Motley cabal of online hacker and librarians. All about online hacking and more ...

Monthly archives for December, 2010

Texas Agency Website Shutdown by Malware Attack

Dec31
2010 Written by admin

Malware AttackAccording to the Star Telegram, which published its new, 21 December 2010, Texas Department of Aging and Disability Services (DAST) website, which have been hit with a malware or a virus that had detached from the Internet in the morning of December 21, 2010.

In the agency said it had temporarily closed the site for security reasons, but did not know exactly what the problem was that even in the absence of information has been compromised. In particular, there is a report of the information system at that location, so that ordinary people can experience power shortages in nursing homes and support services to life.

Further, there’s a registry within the site that reveals misconduct of employees and qualified nurse aides who’ve been prohibited from performing any service in nursing homes. Some vital manuals, handbooks, forms, enforcement statistics along with other types of valuable resources are also included in the website.

Stated Cecilia Fedorov, a spokeswoman for the agency, the department was investigating the entire incident in coordination with Health and Human Services Commission as also computer specialists for unearthing the nature of the malware that infected the TDADS’s computer server. According to her, everything the server contained was being analyzed for ensuring it was safe enough for getting it back to work. Star Telegram reported this.

In a remark, the specialists said there was a rapid growth in cyber-attacks on government and popular websites for disseminating malware over the recent time, while cyber-criminals found them effective in affecting a huge number of users.

They have also warned that hackers are preparing more sophisticated, malicious software has grown in size and activity rather than indicating a decline. Therefore, companies need right now are becoming more aware of how they might implement best security practices to protect their websites and customers with security reputation and sales.

First, be regularly monitored malware on their websites to make sure that no mention was vulnerable to online threats. In addition, organizations that have the costs of monitoring programs on the Web, and focus on the patches and updates for third-party widgets to be installed.

Posted in Malware - Tagged , ,

Malware Invading Cloud 2011

Dec29
2010 Written by admin

Malware Invading Cloud 2011New strains of malware have recently observed a cloud-based service for file-sharing, and its presence may be the Herald and potentially dangerous security threat for Internet users in 2011.

The security firm Kaspersky Lab has recently discovered a malware called “Trojan-Dropper.Win32.Drooptroop.jpa.” The Trojan was found on Rapidshare, a popular file sharing cloud computing and storage services. (Cloud computing is the process by which servers handle external data processing and data storage tasks generally performed by personal computers.)

The particular drooptroop variant (Kaspersky has identified more than 7,000) was first discovered around Christmas and titled “gift.exe.” Once downloaded, the malicious “gift” can intercept browser functions, redirect user requests and allow an attacker to gain access to users’ systems, explained Vicente Diaz, Kaspersky Lab researcher.

Drooptroop also automatically takes users to a rogue antivirus site that attempts to trick them into purchasing antivirus software they don’t need.

What is worrisome for security analysts is that malicious programs, such as drooptroop not appear in the body of the Rapidshare link, which means that it can successfully evade capture by traditional security filters.

As companies become more and more toward the cloud, security experts believe that cyber crooks will adapt to new developments and continue to prosper

Posted in Malware - Tagged ,

Internet Explorer Leads the Security Malware: Report

Dec24
2010 Written by admin

Internet ExplorerMalware Security Report by NSS Labs found in the Windows Internet Explorer 9 Beta catch “extraordinary” 99 percent of live threats, which IE does not pack 80 percent. Mozilla Firefox 3.6 called for 19 percent of direct threats, down 10 per cent of NSS Labs test is performed in the first quarter of 2010.

Protection of IE9 includes SmartScreen URL filtering, which is included in IE8 and reputation of the applications SmartScreen, which is a new IE9. The report noted Apple’s Safari browser has been asked 5-to 11 percent of direct threats, and protection of the public fell by 18 percent in Q1 2010.

Google Chrome 6 caught just three percent of the live threats, down 14 percent from the Q1 2010 test and Opera 10 brought up the rear—the browser caught zero percent of the live threats. The report concluded the browser provides virtually no protection against socially engineered malware.

From an initial list of 8,000 new suspicious sites, 1,209 potentially malicious URLs were prescreened for inclusion in the test and were available at the time of entry into the test. These were successfully accessed by the browsers in at least one run. On average, 124 new URLs were added to the test set per day. NSS Labs then assessed the browsers’ ability to block malicious URLs as quickly as they found them on the Internet, and continued testing them every six hours to determine how long it took a vendor to add protection.

Trends show Safari and Firefox converging at a protection rate just under 20 percent, indicating that while they share the Google Safe Browser feed, there is a difference in each browser’s implementation. The report noted the mean time to block a site (if it is blocked at all) was16.4 hours, and noted Chrome (with a mean time of 17.8 hours) and Safari (nearly 37.5 hours) were above average at adding new blocks. With the exception of Opera, which failed to block a single malware download, all browsers blocked at least one malware download, according to NSS Labs data.

