Archive for: malware

New More Sophisticated Version Of Mac Defender Malware Detected.

If you thought the Mac virus/malware scene was about to dry up due to Apple’s relatively quick response in regards to the MacDefender malware which would steal credit card information, think again. Mac Security Blog (Intego) has discovered a new version of Mac Defender that ups the ante. Specifically, the old dead giveaway that the software was fake — a Windows screen being the OS X preview — has been replaced with an OS X-style window.

With that said, the people behind this annoying malware still have some work cut out for them — the fonts are all wrong and the alerts are not specific to Mac.

Nonetheless, the risk is still there. If you notice the alert above or see a folder labeled “” in your downloads folder, do not install or open it. As of writing, the application is still called “MacSecurity”.

+Continue Reading

Apple Releases Support Document For MacDefnder Malware.

Apple may be staying quiet (publicly) concerning the recent MacDefnder malware scam, but that doesn’t mean they aren’t hard at work behind the scenes. Previously, leaked intel from Apple stores across the country painted Apple’s initial stance in a rather arrogant and anti-consumer light — they were advising Apple employees to refrain helping customers remove any potential malware or even advising customers where to seek further help. While on the surface this sounds like a rather coarse move on Apple’s part (and we’ll be honest, it is), another large OS maker takes a similar though not quite so harsh stance.

With that said, Apple has released a new support document detailing how users can easily and quickly rid their Macs of MacDefnder malware while also highlighting an upcoming fix that will kill said software automatically.

The jury is still out on just how large the Mac virus/malware scene will get. Ask any Mac enthusiast and they’ll say Apple’s tightly controlled ship will weed out most of the malware and virus issues. Others, however, say that larger problems are inevitable.

At least for now it appears a crisis has been averted.

+Continue Reading

Chrome 12 Adding Malware Protection For Malicious Downloads To Feature List.

Need a more important reason to jump onto the Google Chrome bandwagon aside from an already super fast rendering engine, sleek look, and frequent updates? How about malware support? Google announced today via the company’s official blog that Chrome 12 will pack in a new malware protection scheme that will alert users when Chrome suspects that a downloaded .exe is malicious. This new feature will source from the list of publicly known malicious websites according to the Safe Browsing API and is built off of the already in place malware protections that have been employed by Google over the last 5 years.

Interested parties wanting in on the ongoing testing phase can sign up within the Google Chrome development release channel.

[Update 2] Latest AVG Update Breaking Some 64-bit Windows 7 Computers. #avg #windows

In our daily travels through the interwebbs, our computers are silently attacked by faceless villains across the world. Helping us make the journey safely are a bevy of anti-virus, anti-spyware, and anti-malware programs. But every once in a while, a computer becomes unusable not because of the latest and greatest virus, but because of the very software that is supposed to protect us. With that said, users of popular anti-virus software, AVG, will be waking up to a potentially nasty surprise — an un-bootable computer.

The culprit is the latest virus database update, version 271.1.1/3292 (432/3292), which was released at 12.53am CET. The error message being seen:

STOP: c0000135 The program can’t start because %hs is missing from your computer. Try reinstalling the program to fix this problem.

According to AVG, it’s not as bad as it seems. The fix as it stands now comes in a few flavors. Perhaps the quickest and least involved option is to boot into safe mode and do a system restore to a restore point that was made before the latest AVG update. If you are unable to boot into safe mode, proceed to option two which AVG highlights in detail here. Basically, it involves using an AVG Resource CD and renaming a buried system file. A third option involves using Windows 7 Startup Repair. Lastly, a fourth and final fix requires that you read this article before you restart following the update. If you do, find the “. preparations” folder located at C:\Program files (x86)\AVG\AVG10 (64-bit systems) and delete it. Then, continue on with the reboot as normal. You can also use the AVG program itself to delete all of the temporary update files as well.

As of writing, AVG has announced that they’ve removed the update from their servers, and that it is ok to go ahead and update your AVG software once again. Furthermore, AVG will be releasing a tool to help affected users within the next couple of days. Though if that’s not good enough and/or the above methods aren’t working, try taking a look at this thread in AVG’s forums which has several more detailed options to bring your computer back to life.

Anyone’s PC go down because of the update?


Commenter “ako” below found another method to try and fix the AVG problem

This helps me:

Navigate to:
Program FilesAVGAVG10 (32bit operating system)
Program Files (x86)AVGAVG10 (64bit operating system)

Find the following files:
avgrsx.exe or avgrsa.exe
avgchsvx.exe or avgchsva.exe

Delete the Files and reboot

Update 2

Could it be internal sabotage by a disgruntled employee? Apparently AVG just went through some “internal restructuring” the day before yesterday. On that note, when “sabotage by former employee” is mentioned, I always become skeptical myself. Far too often such a claim is made that in the end turns out to be completely false. Although, going by the tipster’s account of the two botched updates occurring in the same day (and a mere day and a half after massive layoffs no less) is certainly eye raising in and of itself.

With that said, the actual internal email sent out to AVG employees the morning of the layoffs is interesting nonetheless. The dots can certainly be connected in such a way to suggest some illicit dealings, though I’ll leave the final decision to each of you. Email after the jump…
+Continue Reading

Bad news for rooted Android users: Login credentials stored as plain text.

So far I haven’t been shown any logical or legitimate reason why someone shouldn’t root their Android device. Everything from custom skins and themes to overclocked speed can be had. Not only that, but rooting your device can allow users to remove bloatware from their phone that otherwise sits there and sucks up precious MB’s. Now, however, I have a reason to caution potential Android rooters — login credentials are stored as plain text. Granted, someone would have to develop and distribute an app that purposely went digging through your phone and then preceded to phone home with all of that sensitive info. Though we’ve seen a few false alarms on that front already. What’s to say someone doesn’t read this post and get some braniac idea to screw over a bunch of people?

So yeah, if you really want to play it on the uber safe side, don’t root your Android device and give apps free reign on your precious device. If we’re to be brutally honest though, common sense on the end users part has to factor into the equation. If an app looks or acts fishy, don’t turn a blind eye. Delete it! Any rooted Android users (or potential rooters) treading a bit more carefully now?
+Continue Reading

Windows 7 to be a little more choosey with auto-run/flash drives


**The box bordered in red will no longer be an option on most flash drives after Window 7′s latest security update**

Microsoft announced today a move to make it harder for viruses such as Conficker to piggy back on Windows’ auto-run feature when a flash drive is inserted.  Instead of the flash drive having access to auto-run features as soon as the drive is inserted, users will have to manually launch programs contained on the storage device.  However, Microsoft cautioned that DVD’s and CD’s will still have access to auto-run option upon insertion.  So, users of certain “specialty” drives such as those powered by the U3 GUI, which is treated and loaded as a CD/DVD, should take extra precaution when using their flash drives in conjunction with auto-run.  According to Microsoft, the update that will disable auto-run for most flash drives is set to appear in the next release candidate of Windows 7 slated for a public May 5th release.  Legacy XP and Vista users need not worry as you will also be getting the security update via some form or another.  Once the update hits, I suggest everyone download it as soon as possible so malware such as Conficker has yet another hurdle to clear all while making Windows users everywhere a tad bit safer.

Source: Cnet