Malware

Malware / Recently Commented

Give Web Browsers Expiry Dates, Say Security Researchers

Computer security researchers from ETH Zurich, Google, and IBM have suggested that computer software would be more secure if it were labeled with an expiration date -- similar to perishable food product. Firefox 2 is considered to be the most secure browser since 83.3% of its users worldwide are running the current version. The issue of browser security matters more these days because more and more malware is targeting Web browser vulnerabilities. Remotely exploitable vulnerabilities have been on the rise since 2000 and accounted for 89.4% of vulnerabilities reported in 2007, according to the study, which claims that a "growing percentage of these remotely exploitable vulnerabilities are associated with Web browsers." more

New Report Found Over Half of Malware-Infected Websites Based on Chinese Network Blocks

The majority of the Internets malware-infected websites are located on Chinese networks, finds a new report released today by StopBadware.org, the university-based research initiative aimed at protecting users from dangerous software. The report also identifies the 10 network blocks that contain the largest number of badware sites. Six of the 10 are located in China. more

New Trojan Horse Silently Alters Wireless Router Settings

Brian Krebs or Washington Post reports that a new Trojan horse masquerading as a video 'codec' required to view content on certain Websites tries to change key settings on the victim's Internet router so that all of the victim's Internet traffic is routed through servers controlled by the attackers. more

Coders, Crackers and Bots, Oh My!

There are more than just blue, black and white hat hackers. There are a few more types of folks out there that don't fit into the above categories. This article is taken from Stratfor with some commentary by myself... Many of the hackers described in my previous post are also coders, or "writers," who create viruses, worms, Trojans, bot protocols and other destructive "malware" tools used by hackers... more

Russia Becoming a Spam Superpower

Russia might be a country trying to regain superpower status, but it has already reached it in one less welcome area -- the amount of spam it sends to the world. According to Sophos's Q4 2007 spam report, the country now deserves the moniker of 'spam superpower' having seen its share of total volumes rise dramatically over the last year, to put it in firmly in second place behind arch-rival, the US. more

Facebook Apps on Any Website: A Clever Move? Or a Security Nightmare?

Well, given the amount of malicious JavaScript, malware, and other possibilities to use Facebook (and other similar social networking platforms) for abuse, I certainly wouldn't categorize this news as a "clever move"... In fact, I foresee this as an extraordinarily short-sighted move with far-reaching security implications -- which will allow the levels of malicious abuse to reach new heights. more

How Big is the Storm Botnet?

The Storm worm has gotten a lot of press this year, with a lot of the coverage tending toward the apocalyptic. There's no question that it's one of the most successful pieces of malware to date, but just how successful is it? Last weekend, Brandon Enright of UC San Diego gave a informal talk at the Toorcon conference in which he reported on his analysis of the Storm botnet. According to his quite informative slides, Storm has evolved quite a lot over the past year... more

Spam Distribution Infrastructure: New Study Finds 94% of Scams Hosted on Individual Web Servers

Computer scientists, Geoff Voelker and Stefan Savage, from UC San Diego have found striking differences between the infrastructure used to distribute spam and the infrastructure used to host the online scams advertised in these unwanted email messages. This discovery is believed to help aid in the fight to reduce spam volume and shut down illegal online businesses and malware sites. While hundreds or thousands of compromised computers may be used to relay spam to users, most scams are hosted by individual Web servers. more

Businesses Losing Battle Against DNS Attack, Says New Study

According to a new research study, companies are in struggle to keep their DNS (Domain Name Systems) protected from malicious attackers. Many businesses remain vulnerable, as over half the respondents reported having fallen victim to some form of malware attack. Over one third had been hit by a denial-of-service attack while over 44 percent had experienced either a pharming or cache poisoning attack. more

Ready or Not… Here Come the IRC-Controlled SIP/VoIP Attack Bots and Botnets!

A story... ZZZ Telemarketing (not a real name) is locked in a heated fight with their bitter rival, YYY Telemarketing (also not a real name), to win a very large lead generation contract with Customer X. Customer X has decided to run a test pitting the two companies against each other for a week to see who can generate the most leads. The ZZZ CEO has said to his staff that it is "do or die" for the company. If they fail to win the contract, they will have to shut down -- they need to do "whatever it takes" to win over YYY. A ZZZ staffer discovers that part of why YYY has consistently underbid them is because they are using SIP trunks to reduce their PSTN connection costs. But the staffer also discovers that YYY is using very cheap voice service providers who run over the public Internet with no security... more