The dark corners of shady Internet bars just became a whole lot safer thanks to Microsoft. The boys and girls in Redmond noticed a disturbing trend towards the end of 2010; the rate of infection due to malware spread via Autorun was skyrocketing. Rather than shrugging their shoulders and telling Symantec to deal with it, the company released an update in February that disabled most Autorun functions on Windows PCs. Four months later, the results are in – malware authors looking to slip your computer a mickey via infected flash drives had better start looking at Linux instead.
Windows PCs don't exactly have a reputation for security, but Microsoft's trying to change that. When smug know-it-alls claim that Windows PCs have more viruses than a public toilet, Microsoft points to the PatchGuard driver signing system on 64-bit Windows as their way of saying "Nuh-uh!" PatchGuard keeps the baddies from getting high-level privileges on Windows machines. Bad news: Kapersky's reporting that a new malware program that targets Windows 64-bit users has figured a way around the protection.
Mac users like to flaunt their supposed security in the face of PC enthusiasts all the time. "Spyware? Viruses?" they ask, usually while gently sipping tea with one pinky raised. "Oh, no. Macs don't get those." Given the snootiness, we can help but smile when we imagine them sputtering and spitting out said tea in the wake of the Mac Defender malware that began making the rounds earlier this month. Today, ZDNet claimed that Apple explicitly told its support techs not to help users remove the infection. Where's your Steve Jobs worship now?
Have you ever seen a Panda gloat, one that wasn't played by Jack Black? You have now. Panda Security today announced to the world that its Panda Internet Security 2011 software has been certified by AV-Test.org in its Q1 2011 Product Review and Certification Report. This kung-fu Panda of a different sort put the hurt on malware, detecting 100 percent of samples in AV-Test.org's malware batch, as well as those from its 'in the Wild' list, Panda Security says.
So the big news over the weekend is that U.S. forces tracked down and killed Osama bin Laden in a gunfight, who was later buried at sea. To be clear, the 'PC' in 'Maximum PC' doesn't stand for 'Politically Correct' or else we'd be all over this. Rather than open that can of worms, as topics on politics, religion, and capital punishment tend to do, we'll instead point out that scammers are using bin Laden's death to spread malware. Color us not the least bit surprised.
There's a bit of debate on what exactly qualifies as the world's first computer virus, especially since the term, as it applies to computer code, didn't exist in the early days of computing. Many, however, credit the Creeper virus as being the first, which spawned this day 40 years ago (1971). Anyone feel like celebrating?
As if most malware weren't crafty enough, there are signs that indicate a certain amount of conspiring between attackers, making the latest threats even more difficult to detect. What's more, February proved a particularly busy month for malware, with Trojans, botnets, and spam all seemingly on the rise compared to previous months.
There's a new piece of malware making the rounds, one that could get more dangerous with time. It's a Trojan called "OddJob," and eastern European cybercriminals are using it to steal from online bank accounts in the U.S., ComputerWorld reports. That in and of itself isn't anything new, but according to Amit Klein, chief technology officer at security firm Trusteer, the way it's hijacking account information is different than most other malware.
With Valentine's Day less than a month away, you may want to think about how you'll celebrate the occasion with your significant other. We're not jumping to conclusions on where your relationship is at, but if preparation includes brushing up your knowledge of the Kama Sutra, be sure to consider the source.
According to security firm Sophos, a new Kama Sutra PowerPoint is making the rounds, one that promises to demonstrate different sexual positions. That promise is fulfilled, though you'll walk away with more than you bargained for, namely malware.
"The malware comes as a file called Real kamasutra.pps.exe (the old double-extension tricks)," Sophos warns. "In other words, you may think you are directly opening a PowerPoint slideshow, but in fact you're running an executable program.
"The PowerPoint slide deck (which ironically is itself 'clean' from the malware point of view) is then dropped onto your Windows PC as a decoy while malware silently installs onto your computer as AdobeUpdate.exe, alongside some other components (called jqa.exe and acrobat.exe)."
This particularly nasty bit of malware is flexible in what it can do, from using your PC to send out spam to spying on your activities, installing revenue generating adware, and even steal your identity, Sophos says.
Yahoo News is reporting today that as many as 1 million Chinese mobile phone users are infected with a new SMS trojan. The target operating system has not been mentioned in any of the reports (we'd guess Android or Symbian), but the effects of the virus are well reported. Once a phone is infected, it transmits the contact list to the virus authors, then begins sending out spam SMS messages to contacts with links leading to malware. It also sends messages to premium rate numbers. This has apparently racked up $300,000 bills in some cases.
To add insult to injury, the virus is masquerading as an antivirus app to lure in new victims. Chinese authorities have tracked down the company that allegedly made the antivirus app, but they claim no involvement with the trojan. They insist they are victims of the evil-doers as well.
As if things couldn't get worse, other malware authors have begun copying this virus to create their own mobile cash machines. The day might be coming when antivirus apps are an unavoidable necessity on smartphones.