“It became obvious from this test and comparisons to the earlier test that Microsoft continues to improve their IE malware protection in Internet Explorer 8 (through its SmartScreen Filter technology) and in Internet Explorer 9 (with the addition of SmartScreen application reputation technology). With a unique URL blocking score of 94 percent and over-time protection rating of 99 percent, Internet Explorer 9 was by far the best at protecting against socially-engineered malware,” the report concluded. “The 89 percent zero-hour block rate suggests a far superior malware identification, collection, and classification method,” the report noted.

The test, conducted in September 2010, was the company’s fourth test of Web browser protection against socially engineered malware—which the company said is the most common and impactful security threat facing Internet users today. This report followed the same Live Testing methodology as the tests conducted in Q1 2009, Q3 2009, and Q1 2010.

The report contains validate the empirical evidence gathered during 11 days of 24 x 7 tests done in every six hours, more than 39 discrete test functions, each adding new and fresh malware URL. Each product has been upgraded to the latest available at the time of commencement of the trial, and allows access to the Internet directly.

Posted in Malware, Spam - Tagged , ,

Malware loves Android and iOS Smartphone’s

Dec22
2010 Written by admin

Android and iOS Smartphone’sMalware for the two most conventional mobile platforms has improved at a much higher rate than for other platforms.

In 2010, malicious software for Smartphone has increased by 33% since last year. Moreover, all projections point out that the contamination will soon become an outbreak like for Microsoft Windows and Apple Mac.

In this regard, Gareth Maclachlan, COO of Adaptive Mobile says “With the increasing pervasiveness of Smartphone devices, 2010 has undoubtedly been the year that fraudsters have truly turned their attention to mobile platforms.”

He adds “The vast majority of consumers are acutely aware of the threats that PC-based viruses, spam messages and phishing emails pose, but many are still unaware of the risks associated with their mobile devices.”

As reported by TGDaily , phones running on Android OS and Apple iOS are at greatest risk – as for these platforms, the number of malicious programs for the year grew by 45%. For Google Android, an open source operating system, even a few applications were demonstrated that allow you to remotely control the telephone. So far as platform Nokia Symbian OS concerned, which till recently was leading in the number of viruses aimed towards it, the number of malware for it on the contrary has decreased by 11%. This shows that this OS is becoming less popular in the market, because hackers primarily are oriented to the most widespread products.

Therefore, users should think about what programs to download and pay more attention to security for mobile devices. Smartphone is definitely harder to break than the computer, but this problem is still rampant.

Posted in Malware, Online hacking - Tagged , ,

Hackers Set Sights On Android Mobile

Dec17
2010 Written by admin

Android MobileMalware specifically targeting mobile devices increased 33 percent in 2010 as the pirates quickly pushed to new campaigns designed to exploit the popularity of smartphone and the fact that too many users of the cast caution when accessing and sharing data from their mobile companions.

A sharp spike of mobile malware, according to a new report on mobile provider AdaptiveMobile security software, was to be expected, as demand for Smartphone and mobile applications skyrocketed to record levels in 2010.

And while most of these attacks — like this summer’s brutally effective Trojan campaign targeting Android-powered devices — were fairly simple in design and execution, security pundits expect hackers will step up their game in 2011 with more complex scams that will exploit multiple Smartphone features and weaknesses to steal data and spread more malware.

“The next year will see the emergence of the compound threat — intelligent scams designed to exploit multiple phone capabilities in order to reap maximum reward for the criminals, before the user even realizes they have become a victim,” AdaptiveMobile COO Gareth Maclachlan said in the report.

Android, Google’s (NASDAQ: GOOG) open mobile operating system, continues to take share — mostly from competitors Symbian and BlackBerry — but the success comes at a price.

AdaptiveMobile’s report found that identified exploits for Android surged 400 percent from 2009 but quickly added that the total number of Android exploits is “still at a low level relative to older platforms.”

In fact, Nokia’s Symbian saw its number of identified new exploits fall 11 percent and the iPhone saw a similar percentage decline. Windows CE-based viruses rose 7 percent while the number of exploits impacting Smartphone running Java-based apps jumped 45 percent from 2009.

“With the increasing pervasiveness of Smartphone devices, 2010 has undoubtedly been the year that fraudsters have truly turned their attention to mobile platforms,” Maclachlan said. “The vast majority of consumers are acutely aware of the threats that PC-based viruses, spam messages and phishing emails pose, but many are still unaware of the risks associated with their mobile devices.”

The report concludes that this trend towards more sophisticated malware attacks to force mobile wireless operators, handset manufacturers and mobile application developers to abandon the traditional security technologies and find alternative and more sensitive smart to keep pace with the pirates and owners of malware.

