Category: blog
-
DroidKungFu command and control server may be mobile device
Android trojan makes use of root exploit. Researchers at Fortinet have discovered a command and control server for the ‘DroidKungFu’ Android trojan that appears to be a mobile device itself. While malware for mobile devices has become more prevalent in recent months, it is believed attacks are still carried out from static computers and servers.…
-
Outlook spam phishes for SMTP credentials
Login details would give spammers access to legitimate mail servers. A phishing scam has been identified that targets users of Microsoft Outlook and tries to obtain SMTP login credentials. Many internet users send email using their ISP’s mail server which means that, upon setting up their email client, they need to enter the latter’s SMTP…
-
Exploit kit targets customers of air travel websites
SpyEye configuration intercepts personal data submitted to legitimate websites. Security researchers have uncovered a version of the ‘SpyEye’ trojan that steals credit card and bank account details from visitors of two air travel websites. SpyEye, like ‘Zeus’ (which some researchers believe it is related to), is an advanced exploit kit whose ‘customers’ use can configure…
-
Botnet rented for online extortion
Man who threatened World Cup bookmakers with DDoS attack convicted. A German man who hired a botnet and used it to threaten bookmakers with DDoS attacks during the 2010 FIFA World Cup has been convicted of six counts of computer sabotage by a court in Düsseldorf. The man hired a Russian botnet for US$65 a…
-
US court: passwords reasonable security for online banking
Security question considered second authentication factor. A US court has declared that a combination of passwords and ‘security questions’ is an ample way for banks to protect their customers’ online banking accounts. In May 2009, Patco , a Maine-based construction company became infected with the ‘Zeus’ (or ‘Zbot’) trojan which stole the company’s online banking…
-
Sophos red flags Google Analytics
Popular analytics tool mistakenly flagged as ‘high risk’. Security firm Sophos had an embarrassing moment this morning when its scanner flagged Google Analytics as malicious. While the average Internet user may have little experience with Google ‘s analytics tool, it is used by half of the one million most popular websites – to track information…
-
Malicious PHP script hides bad stuff inside ‘white-space’
Spaces and tabs used to encode into binary. Researchers at Kaspersky have discovered a malicious PHP script that uses an inventive way to obfuscate its malicious behaviour. The script, found on a Polish online store, dynamically adds some remotely linked malicious code into the website’s HTML. What is probably more interesting is the way the…
-
Banking malware hosted on Amazon’s cloud servers
Trojan targets mostly Brazilian banks. Researchers have discovered malware hosted on Amazon Web Services that steals victims’ bank account data. Acting as a rootkit, the malware attempts to deactivate at least four different anti-virus programs as well as a special security application used by many Brazilian banks to protect their customers’ online banking accounts. The…
-
Facebook scam serving malware
Attack targeting Windows and Mac users in US and UK. A Facebook scam that is doing the rounds at the moment – claiming to contain a ‘freaky video’ related to the ongoing case concerning former IMF-boss Dominique Strauss-Kahn – is linking to malware. Like many scams, it spreads via Facebook ‘s ‘like’ feature and is…
-
95% of spam monetized through three banks
Financial infrastructure possible bottleneck for spammers. In a recently published paper, researchers from the University of California found that 95 per cent of spamvertised products are monetized through just three banks, thus showing a potential bottleneck that may help in the fight against spam. The researchers looked at almost one billion spamvertised URLs, or 93…