Displaying items by tag: Viruses

Whenever a new game hits the streets you can bet there will be a less-than-legal copy either right before, or right after. This was the case with the new game "Watch Dogs. Shortly before the retail release there were multiple copies available from different sources. One of the most popular sources was BitTorrent. Sadly, someone decided to taint that version with a bitcoin mining utility.

Malware is a nasty thing that touches every corner of the consumer electronics market. No matter what type of device you have someone, somewhere will find a way to write malware to compromise it. Over the last two weeks there has been a resurgence of a very nasty bit of Malware called CryptoLocker. This malware sneaks in through poisoned websites or emails (typically in a .zip file) using multiple flaws in Java. Once in it reaches out and encrypts every Microsoft office file it can see including on shared drives. There is no real cure for this one and you end up losing data and time as you reload your computer.

Kaspersky Lab has issued an annual report for 2012. This report presents some interesting statistics about malicious software that have marked the past year. The data that was analyzed by the well-known antivirus company using KSN system in the cloud (Kaspersky Security Network) to detect and collect information about attacks, points to more interesting things.

On Friday Microsoft released an update for Flash on Windows 8 to protect their users from hacker attacks that could’ve started long ago since the bugs were here for quite some time. As it was stated about a week ago, Microsoft decided to take care of this bug and provided a patch for it Firday. Even though Flash Player is a product of Adobe, the whole work had to be done by Microsoft because they copied Google's Chrome and implemented Flash Player into their browser, Internet Explorer 10. They announced the implementation in May, saying “By updating Flash through Windows Update, like IE, we make security more convenient for customers.”

As we have been working with Windows 8 and Windows 2012 server we have become increasingly concerned about security. Although Microsoft has claimed that they have improved security through items like the locked UEFI boot process there are still glaring omissions in security that keep popping up very recently it was noted that despite the claims from Microsoft of a more secure login process the password hint is exposed in the SID database and easily recovered remotely. We also found that users’ contact lists are also left in the open (and in plain text) and available to anyone that can gain remote elevated privileges; which is what almost all Viruses and Malware try to do.

One of the most popular torrent clients is uTorrent (used monthly by around 125 million users for downloading) will start to serve adverts within its software in the near future.  An announcement stated that ads will be linked with the content of the torrents a user downloads, whether it is a legal or illegal download. uTorrent already makes decent money, between $15-20 million per year, thanks to a toolbar for web browsers that is installed as a part of  the install package. However that doesnt seem to be enough for its directors so they hope to make more with the ads they will introduce in the new version

Time Apple news for July 26th 2012. Today we have Apple’s “we should not have to pay” defense, a new worm in the iTunes store, and new Malware that has popped up for OSX users. These three things have loads of laughs and some interesting twists which we think you will enjoy. So up on deck first we will take a look at Apple’s we should not have to pay defense which they are presenting in one of the patent cases they have going with Samsung.

There is a long standing myth that PCs are susceptible to viruses and malware while Macs and Linux are not. Unfortunately for anyone that believes this myth there are consequences. One of these is a feeling of invulnerability when browsing. This false sense of security can lead to many things, including having your computer hijacked or being silently rolled into a giant Mac only botnet … I am sure you get my point. This phenomenon is not limited to Mac owners. PC owners that have “Full” Virus and Malware protection also get this false sense of security.

Now, the interesting thing is that while there are literally thousands of viruses and malware for Windows based systems in the wild there are actually more security loop holes in OSX that can be exploited by something as simple as a drive-by or other malformed code on a web page. One that caught our attention was an Adobe based Exploit (yes I know Steve Jobs wanted to ban Adobe). This little exploit allows someone to run a .swf file in a hidden iFrame. The .swf in question here has code to authorize turning on the end users webcam and broadcasting it to the source server.

Now this is nothing new and I have witnessed this kind of thing done at different security conventions. The thing that really is concerning is that this is being run on a version of Flash that is supposed to have code (called frame busting) to prevent this. What happened is that Adobe only patched part of the hole. They covered the whole page being loaded in an iFrame, but forgot to prevent the malformed .swf from being loaded into that same space. This little exploit was found by a computer science student at Stanford University named Feross Aboukhadjeh.

Now I know you are wondering what my rant at the beginning of this article about Macs has to do with this exploit… Well the kicker is that Aboukhadjeh has only been able to get this exploit to work on Macs and running either Firefox or Safari. The reason that he has been so successful is that with these browsers and OSX it is easier to make the iFrame transparent to the end user. Aboukhadjeh says that he does believe that this will work on other operating systems, but that it will take significantly more effort and would require layering the frame to avoid detection.

Adobe has been notified of the exploit

Source The Inquirer

Discuss in our Forum

Anyone remember Charlie Miller? He is the guy that has hacked more than his share of Apple products (and won a few PWN2Own contests). Well Charlie is back; this time he has found a hole in Macbook Batteries that can allow full control of the Macbook including uploading small programs that are undetectable by virus scanners. The reason they are undetectable is that the code is hidden inside the battery firmware.  Charlie was able to get inside the firmware after digging through it and finding the passwords that allowed him access. Due to Apple’s tendency to use the same password for each line of its products (like the iPhone) it was very easy to spread this exploit to other systems.