Posts Tagged ‘malicious program’

Careto VirusThe viruses black business is raging again: keep your eyes open as two sophisticated threats paralyze computers worldwide.

Kaspersky Lab specialists reported a range of unique Careto virus capabilities has been discovered – the neoteric spawn of evil infects computers regardless of an operating system installed. A Trojan by its very nature, Careto carries myriads of modules in its malicious code, which enables it to be modified effortlessly. Careto nourishes a special interest to credentials, passwords, encryption keys, the network connection data and lots of other stuff. The virus was given such name because of the presence of Careto word in its code that means a ‘mug’ in Spanish. At the moment it is known about the infection cases of both Windows and Mac OS devices. (more…)

Dr. WebThe company “Dr. Web” found a new version of the Trojan Linux.Sshdkit, represent a danger to the Linux servers.

According to statistics compiled by analysts, by far the Trojans from the actions of this family have been affected by several hundreds of servers, some of which are large servers hosting providers.

About the first versions of the malware Linux.Sshdkit company “Dr. Web” reported in February 2012. This Trojan is a dynamic library. In this case, there exist a variety of both 32-bit and 64-bit versions of Linux distributions Linux. After a successful installation in the Trojan into the process of sshd, intercepting the authentication function. After installing the session and successfully entering the user name and password are sent to the attacker’s remote server. (more…)

Banking trojan for Android

Banking trojan for Android

The new banking trojan for Android spread via SMS-phishing.

The company’s specialists McAfee Labs discovered a new Trojan for the bank’s mobile operating system Android, identified by McAfee experts as Android / FakeBankDropper.A and Android / FakeBank.A.

A malicious program that operates mainly in South Korea, the program replaces the legitimate mobile banking provides its customers with local banks.

According to experts, the malware spreads via SMS-phishing. Typically, the mobile device of the victim comes fake an SMS-message, the sender is supposedly the Financial Services Commission. The message contains a request to install a new application on a device to protect against malware.

(more…)

Doctor WebThe company “Dr Web” found a previously unknown functionality in the new malicious program for Facebook.

Trojan.Facebook.311 can not only publish the name of the new user’s status, join groups, post comments, but spamming social networks Twitter and Google Plus.

Trojan Trojan.Facebook.311 is written in JavaScript language for popular web browsers Google Chrome and Mozilla Firefox. Attackers are spreading Trojan using social engineering techniques – unwanted programs to access the system using a special application installer that masquerades as a “security update for watching videos.” It is noteworthy that the installer is digitally signed by the company Updates LTD, owned by Comodo. Add-ins are called Chrome Service Pack and Mozilla Service Pack respectively. In order to spread malicious Trojan created a special page on the Portuguese language, focused, most likely, on the Brazilian users of Facebook. (more…)

Banking Trojan

Banking Trojan

A malicious program disguised as a PDF-document that is sent to users via email.

The MalwareBytes company’s specialists have found banking Trojan that steals passwords, signed by a valid digital certificate issued by DigiCert.

DigiCert representatives confirm a certificate, but claim that it was issued to legally registered companies Buster Paper Comercial Ltda. Licenses are issued in accordance with the guidelines of the digital industry. With the use of certificates from DigiCert clear that they do not apply to malware. Once in DigiCert learned about the illegal activities associated with the certificate, it immediately recalled.

Detected by MalwareBytes malware disguised as a PDF-document, which is sent to the victims alleged in the letter mail and supposedly contains the invoice. As conceived by intruders, a file format will force users to open it, after which the program is installed on a PC keylogger, Steals banking credentials. (more…)

Vulnerability

The new trojan

The most active Trojan spreads in the U.S. state of Kansas. The company Dr. Web found a new malicious program that replaces the search queries. In addition, the Trojan also redirect users to malicious sites.

Once the virus gets on your computer, it creates a copy of itself in the folder% APPDATA% and making some changes to that part of the registry of Windows, which is responsible for the startup applications. Later the Trojans built into all running processes.

“If the Trojan to penetrate a browser process to Microsoft Internet Explorer, Mozilla Firefox, Maxton, Chrome, Safari, Mozilla, Opera, Netscape and Avant, it intercepts function WSPSend, WSPRecv and WSPCloseSocket”, – stated in the notice of experts from Dr. Web . (more…)

Malware Trojan HorseAntivirus companies show an increase of activity of Trojan-cryptographers.

Since October, there is a sharp burst of activity Trojans-encoders. Trojan-encoder is a malicious program that is hitting on your computer, finds his personal files and encrypts them, and then prompts the user to pay a certain amount of payments via mobile or virtual wallets.

The report intruders says that after the user will receive a payment code to decrypt user files, but there are no guarantees of course, no one gives. Furthermore: experience shows that most of the victims did not get their coveted code. Under the encryption can get pictures, videos, music, documents, archives, and even configuration database.

These malicious program encrypts files and display the message to the user that you want to release to transfer an amount to a fraudulent account, sometimes for an account number, you must first submit a request to e-mail. After payment attackers send broken keys, or more often do not send anything. Decrypt a file without knowing the original key, a very difficult task. Especially dangerous Trojans, cryptographers are for-profit organizations, as, for example, lost data databases can suspend the company indefinitely.

The main signs that appeared on your computer Trojan-encoder is to change the file extensions, such as music files, image files, etc., which attempts to open a message from hackers demanding payment for obtaining decryptor. Ability to change the desktop background, the appearance of text documents and windows with the corresponding reports of encryption, the need to legalize software and the like. (more…)

BotnetIn 2007, the attention of researchers of information security has attracted P2P-botnet, created by a malicious program known as the Storm Worm (classified “Kaspersky Lab” – Email-Worm.Win32.Zhelatin).

The authors of “Storm” worm spread their offspring are very active: apparently, they have created an entire factory to create new versions of the malicious program.

Some experts believe that the “Storm” Worm is a malicious program for the construction of a zombie network of new generation. The fact that the bot was designed and distributed by professionals in their field, and the architecture and the protection of zombie networks are well thought out, according to the following characteristics of the “Storm” botnet: (more…)

Android HackedThe malware steals the victim’s phone number and contact list, which is stored on the mobile device.

Representatives of the company Symantec documented Trojan, which is aimed at women users Android-devices. Victims of a malicious program called Loozfon become a resident of Japan.

Initially, the potential victim receives an e-mail inviting them to earn easy money online, or to meet a rich man.

In a letter to offer users to follow a link, when clicked, the device is installed on a fake application «Will you win?», Containing a Trojan. In Symantec noted that the application does not have anything to do with drawing money or to meet wealthy men. (more…)

McAfee: report about threats

McAfee logoYesterday, McAfee released report about threats for of the second quarter 2012. According to the report, this increase in the number of detected malicious program has not been seen for four years. McAfee Labs found 1.5 million more malware than in the first quarter of 2012, and faced with new kinds of security threats, “drive-by downloads” and programs-extortionists for mobile devices, and the use of Twitter to manage mobile botnets.

Using their own methods of analysis and study of threats, McAfee Labs stated rapid replenishment of its “zoo” threats of malware of various kinds. The number of malicious programs has grown at a rate of approximately 100,000 samples each day. In the report, McAfee identified the main types of malware, pose a threat to a large number of users across the world. (more…)