Malware

F-secure is reporting on new malware found for OS X, which appears to be a backdoor application that so far is known to take screenshots of the user's computer and then attempt to upload them to remote servers. The malware is being called OSX/KitM.A.

It's a small application called macs.app and was found on the Mac of an African activist who was a member of of the Oslo Freedom Forum. When installed, the application is appended to the current Mac user's log-in items so it runs whenever the affected user account is logged in. … Read more

Microsoft has issued a warning that a new piece of malware masquerading as a Google Chrome extension and Firefox add-on is making the rounds, threatening to hijack Facebook accounts

First detected in Brazil, Trojan:JS/Febipos.A attempts to keep itself updated, just like normal, legitimate browser extensions, Microsoft noted in a security bulletin late Friday.

Once downloaded, the Trojan monitors whether the infected computer is logged into a Facebook account and attempts to download a config file that will includes a list of commands for the browser extension. The malware can then perform a variety of Facebook actions, including … Read more

MacWorld is reporting that a program on the iOS App Store may be detected as containing malware, but in analysis the program is not considered to be malicious.

After its readers wrote in about the potential of malware in a game called Simply Find It that is available on the iTunes App Store, MacWorld confirmed traces of nonfunctional Trojan horse malware embedded in an MP3 file used by the program, which shows an HTML iframe reference to a potentially malicious (but currently unresponsive) Web page.

This is not the first time that malwarelike activity has been found in programs in … Read more

One of the ongoing malware sagas is a political fight that is targeting Uyghur activist groups in China, where spam e-mail laced with backdoor Trojan horse malware has been continuously delivered to members of these groups in an Advanced Persistent Threat attack.

This week, security company F-secure uncovered yet another variant of this attack being used.

Like prior ones, the new variant takes advantage of old vulnerabilities in Microsoft Word, by sending attachments that will embed the malware in the affected system if the document is opened in an unpatched version of Word.

The malware used has changed a little … Read more

Internet users are seeing less spam but more targeted attacks, according to security software company Symantec.

Looking at last year's security landscape, Symantec's Internet Security Threat Report 2013 found that traditional spam accounted for 69 percent of all e-mail in 2012, down from 75 percent in 2011. Yet, 30 billion spam messages are still sent on a daily basis.

Junk e-mails that hawk sex or dating products and services now account for 55 percent of all spam, taking the top spot away from pharmaceutical spam.

Malware is also part of one out of every 291 e-mail messages, with … Read more

South Korea has accused North Korea of launching a recent cyberattack that hit tens of thousands of PCs.

A spokesman for South Korea's Internet agency said today that six computers in North Korea were identified as the source of the attack, according to The Guardian. Those computers used more than 1,000 IP addresses from across the world to infect 48,000 PCs and servers at South Korean banks and broadcasting stations.

The spokesman told the Associated Press that the attack mimicked past hacking attempts by North Korea and pointed the finger at an espionage agency run by the military. … Read more

In September 2011, security companies first noticed a new malware scam for OS X, which posed as a fake Adobe Flash installer, and hence became known as Flashback. Unlike prior scams, this malware took on some new approaches to tricking users by infecting common browsers, disabling Apple's XProtect system, and eventually morphing into a Java-based exploit that resulted in approximately 600,000 Macs being infected worldwide.

The Flashback malware has been seen as one of the more widespread and successful attacks on the OS X platform, but while it was eventually snuffed out a year later, it left everyone … Read more

South Korea apparently still has a mystery on its hands. Who launched a cyberattack against several of its banks and broadcasters this week?

Regulators for the country initially pointed the finger at China, saying that the attacks originated from a Chinese IP address. But they admitted today that they jumped the gun.

The IP address used in the attack was actually traced to one of the banks hit on Wednesday. South Korea's NongHyup Bank had been using the address as a virtual one for its internal network, according to Reuters. By coincidence, that address matched one registered in China.… Read more

Security company Dr. Web is reporting on a new adware Trojan attack that is targeting Mac users, where malicious Web sites will trick users into installing a plugin that will track your browsing and display ads to you.

The malware, called "Yontoo," will be first encountered as a media player, download manager, or other plug-in requirement for viewing contents on some maliciously crafted Web sites disguised as sources for file sharing and movie trailers. When the plug-in prompt is clicked, you're redirected to a site that downloads the Trojan installer and requires you to run it. The … Read more