Home
Build a PC

Build a PC Featured Content

Build a PC: Blueprints (November 2012)

Build a PC: Recommended Builds (May 2013)

CES 2013: AMD Talks Up Surround Computing Strategy

Operation Upgrade: How We Rebuilt Three Old PCs, Part By Part

Build It: How to Build a Kick-Ass Ivy Bridge Gaming PC, Step by Step

All Build a PC Articles
Windows
Windows RSS
Windows Featured Content

Windows 8 Review

Microsoft Announces Xbox One Console

20 Awesome Screensavers

Best Windows 8 Apps

Windows 8 Home Server Guide

All Windows Articles
Best of the Best
Hardware
- Hardware Home
- CPU
- Memory
- Video Cards
- Cases
- Cooling
- Displays
- Motherboards
- Reviews
Hardware RSS
Hardware Featured Content

Windows 8 Hardware Reviews

Microsoft Announces Xbox One Console

Build a PC: Recommended Builds (May 2013)

7 Unsung Heroes of the PC Universe

Getting Loco with Video Cards

All Hardware Articles
Software
Software RSS
Software Featured Content

Software Worth Paying For

Virus Protection Guide

Adobe Photoshop Lightroom 5 Beta Impressions

Spotify vs. Xbox Music

XBMC vs. Plex

All Software Articles
Gaming
- Gaming Home
- Reviews
- Hardware
- Software
- Gaming PCs
- Bioshock
Gaming RSS
Gaming Featured Content

Razer Edge Unboxing (Video)

CES 2013: Nvidia Shield and Grid Impressions [Video]

Nvidia at CES 2013: Project Shield Console, Tegra 4, and Onlive Style Cloud Gaming

Transformers: Fall of Cybertron Review

The 10 Best PC Game Trailers from E3 2012

All Gaming Articles

Trojan

Nasty Android Trojan Spotted in the Wild

Posted 12/30/2010 at 10:45am | by Paul Lilly

0

Comments

Security firm Lookout warns that a new Trojan affecting Android devices has emerged in China. It's being called "Geinimi" and it's capable of compromising a "significant amount of personal data" harvested from a user's phone, which is then sent to remote servers.

"The most sophisticated Android malware we've seen to date, Geinimi is also the first Android malware in the wild that displays botnet-like capabilities," Lookout says. "Once the malware in installed on a user's phone, it has the potential to receive commands from a remote server that allow the owner of that server to control the phone."

Right now it's being distributed via legitimate applications (mostly games) in third-party Chinese Android app markets, though Lookout warns it could be packaged into apps in other geographic regions, too.

Get the full scoop here.

» Read More

Trojan Modifies Firefox to Store Passwords; Infiltrates Protected Storage Area

Posted 10/10/2010 at 7:41am | by Pulkit Chandna

6

Comments

In a recent blog post, Webroot warned of a Firefox Trojan that forces the browser to save all login credentials by default and subsequently uses the stolen information to create a new user account (username: Maestro) on the compromised machine. It then sniffs out sensitive user data (data forms and login details) from the Windows Protected Storage Area. The data stolen from here is faithfully shipped out to a server once every minute.

The Trojan's author Salar “Salixem” Zeynali is an Iran-based crimeware hobbyist and heavy metal enthusiast, according to his Facebook profile. With Zeylani choosing his real name above a nom de plume to take credit for the malware, Webroot clearly didn't have to work too hard to get to him.

“His Facebook profile indicates he lives in Karaj, Iran; He sports an emo haircut, and likes heavy metal music and programming. And, apparently, Zeynali writes crimeware for fun, because he doesn’t sell his keylogger. He offers a keylogger creator tool as a free download from the message board he hangs out on,” Webroot's Andrew Brandt wrote in the blog post.

“Unfortunately, there are a lot of people who frequent the same message board Zeynali uses to post his keylogger code, and some of those people have clearly been using the keylogger creator tool Zeynali built to create and distribute Trojans.”

According to Brandt, no AV solution can automatically fix the nsLoginManagerPrompter.js file the Trojan modifies, but it is rather easy to fix manually: download and install the latest version of Firefox on top of the existing installation.

» Read More

Malware-infected Mainframe May Have Doomed Spanish Airliner

Posted 08/22/2010 at 6:19am | by Pulkit Chandna

14

Comments

Spanair flight number JK 5022, which crashed seconds after taking off from Madrid's Barajas airport on August 20, 2008, may have been doomed by a malware-infected mainframe responsible for identifying technical snags, it has now emerged. A preliminary probe into the cause of the crash that killed 154 people had pinned the blame on pilot error.

But according to a recent report in Spanish daily El Pais, the malware-toting mainframe may have had a significant role in the crash. A couple of technical problems passed under the radar a day before the crash. However, had the computer been in rude health, it would have not only helped technicians identify the snags but also prompted them to ground the ill-fated plane. An investigation commission is expected to submit its final report in December.

» Read More

Android Gets Its First SMS Trojan

Posted 08/12/2010 at 7:08am | by Paul Lilly

1

Comment

And thus it begins, the era of SMS viruses for Android. That's according to security firm Kaspersky, which earlier this week warned that the first malicious program classified as a Trojan-SMS has been detected for smartphones built around Google's Android platform.

