Archive for: virus
Learning of hundreds of email accounts being hacked isn’t exactly the news Google wants the world to be hearing and reading as they continually try to push into the security-conscious enterprise market, even more-so when several of the hacked accounts include senior government officials, military personnel, Chinese political activists and journalists. But that’s the situation Google finds them self in this week. Thankfully the actual threat isn’t as bad as it could be. Currently reports state that the accounts were compromised by using phishing sites posing as the real deal which careless/unaware users then in turn entered their information into the fake page/login box.
Google stated that the attack occurred completely outside of Google’s servers and that the hackers did not in any way infiltrate their security. With that said, technological incompetence on the users’ end is just as dangerous as hackers actively hacking into a website or service.
If you thought the Mac virus/malware scene was about to dry up due to Apple’s relatively quick response in regards to the MacDefender malware which would steal credit card information, think again. Mac Security Blog (Intego) has discovered a new version of Mac Defender that ups the ante. Specifically, the old dead giveaway that the software was fake — a Windows screen being the OS X preview — has been replaced with an OS X-style window.
With that said, the people behind this annoying malware still have some work cut out for them — the fonts are all wrong and the alerts are not specific to Mac.
Nonetheless, the risk is still there. If you notice the alert above or see a folder labeled “anti-malware.zip” in your downloads folder, do not install or open it. As of writing, the application is still called “MacSecurity”.
Apple may be staying quiet (publicly) concerning the recent MacDefnder malware scam, but that doesn’t mean they aren’t hard at work behind the scenes. Previously, leaked intel from Apple stores across the country painted Apple’s initial stance in a rather arrogant and anti-consumer light — they were advising Apple employees to refrain helping customers remove any potential malware or even advising customers where to seek further help. While on the surface this sounds like a rather coarse move on Apple’s part (and we’ll be honest, it is), another large OS maker takes a similar though not quite so harsh stance.
With that said, Apple has released a new support document detailing how users can easily and quickly rid their Macs of MacDefnder malware while also highlighting an upcoming fix that will kill said software automatically.
The jury is still out on just how large the Mac virus/malware scene will get. Ask any Mac enthusiast and they’ll say Apple’s tightly controlled ship will weed out most of the malware and virus issues. Others, however, say that larger problems are inevitable.
At least for now it appears a crisis has been averted.
Thanks to a recent interview between AT&T’s enterprise captain John Stankey and Reuters, it has been revealed that a consumer-grade security service for smartphones is coming in 2012. As smartphones become more important in the daily lives of consumers and traditional computing device usage wanes, hackers will turn their efforts towards the mobile world. Currently, the security/anti-virus/anti-malware service is being focused on enterprise enterprise customers, however, Stankey admits that the company is also looking at the consumer sector.
Unfortunately, while the new security service was acknowledged, any features we might see as well as supported platforms were left out. If we assume that the service will require some sort of client-side app or service, we can effectively rule out Apple’s iPhone which doesn’t allow non-sanctioned apps outside of the Apple App Store to be installed (legitimately). That leaves Android, BlackBerry, and webOS as the only other major contenders. Though the unstoppable popularity of Android and recent increase in Android-related attacks signals that said platform is high on the list of AT&T’s concerns.
It’s inevitable that our smartphones will one day have anti-virus/malware software and services like our desktop and laptop computers given the increasing power they contain. Perhaps that day is closer than we thought?
Mac users in search of virus software, particularly “MAC Defender” need to be more cautious going forward. Security firm Intego has identified a fake version of MAC Defender that steals credit card information instead of providing any actual protection.
The app itself looks very Mac-like which is why it can catch unassuming users off guard fairly easily. Of course, the giveaway comes in the form of various pop-up pornographic ads and a link to a fake MAC Defender website asking you to choose a paid yearly package of service. You have to click through and choose one in order to register MAC Defender and in turn, uninstall the app. Intego pimps their own VirusBarrier X5 and X6 software as the best way of catching and removing the MAC Defender trojan.
Such stories may sound scary, but in the end it just comes down to common sense. Don’t carelessly install applications or agree to pay for services you’re that randomly appear on screen or that you’re not certain of. In the end, MAC Defender won’t “spread” to other computers or contacts. It will just steal your money. Bad, yes. End of the world, no.
Happy Browsing…
Earlier today and into the evening hours, news has begun circulating telling tales of a new iOS virus building momentum as unsuspecting jailbreak/unlock seekers click tainted links via their iPHone. Said links looks something like “UNLOCK NOW FREE”. But instead of unlocking your iPhone when clicking on the accompanying link, the user is presented with a 10-15 second animation, after which, text is displayed on screen saying: “DOWNLOAD UNLOCK 2 NOW FREE”. Finally, the anti-climactic climax involves all of your data being deleted from your iPhone and SIM card.
