Malware

Malware / Recently Commented

Malware Production Continues at Record-Setting Pace; 6000 Unique Pieces Per Day

Security researches report seeing as much unique malware in the first half of 2009 as seen in all of 2008. "This is quite something when you consider that in 2008 we saw the greatest ever growth in malware," says David Marcus of McAfee Avert Labs. More specifically, Marcus in a blog post writes that the numbers add up to an average of 200,000 unique pieces malware monthly or more than 6,000 a day. "Bear in mind these are malware we consider unique (something we had to write a driver for) and does not count all the other malware we detect generically or heuristically... When you add in the generic and heuristic detections the number becomes truly mind boggling," writes Marucs. more»

Alarming Developments in Mobile Malware Found by Security Analysts

The first worm that spreads between mobile devices by spamming text messages has developed a new communications capability that one security vendor says signals the arrival of mobile botnets. Trend Micro has analyzed a piece of mobile malware known as "Sexy Space," which is a variant of another piece of mobile malware called Sexy View, which targets devices running the Symbian S60 OS. Sexy View, which was detected by vendors such as F-Secure six months ago, is significant because it is the first known malware sample that spreads by SMS... more»

Global Recession Appears to Have Also Hit the Malware Industry

According to reports by German software security company G Data, since the beginning of summer, the malware community appears to have been scaling back its activities. This considerable reduction is, according to the estimates of G Data security expert Ralf Benzmüller, not solely due to the forthcoming holiday season. The global recession appears to have also hit the eCrime economy. "This phenomenon emerges every year as something new. At the start of the holiday season, the number of malware programs falls. One reason for this is the worldwide onset of the travel season, which, based on experience, causes a drop in the number of active Internet users. However, this does not explain a collapse of more than 30 percent," says Ralf Benzmüller. more»

Trojans Fastest Growing Category of Data-Stealing Malware

The Anti-Phishing Working Group (APWG) recently reported that the number of sites infecting PCs with password-stealing crimeware reached an all time high of 31,173 in December 2008 - an 827 percent increase from January. And according to a report just released by Trend Micro's Focus Report, 93 percent of data-stealing malware have been identified as Trojans in the first quarter of 2009. more»

FTC Shuts Down US Web Hosting Firm Involved in Massive Global Spam Operation

Brian Krebs of the Washington Post reports: "In an unprecedented move, the Federal Trade Commission has taken legal steps to shut down a Web hosting provider in Northern California that the agency says was directly involved in managing massive global spam operations. Sometime on Tuesday, more than 15,000 Web sites connected to San Jose, Calif., based Triple Fiber Network (3FN.net) went dark. 3FN's sites were disconnected after a Northern California district court judge approved an FTC request..." more»

Google Reveals Top 10 Malware Sites From Its Index

While scanning its index, Google in the last two months reports to have found more than 4,000 different websites suspected of distributing malware by massively compromising popular websites. "Of these domains more than 1,400 were hosted in the .cn TLD. Several contained plays on the name of Google such as goooogleadsence.biz, etc.," says Google's security team member, Niels Provos, in a blog post today. more»

Mass Hacker Attack Reported on 40,000 Legitimate Websites

Hackers have compromised about 40,000 legitimate Websites, infecting them with malicious JavaScript that ultimately redirects users to a malicious site, says Websense. Security researchers at Websense say the tactics are reminiscent of the notorious RBN group. Although Websense would not name any of the compromised sites, researchers said the victims did not include any "big-name government or business sites." The compromised sites are redirecting users to typo-squatted misspellings of legitimate Google Analytics domains... more»

Obama: From Now On Digital Infrastructure Treated As Strategic National Asset

In a speech today from the White House, President Obama declared that the United States' computers and digital networks are strategic national assets and that he will personally appoint a cybersecurity coordinator to oversee the effort to protect this critical infrastructure. more»

Kaspersky Impressed with Overall Conficker Botnet Operation

Cybercrime fighter Eugene Kaspersky can't help but be impressed by the slick operations behind the Conficker botnet, and says that it could have been worse had the botnet been after more than just money. "They are high-end engineers who write code in a good way ... They use cryptographic systems in the right way, they don't make mistakes -- they are really professional." Kaspersky says he's "60 per cent certain" that Conficker is being controlled from the Ukraine, but can't be certain... more»

Cybersecurity Groups Start New Initiative to Combat Malware

Three of the world's leading cybersecurity groups today launched a new initiative to combat malicious software (malware) by establishing a "Chain of Trust" among all organizations and individuals that play a role in securing the Internet. Developed by the Anti-Spyware Coalition (ASC), National Cyber Security Alliance (NCSA) and StopBadware.org, the Chain of Trust Initiative will link together security vendors, researchers, government agencies, Internet companies, network providers, advocacy and education groups in a systemic effort to stem the rising tide of malware. more»

Most Websites Harbor at Least One Major Vulnerability, Says Report

Most Websites harbor at least one major vulnerability, and over 80 percent of Websites have had a critical security flaw, according to new data released today by WhiteHat Security. The Website vulnerability statistics, based on Website vulnerability data gathered from WhiteHat's own enterprise clients, show that 63 percent of Websites have at least one high, critical, or urgent vulnerability issue, and there's an average of seven unfixed vulnerabilities in a Website today... more»

US Military Shopping for Email Defense System to Scan 50 Million Inbound Messages a Day

The Defense Information Systems Agency asked technology companies on Wednesday for ideas on how to build an email defense system on the perimeter of its networks that can scan 50 million inbound messages a day to catch spam, viruses and cyberattacks. In a notice to industry, DISA said it needs to protect 700 unclassified network domains and that, while there are many individual e-mail domains administered by Defense Department units, "there is a possibility these may be combined into one enterprise DoD e-mail domain."... NSA Director Lt. Gen. Keith B. Alexander said 65-70% of the emails sent each day are spam. more»

One in Five Online Consumers Victims of Cybercrime Past Two Years, Estimated at $8B, Survey Says

According to the latest Consumer Reports National Research Center “State of the Net” survey, one in five online consumers have been victims of cybercrime in the last two years to the tune of an estimated $8 billion dollars. The overall rate of the crime has remained consistent over the five years says Consumer Reports. Report also notes that the problem stands to get worse as rising unemployment and foreclosures fuel a wave of recession-orientated Internet scams, and as the popularity of social networking services grow, creating more openings for identity thieves. more»

Canadian Spam Law Update

As you may know, there are two laws currently being discussed in Canadian legislative assemblies: Senate Bill S-220, a private member’s bill with private right of action and criminal remedies; Parliamentary Bill C-27, tabled by the government, with private right of action, coordination between various enforcement agencies... more»

Cyber Breaches Even Worse Than You Think

It may seem as if a new breach of some computer system or network is reported every couple of months; but actually, one security expert says it's worse than that. According to James Lewis, director of the technology and public policy program at the Center for Strategic and International Studies, reports of about 17 significant security incidents were released in the last two years - which averages to one report every 6 weeks... more»