"The new malicious program penetrates smartphones running Android in the guise of a harmless media player application," Kaspersky warns. "Users are prompted to install a file of just over 13KB with the standard Android extension .APK. Once installed on the phone, the Trojan uses the system to begin sending SMSs to premium rate numbers without the owner's knowledge or consent, resulting in money passing from a user's account to that of the cybercriminals."

Called Trojan-SMS.AndroidOS.FakePlayer, Kaspersky says this bit of mischievous (and costly) code has already infected a number of mobile devices. That isn't surprising, considering that the Trojan-SMS category is the most widespread class of malware for mobile phones, Kaspersky claims.

More here.

» Read More

Android Gets its First Trojan

Posted 08/10/2010 at 3:04pm | by Ryan Whitwam

6

Comments

Android has had a few security scares during its meteoric rise to greatness, but this is the first time a software package could accurately be described as a malicious trojan. The malware, called Trojan-SMS.AndroidOS.FakePlayer, appears to be a standard Android application with the .APK file extension. Upon installing, the app will begin sending out SMS messages to premium numbers. This racks up huge charges on customer bills. It could be a big payday for the criminal elements behind this trojan.

This application is not available through the Android Market, it is obtained from outside sources and must be side-loaded onto the phone. This has kept its spread limited to Russia so far. Even if international users were infected, they could not be charged by the premium number being used. In response to the issue Google said in a statement, "Users must explicitly approve this access in order to continue with the installation. We consistently advise users to only install apps they trust. In particular, users should exercise caution when installing applications outside of Android Market."

Is this the beginning of a trend? If this proves to be just the first volley in a campaign to target Android with malware, we might be running mobile security apps out of necessity rather than paranoia.

virus

» Read More

ZeuS Trojan Learns How to Spoof Credit Card Security Popups

Posted 07/15/2010 at 5:06am | by Paul Lilly

10

Comments

The ZeuS banking trojan is back making headlines, this time for hitting up infected machines with fake enrollment screens for both Visa and MasterCard credit cards.

"When you log into your bank, it says you have to enroll in Verified by Visa, that it's regulated now and you have to do it," explains Mickey Boodaei, CEO at Trusteer, a security firm.

This new variant sits in waiting until the potential victim logs into a list of targeted sites. Once they do, the ZeuS trojan uses this and other shenanigans to trick users into forking over not just credit card credentials, but Social Security numbers, personal identification numbers, and other personal info.

» Read More

Hardware Trojans Have Researchers Second Guessing USB Gadgets

Posted 07/05/2010 at 6:07am | by Paul Lilly

3

Comments

Here's a scary thought - while you sit there firing foam projectiles at co-workers, your USB rocket launcher could be harvesting your personal data and sending it to a snooper. What's worse, your security software would be none the wiser.

This would be an example of a hardware trojan, which up to this point were mostly considered to be modified circuits. A hacker might, for example, intercept a microchip while it's still in the factory and code subtle changes into it so that whatever device the chip goes into ends up crashing.

John Clark, Sylvain Leblanc, and Scott Knight, three computer engineers at the Royal Military College of Canada in Kingston, Ontario, set out to prove that a hardware trojan could be sent out by other means, specifically by exploiting a weakness in USB's plug-and-play functionality, New Scientist reports. Because the USB protocol blindly trusts any device being plugged in to honestly report its identity, a hacker would need only to switch it out with a compromised device that reports the same information.

To show that it was possible, the team assembled a keyboard with malicious circuitry that was successfully able to swipe data from the hard drive and transmit it in one of two ways - by sending out Morse code via LED flashes, and by encoding data as a subtle warbling output from the soundcard. The transmission isn't limited to these two examples, however, and could just have easily been sent via email, but the team was more interested in seeing if they could steal information on the sly.

"We've shown any USB device could contain a hardware trojan," says Leblanc. "Security software, if it checks USB devices at all, tends to look only for malware on USB memory sticks."

Leblanc went on to say that "you could mount a hardware trojan attack with a USB coffee-cup warmer," so the next time someone asks how you like your coffee, "malware free" might be an appropriate response.

» Read More

Linux Trojan Avoids Detection for Almost a Year

Posted 06/14/2010 at 4:42am | by Paul Lilly

9

Comments

The tech media has gone into full "told you so" mode after it was discovered that hackers managed to plant a Trojan in the popular Unreal IRC server, proving that Linux users need to worry about malware too.

"This is very embarrassing... We found that the Unreal3.2.8.1.tar.gz file on our mirrors has been replaced quite a while ago with a version with a backdoor (Trojan) in it," an announcement on the Unreal IRC forum states. "This backdoor allows a person to execute ANY command with the privileges of the user running the ircd. The backdoor can be executed regardless of any user restrictions (so even if you have passworded server or hub that doesn't allow any users in)."