Posted in Malware, Online hacking - Tagged , , , ,

Smartphone’s Having Serious Risk from Malware

Dec15
2010 Written by admin

Smartphone’sSmartphone users are increasingly at risk of a cocktail of spyware and phishing scams, although data leaks and disclosure of sensitive information is the most common hazards, according to a new report.

European Network and Information Security Agency (ENISA) has said that the risk of maximum security and opportunity for Smartphone and dishing advice to consumers and businesses.

It’s a biggest risk to users: spyware, data cleansing poor when phones for recycling, accidental data leakage and unauthorized Premium phone calls and SMS.

It is perhaps no surprise that criminals are increasingly targeting Smartphone’s as they soar in popularity with Gartner figures revealing that some 80 million smart handsets were sold in Q3 2010 alone.

Apparently the biggest risk to Smartphone users is relatively low-tech: having their phone nicked. An unprotected memory lets an attacker access the data on it, according to the report.

The second largest threat is a Smartphone owner giving their phone to someone else or disposing of it without wiping the data correctly…again, similarly low tech and gift for cyber criminals.

More worrying though is the report’s discovery that unintentional data disclosure is the third biggest risk. It reckons that while most apps have privacy settings, many users are unaware of forget that data is being transmitted and have no clue about how to tweak security settings.

Phishing attacks reportedly pose a ‘serious’ risk to Smartphone users via fake apps or seemingly genuine text messages, while spyware defined as ‘any software requesting and abusing excessive privilege requests’ is also a big problem.

Completing the top 10 of Smartphone risks are: network spoofing attacks, surveillance, diallerware, financial malware designed to steal credit card numbers and network congestion.

“Given the growing importance of Smartphone’s for EU businesses, governments and citizens, we consider it essential to assess their security and privacy implications.” says Prof. Dr.Udo Helmbrecht, executive director of ENISA.

However the report was not all doom and gloom as it recognised back-up data opportunities on Smartphone and the benefits of app stores.

It listed the opportunities as: sandboxing apps, controlling software distribution, remote app removal to aid the removal of malware, backup and recovery functions ‘to address risks to data availability,‘ extra authentication and encryption options plus the very diversity of Smartphone’s, which makes it tricky for criminals to attack a very large number of users with a single virus.

To maximize opportunities and minimize threats, the report detailed a long series of recommendations for Smartphone users, including advice that consumers use automatic locking, reputation and source control before downloading applications, a careful reading of permit applications and wipe off any handset and they have plans for disposal.

Posted in Malware - Tagged , , ,

Targeted Malware, Spam is Growing in 2011

Dec03
2010 Written by admin

Targeted MalwareMalicious Web sites and applications increasingly target mobile phone users in 2011, devices such as tablet PCs and Smartphone’s are an even greater combination of Information Technology Company.

As reported by E-Security Planet, security software vendor Symantec expects attacks aimed to increase dramatically as hackers develop its capacity to collect data from social networks and consumer sites to develop campaigns that are more likely to catch their prey.

Trojans, viruses and worms like Stuxnet will also find their way into more critical infrastructure systems as malware authors seek out more high-value targets for their wares.

And while the overall volume of spam decreased significantly in the second half of 2010, Symantec offers a marked increase in spam directed language, especially in Europe and Asia. In 2010, about 95 percent of all spam was in English, but that figure should drop to about 90 percent in 2011 while the Portuguese and Spanish spam will increase significantly.

Posted in Malware - Tagged ,

Malware Threats Go Up Almost 15 % in 2010

Dec01
2010 Written by admin

Malware ThreatsThe average number of malware threats created each day has increased nearly 15 percent in 2010 to about 63,000 cases, according to Panda Labs, the arm of anti-malware from Panda Security Inc.

The good news is that more than half of all new malware, including variations of existing programs, was neutralized in a day, a favorable comparison with previous years, when the life of this software, it took several months, the supplier Security said..

Panda said that more than one-third of the active malware currently threatening computer users was created in the first 10 months of this year.

About 20 million new strains of malware already have been created already this year, the same as in all of 2009, Panda said. The security vendor said that its database now houses some 60 million malware files, including viruses, worms and Trojans.

“Since 2003, new threats have increased at a rate of 100 percent or more,” said Luis Corrons, PandaLabs technical director.

“Yet so far in 2010, purely new malware has increased by only 50 percent, significantly less than the historical norm,” he said.

Corrons said that rather than create new malicious code, hackers seem to prefer reusing old code or parceling out existing threats.

“It seems hackers are applying economies of scale, reusing old malicious code or prioritizing the distribution of existing threats over the creation of new ones,” he said.

Panda said that the malware has drastically reduced life expectancy shows that many programs are structured in order to infect only a few systems before disappearing. Since the Anti-Virus software detects new malware faster, hackers can change their programs or create new ones remain unidentified, the company said.

Posted in Malware - Tagged ,
wordpress visitor
© 2011 USRlib.info