We’d like to take a moment to reiterate adopting a standard practice of only clicking on links you’re 100% certain are real and to never (repeat: never) click on links within emails, texts, IMs, etc.
If you’ve got a friend or two who also happen to own an iPhone, you may want to share this little tidbit of information. That’s what friends are for, right?
If you’re a fan of less than legal means of obtaining music, videos, and/or apps, avoid downloading the free “Walk and Text” app from the Android market. While it may seem like a deal considering the real Walk and Text seels for $1, it’s actually far from it — it’s a trojan. It isn’t the most nefarious of trojans, though it’s damaging nonetheless.
Once downloaded, this fake Walk and Text app grabs such information as your phones IMEI number, contact list, and other private data which is then sent back to a remote server. From there, every single contact in your contact list with a phone number is a text message saying:
“Hey, just downloaded a pirated App of the Internet, Walk and Text for Android. I’m stupid and cheap, it costed only 1 buck. Don’t steal like I did!”
Yeah, pretty embarrassing not only because it makes you look like a thieving idiot, but also a thieving idiot who doesn’t have a good grasp on basic English grammar. Of course, if you don’t have a texting plan, paying for several hundred text messages at ~$0.20 a pop won’t be all that entertaining either. You’ve been warned…
If you thought no one could possibly be as stupid as Sony was several years back when it was found that they purposely distributed CDs that would install rootkits on customers’ computers, think again. Samsung is in the house with a new, even further reaching action — pre-installing keylogging software on new computers.
An article by Eset highlights a 2 – part story which involves a Norwich University graduate, Mohamed Hassan, who discovered a key logger on two brand new Samsung laptops. What’s startling is that the keylogger in question (dubbed “StarLogger”) records text and takes screenshots of the screen, making it even harmful than Sony’s rootkit of the early 2000′s.
Hassan reports that he found StarLogger first on a Samsung R525, and at a later date an R540 from a completely different store. When Mr. Hassan contacted Samsung, he was at first met with several denials and shrugging shoulders. But with a little persistance, Samsung CS finally broke down; they installed the keyloggers to gain customer usage information. Concerned consumers can easily and quickly determine if their computer is infected by checking the C drive for a folder called “SL”, specifically “c:\windows\SL”.
Under no circumstances is a keylogger pre-installed by the manufacturer (or anyone for that matter) ok or necessary. Back in ’04, Sony ended up paying almost $600 million out in fines and compensation. With technology becoming even more important in an increasing number of peoples’ lives and Samsung’s own digital infection potentially more harmful to customers, we could easily see Samsung break Sony’s record. Of course that is assuming a class action lawsuit is filed against Samsung. For the safety of technology users around the world, we certainly hope such a thing happens.
The other much less disastrous scenario (for Samsung, anyway) is if this keylogger is being installed by some disgruntled employee that is directly/indirectly involved in the manufacturer and shipping of Samsung’s laptops. Either way, expect to hear more about this in the coming hours and days.
Update
Congrats to Samsung for not doing a Sony (and ignoring this for days to weeks) and tackling this claim from the get go. After a thorough and very quick investigation, Samsung has responded on their official Korean blog:
The statements that Samsung installs keylogger on R525 and R540 laptop computers are false.
Our findings indicate that the person mentioned in the article used a security program called VIPRE that mistook a folder created by Microsoft’s Live Application for a key logging software, during a virus scan.
The confusion arose because VIPRE mistook Microsoft’s Live Application multi-language support folder, “SL” folder, as StarLogger.
(Depending on the language, under C:\windows folders “SL” for Slovene, “KO” for Korean, “EN” for English are created.)
Samsung will continue to respect customer needs by providing the highest quality products and services.
**See image below: Vipre (premium) run after creating an empty “SL” folder in the C:\ folder.
- December 28, 2010 9:39 am
If you’ve made a new home with one of the popular services and products including but not limited to iOS devices, OS X-powered computers, and location-based services such as Foursquare, the world is going to end in 2011. McAfee (recently acquired by Intel) released a forecast today naming various popular services and products that while currently low on the threat list, will grow increasingly murky as 2011 trudges on. Of course, coming from an arguably struggling virus software developer, such news of “impending attack” on numerous exploding platforms isn’t exactly all that surprising. In fact, it’s almost a cheap attempt to drum up fear and publicity in hopes of wooing a few new customers.
At this point, it shouldn’t be too hard to figure out that when tech products and services become popular and therefore increase in user base and potential cash flow, so do attempts to crack/hack them.
Should you be careful with your shiny new iPad while you update Foursquare? Of course. But don’t resort to fear mongering and paranoia. Security will become a growing issue with popular consumer electronics and services, though nowhere as much as McAfee is hyping. Be at ease.
