If you’re a follower of NBC News’ Twitter account, there’s a good chance you crapped your pants last Friday evening. “Breaking News! Ground Zero has just been attacked!” the feed blared, followed by flight numbers and rumors of hijacking attempts. Ten minutes later, a group calling themselves “The Script Kiddies” came clean and announced that they’d hacked the account. NBC’s been trying to figure out how the account became compromised ever since, and now they think they’ve found the culprit: a Trojan Christmas tree.
Linux end users may not have to worry about malware too often, but apparently, folks who like to roll their own code still draw the attention of hackers. Kernel.org, the online repository of the Linux kernel, is reporting that it fell victim to a security breach in August. Don’t start screaming and unplugging your Ubuntu PCs just quite yet, though – the administrators believe the attack only compromised users who accessed the kernel.org site, and not the Linux source code itself.
It's common practice to point the finger at China every time there's a major cyber attack, just as many security analysts did following McAfee's recent report detailing a five-year run of cyber high jinks "by one specific actor." The Chinese government usually throws up its arms in disbelief and says, "Who, me!?," only now China officials are claiming that it too is a victim.
Who can resist the idea of some free, mouth-wateringly good Chicken Selects Premium Breast Strips swallowed down with a delicious Strawberry Triple Thick Shake early on a Sunday morning? Nobody who isn't named RoboCop, that's who – and that's how the spammers get you. Now that we've become immune to naked celebs and cheap pharmaceuticals, the bad guys are going for our guts.
The entire source code for the Zeus trojan is now floating around the web within easy reach of any would-be miscreant who aspires to modify the code for their own evil deeds. Security firm CSIS discovered the source code being sold on at least two black market forums back in late March, and now says the crime kit is being leaked to the public on several underground forums and through other channels.
Over the course of the next four weeks, the U.S. Department of Justice will put into effect an initiative to remotely uninstall the Coreflood botnet Trojan from infected Windows PCs. The way it will go down is the DOJ will identify owners of infected rigs and then submit an authorization form to the FBI. It's the latest step in an effort to stomp out the botnet that's managed to seize control of some 2 million PCs.
If you give Malware authors an opening, they'll take it. In the wake of the recent Android Market malware scares, Google released a special security app that searches for and removes the so-called DroidDream malware. Google is pushing this app to affected phones automatically to take care of the problem. So what did the unscrupulous hacker characters do? They repackaged that security app with a trojan, of course.
As if most malware weren't crafty enough, there are signs that indicate a certain amount of conspiring between attackers, making the latest threats even more difficult to detect. What's more, February proved a particularly busy month for malware, with Trojans, botnets, and spam all seemingly on the rise compared to previous months.
Google was quick to ban a no-good publisher and remove his 21 Trojan infected applications from the Android Market after receiving a tip from AndroidPolice.com. According to AndroidPolice, the publisher took 21 popular free apps from the market, laced each one with root exploits, and then republished them. While Google's response time was nothing sort of swift once it found out about the foul files, they had already logged 50,000 to 200,000 downloads combined in 4 days, AndroidPolice says.
Security firm Sophos has discovered a modified variant of the well known darkComet Remote Access Trojan (RAT) that not only affects Windows PCs, but the Mac OS X platform too. Interestingly enough, the nefarious Trojan readily admits it's not yet finished, which could be indicative of more underground programmers finally taking notice of Mac's increased market share. In its current form, Sophos senior security adviser, Chester Wisniewski, describes the Trojan as "very basic" in nature with a mix of English and German in the UI.