add-ons last night, saying that the company had worked with McAfee and determined that the Sothink Web Video Downloader is malware-free.

The initial estimate of 6,000 affected downloads has also been revised downward, to 700 downloads. Mac and Linux Firefox users were not affected by the malware discovery.

Mozilla stated that during the re-testing process that cleared the Sothink add-on, the other add-on thought to be infected, Master Filer, … Read more