While a single outbreak doesn't constitute an insecure OS platform by any stretch of the imagination, perhaps the media has a point. The announcement goes on to state that the "replacement of the.tar.gz occurred in November 2009 (at least on some mirrors," which means it took nearly a year for it to be noticed. What most of the write-ups are insinuating -- and we'll just come out and say it -- is that perhaps this was left unnoticed in the Linux community because of an arrogance that suggests the open source OS is impenetrable. Obviously that isn't the case, but despite reports you may read elsewhere, the opposite isn't true either -- Linux users needn't worry that the sky is falling because of one high profile outbreak.

» Read More

Hackers Disguise Trojan Horse as Windows 7 Compatibility Checker

Posted 05/11/2010 at 5:05am | by Paul Lilly

0

Comments

Be on the lookout for a rogue program masquerading as a piece of software that helps users determine whether or not PCs are compatible with Windows 7, warns security firm BitDefender.

"This actually works because of the interest in Windows 7," said Catalin Cosoi, the head of BitDefender's Online Threats Lab.

BitDefender first discovered the threat on Sunday. At this point, the Trojan is not yet widespread, though BitDefender notes it has been receiving reports of about three installs per hour from its users in the US, Infoworld reports. Like many viruses, this one requires proactive steps on the part of the user, which the malware writers have been able to elicit with the following email:

"Find out if your PC can run Windows 7," the emails read. "This software scans your PC for potential issues with your hardware, devices, and installed programs, and recommends what to do before you upgrade."

Once installed, hackers have free reign over your system, Cosoi warns.

» Read More

Mozilla Confirms Infected Firefox Extensions Slipped Past Security

Posted 02/06/2010 at 4:25pm | by Justin Kerr

11

Comments

Firefox Add-ons

Experimenting with new extensions is part of what makes Firefox great, but if you downloaded either the "Sothink Web Video Downloader", or "Master Filer", you probably snagged a nasty Trojan for your troubles. According to an entry on the Mozilla Blog both these extensions contain code which exploit vulnerabilities in all versions of Windows, and were downloaded close to 5,000 times before being spotted.

The extensions in question were contained in the "experimental" area of the official Firefox add-on site, and while it might seem like little consolation for anyone who got infected, users grabbing extensions from this section are warned before download that this could happen. Mozilla employs a special add-on scanner which supposedly checks all new entries for malicious code, but they were forced to acknowledge that the security process failed. "[Add-ons] performs a malware check on all add-ons uploaded to the site, and blocks add-ons that are detected as such," said yesterday's blog posting. "This scanning tool failed to detect the Trojan."

Mac and Linux users who downloaded these add-on's are unaffected, but anyone who used the extensions in Windows are being warned by Mozilla to delete all traces of the infected file, and run a virus scan. Mozilla is promising to boost the number of times it scans files for malware in the future, and will also step up how often it scans its entire catalog of add-on's.

Does this hurt your trust in Firefox extensions? Or was this bound to happen eventually?

» Read More

Featured Content

50 Maker Faire 2013 Pictures

GeForce GTX 780 Benchmarks

Team Green captures the single-GPU crown, again.

No BS Podcast #203: Nvidia's GeForce GTX 780, reader questions, and an intern rant!

GTX 780 mega-podcast!

Microsoft Announces Xbox One Console

An all-in-one home entertainment device

15 Technology Failures

Duke Nukem Forever, Windows ME, Google Wave, and more!

Connect with MaximumPC

This month's issue

Feature

Budget Builds Battle

Feature

Microsoft Surface Pro

How To

Start a Minecraft Server

Build It

We Cram a Titan into a Small-Form-Factor Rig

Most Commented Articles

327Comments

LulzSec Hacker Receives One-Year Sentence for Sony...

184Comments

Windows 8 Review

157Comments

Windows 8 Sales Reach 100 Million Licenses, Should...

155Comments

Nvidia Calls The PS4 “Low End”

136Comments

PlayStation 4 Announced, Packs 8-Core AMD 'Jaguar...

Latest Max PC Tweets

maximumpc: Episode #203 of the No BS podcast is up - this time around we discuss the GTX 780 and answer your questions: http://t.co/aWaHpQfIbd8 hours 57 min ago
maximumpc: Microsoft hopes Xbox One developers make games unplayable offline - what???? http://t.co/jzVz3PtCcD via @DailyTech16 hours 36 min ago
maximumpc: @R3ality_Ch3ck Thx for the RT!17 hours 2 min ago

MaximumPC on Facebook

Recommendations

Future is AOP and PPA Consumer Digital Publisher of the Year.
MaximumPC is part of Future plc, an international media group and leading digital publisher. We produce content across five core areas:

Technology
- TechRadar
- T3
- Mac|Life
- Gizmodo UK
- More...
Entertainment
- GamesRadar
- CVG
- PC Gamer
- Total Film
- More...
Music
Creative
Sport & Auto
- BikeRadar
- Cyclingnews
- ChopMTB
- TriRadar
- More...

Featured Content

Connect with MaximumPC

This month's issue

Feature

Feature

How To

Build It

Buy Subscription

Most Commented Articles

Latest Max PC Tweets

MaximumPC on Facebook

Technology

Entertainment

Music

Creative

Sport & Auto