If you ever see a message or window in Safari or your e-mail client about your system's security being compromised, ignore it! Malware developers and scammers are increasingly focusing on OS X and working to trick Mac users with highly developed Trojan horse attempts, using both software and ominous-looking messages generated in Web browsers and e-mail clients. Recently some rather sophisticated Trojan horse scam software called MacDefender was discovered for OS X, and a similar attempt has surfaced with a Web-based malware-detection facade that tries to get you to download and install malware on your system.
Mac antivirus and security developer Intego has issued a blog report on a new malware threat for OS X systems called "MacDefender" that has surfaced. The threat is a Trojan horse that is being targeted to Mac systems through "Search Engine Optimization (SEO) poisoning" efforts, and uses Safari's "Open Safe Files" feature to run the installer for the malware.
SEO Poisoning takes advantage of common search terms that Google, Yahoo, Bing, and other search engines use to present results, and forces a malicious Web page to the top of the search provider's … Read more
The first three months of the year have so far witnessed a rise in malware and some notable cyberattacks, according to a report released today by Panda Security.
Tracking a big jump in malware (PDF), Panda Security has uncovered on average around 73,000 new types of threats being released every day. That's a 26 percent increase during this year's first quarter compared with the same period in 2010.
Among the various flavors of malware, Trojan horses have accounted for around 70 percent of all threats so far this year. That points to Trojans as a tool favored … Read more
Google apparently has used a kill switch to remove 21 malware-infected apps from both its Android Market and from people's Android devices.
Calling the Trojan the "mother of all Android malware," enthusiast site Android Police said yesterday the infected apps were discovered by a Reddit user. That Reddit user found that pirated versions of legitimate apps were infected by a Trojan called DroidDream, which uses a root exploit dubbed "rageagainstthecage" to compromise a device.
This piece of malware is especially virulent because it apparently cannot only capture user and product information from a device but … Read more
Legitimate Android apps are being compromised by phony versions that masquerade as the real thing but deliver a payload of malware, according to a Symantec blog published yesterday.
Found on unregulated third-party Android markets, malicious versions of legitimate apps like Steamy Window are difficult to distinguish except for their tendency to request permissions that are more excessive than usual, says Symantec. But once installed, these apps carry a new piece of Android malware dubbed Android.Pjapps.
Even running the app doesn't raise a red flag to the user as the fakes closely look and act like the legitimate versions. … Read more
A "back door" in computing terms is a method that hackers use to circumvent a system's authentication features and gain access without being detected. Usually this involves taking advantage of bugs in the built-in sharing services and OS features, but it also can happen if a user inadvertently installs some malware that provides a path around the system's security.
Anytime you start a sharing service on your computer, be it for files, screen sharing, chatting, or printers, you are technically opening a door for a client application running on remote system to connect and change or … Read more
A new Trojan has cropped up and it's targeting Mac OS X users, one security firm says.
According to Sophos, the Trojan, called "BlackHole RAT" by its author and "MusMinim" by the security firm, is a variant of the Remote Access Trojan on Windows. The author of the Trojan says the malware is not yet completed, but it already does some annoying things.
Overall, Sophos believes that the prevalence of the Trojan is relatively low. The malware can be removed by using antivirus software.
If a Mac becomes infected, the Trojan places text files on … Read more
A new Trojan dubbed "OddJob" is stealing people's money by taking over their online banking sessions after they think they've logged off.
The Trojan, which targets Windows-based computers, is being used by criminals in Eastern Europe to steal money from accounts in the United States, Poland, and Denmark, Amit Klein, chief technology officer of Trusteer, writes in a blog post today.
Klein said in an e-mail that he could not identify the banks being targeted or provide an estimate on the number of victims.
"It is early days for this malware," he said. "… Read more
Readers periodically ask about antivirus recommendations for OS X, especially given some of the past rhetoric about Macs not having any viruses. Though it is true that OS X has been relatively free of viruses and other malware, in large part this has been because the small Mac market share has made the platform an insignificant target for malware developers; however, the landscape is steadily changing. Recent reports have shown Apple's market share in the U.S. to be one of the fastest growing, leaving the company just shy of 10 percent market share by some estimates. As the … Read more
Lookout Mobile Security, which just raised fresh capital to boost its fight against mobile malware, said it has identified the peskiest cell phone threat to date.
The Android Trojan, dubbed Geinimi, has cropped up in China and is capable of taking a significant amount of personal data and sending it to remote servers.
Lookout said Geinimi displays botnet-like qualities and is the most sophisticated wireless malware it has seen. Thus far, infected programs have only been seen on various Chinese app stores.
"Geinimi is effectively being 'grafted' onto repackaged versions of legitimate applications, primarily games, and distributed in third-party … Read more