Displaying items by tag: Malware

Hearing about a flaw in one product from a competitor in a product is sort of like asking your dog what food he likes best. You know you are not going to get a good answer and, of course, the dog is only going to stare at you and eat pretty much anything (including a bug…). So when we heard that a Microsoft Anti-Spam Engineer was reporting a new Android based email spam botnet we took it with a grain of salt (remember Microsoft has a new Phone OS coming out soon).

There is an interesting habit in the world of science; when you cannot explain or categorize something add “dark” to the front of the regular word and that makes it all ok. We have seen this in astrophysics, particle physics, theoretical physics, and now to IT. With this maxim we get Dark Matter, Dark Energy and my favorite “Darknet” It just sounds cool right?

It would appear that the developers of Stuxnet/Duqu and Flame shared at least some source code during development. At least that is what security research firm Kaspersky seems to think. Kaspersky was the company that found the massive bit of malware that was using a compromised Microsoft Terminal Server licensing model to sign certificates for their code. Flame appears to have been a very coordinated espionage attack on Iran and has been in the news thanks to the complexity and functionality that it has.

We told you about the new malware threat in Iran (and some other Middle Eastern countries). This is a new and very sophisticated bit of spyware that appears designed to gather intelligence about the state of Iran’s nuclear program. Kaspersky discovered the worm after being asked to check some systems that appeared to be acting strange. This investigation led to the discovery on Flame and the identification of some 20 plug-ins for the malware that can do everything from capture screens, to turning on a system’s microphone to record anything around the system. It is also able to record VoIP communication through applications like Skype.

So what is more frightening than having a worm or a virus infect your network? How about a virus or worm that can infect the hardware that controls your network. According researchers at Cambridge this could be possible through the use of hard coded back doors in control processors. Although the idea of being able to reprogram the microcode inside computer chips is nothing new it has never been viewed as a threat before. After all most companies are very careful about allowing someone other than themselves to have access to the paths that would allow the original code to be overwritten.

Remember when we told you that Facebook was going to allow companies to pay to promote certain posts? Well it is now in full swing as it looks like Facebook has rolled out the service to everyone’s pages. Over the last week we have been having issues with posting links on the DecryptedTech Facebook page, yet when we reported the issue there was almost no response from Facebook about the issue. As it turns out this issue was due to the changes that Facebook was making behind the scenes.

An interesting report has popped up about a rather large attack on a group of Middle Eastern countries. The attack (called Flame) appears to be a targeted attack against Iran, Israel, Palestine, Sudan, Syria, Lebanon, Saudi Arabia and Egypt with the most effected being Iran, Palestine, and Israel. The attack was reported by Kaspersky Labs and looks to be intended to collect all kinds of information (not just data on computers). Kaspersky believes that Flame has been operating for at least two years in this region.

In the IT world there was a time when we all feared the Marco viruses that could be embedded into Word, Excel and other Microsoft Office Products. It was bad enough at one point that I found a single system with over 3,200 counts of an Excel Macro virus (it replicated itself quite nicely). Back then it was common for IT to recommend the use of RTF (Rich Text Format) instead of .DOC for documents and there was even an option inside exchange to force the use of this format even if the end user has Word as their email editor.

Well, well, well… although we have been saying it ever since the first Macs with Intel CPUs rolled off the lines in the Foxconn factories in China it seems like the world is finally realizing that the Mac IS a PC just running a different OS. The first kick in the head was delivered when the Flashback Malware hit the streets in the form of a fake flash installer which made any infected Mac part of a global botnet.

There is a lot of talk in the news about a very old piece of malware. This malicious code was called DNSChanger and was part of a criminal enterprise that intended to route people’s traffic through their own servers instead of the intended servers. This opened the victims up to countless other potential infections. The Malware was discovered back in 2004 and had a small amount of fame for its time. The impact of this particular infection was rated into the millions of Windows based PCs. Although the malware was identified and six people were arrested for it, the authorities did not know what to do about the infected systems (which is VERY odd).