Botnet

Sabpab Mac OS X backdoor Trojan

by certifiedbug on April 13, 2012

in Internet Security

Graham Cluley
Sophos

“The Sabpab Trojan horse exploits the same drive-by Java vulnerability used to create the Flashback botnet.”
http://nakedsecurity.sophos.com/2012/04/13/sabpab-new-mac-os-x-backdoor-trojan-horse-discovered/

http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

{ 0 comments }

Researchers Estimate 600,000 Macs infected by Flashback Trojan

by certifiedbug on April 10, 2012

in Internet Security

Apple

8 views…

http://support.apple.com/kb/HT5244

Forbes
4/06/2012

For anyone who doubted that Apple’s long grace period with cybercriminals is over, doubt no more: On Friday, researchers at Russian antivirus firm Kaspersky confirmed findings from another security firm earlier this week that more than 600,000 computers running Mac’s OSX are infected with the Flashback botnet, and half of those machines are in the United States.

http://www.forbes.com/sites/andygreenberg/2012/04/06/researchers-confirm-flashback-trojan-infects-600000-macs-being-used-for-clickfraud/

Krebs On Security

The current custodian of Java – Oracle Corp. – first issued an update to plug this flaw and others back on Feb. 17. I suppose Apple’s performance on this front has improved, but its lackadaisical (and often plain puzzling) response to patching dangerous security holes perpetuates the harmful myth that Mac users don’t need to be concerned about malware attacks.

http://krebsonsecurity.com/2012/04/urgent-fix-for-zero-day-mac-java-flaw/

Forbes
4/09/2012
http://www.forbes.com/sites/andygreenberg/2012/04/09/apple-snubs-firm-who-discovered-mac-botnet-tries-to-cut-off-its-server-monitoring-infections/

Kaspersky Lab

“The three month delay in sending a security update was a bad decision on Apple’s part,” said Kaspersky Lab’s Chief Security Expert, Alexander Gostev. “There are a few reasons for this. First, Apple doesn’t allow Oracle to patch Java for Mac. They do it themselves, usually several months later. This means the window of exposure for Mac users is much longer than PC users. This is especially bad news since Apple’s standard AV update is a rudimentary affair which only adds new signatures when a threat is deemed large enough. Apple knew about this Java vulnerability for three months, and yet neglected to push through an update in all that time! The problem is exacerbated because – up to now – Apple has enjoyed a mythical reputation for being ‘malware free’. Too many users are unaware that their computers have been infected, or that there is a real threat to Mac security.”

http://www.kaspersky.com/about/news/virus?time=1333224000

{ 0 comments }

Koobface command and control servers silent

by certifiedbug on January 19, 2012

in Internet Security

H Security

The Koobface network is apparently down, according to Facebook. Ryan McGeehan, Facebook security official, told Reuters that the company’s decision to expose the five men alleged to be behind the malware had had an effect within 24 hours: “The thing that we are most excited about is that the botnet is down.” Yesterday, Facebook decided to publish the names of alleged gang members based on details of research carried out in 2009-2010 by two German researchers. One of the researchers works for Security company Sophos, which pre-empted Facebook’s announcement by publishing the report.

http://www.h-online.com/security/news/item/Koobface-C-C-goes-silent-after-alleged-controllers-exposed-1416869.html

{ 0 comments }

Koobface malware gang exposed

by certifiedbug on January 17, 2012

in Internet Security

H Security

The five men behind the Koobface worm, which spreads over Facebook and other social networks, hide in plain sight, living comfortably in St Petersberg, Russia, according to Facebook investigators and other security researchers.

http://www.h-online.com/security/news/item/Koobface-gang-to-be-exposed-by-Facebook-1414813.html

IDG News Service -
http://www.computerworld.com/s/article/9223484/Facebook_researchers_turn_up_heat_on_Koobface_gang

{ 0 comments }

Microsoft: Rustock Civil Case Closed

September 22, 2011

The Official Microsoft® Blog Rustock Civil Case Closed: Microsoft Refers Criminal Evidence to FBI 22 Sep 2011 As you may have read in this morning’s edition of CNET, on Sept. 13th, Judge James L. Robart, of the U.S. District Court for the Western District of Washington ruled that the domain names and Internet protocol addresses [...]

Read the full article →

TDSS botnet sophisticated threat

September 7, 2011

Krebs on Security The TDSS botnet is the most sophisticated threat today, according to experts at Russian security firm Kaspersky Lab. First launched in 2008, TDSS is now in its fourth major version (also known as TDL-4). The malware uses a “rootkit” to install itself deep within infected PCs, ensuring that it loads before the [...]

Read the full article →

Scareware Industry lull

August 3, 2011

Another great article from Brian Krebs. Fake Antivirus Industry Down, But Not Out Many fake antivirus businesses that paid hackers to foist junk security software on PC users have closed up shop in recent weeks. The wave of closures comes amid heightened scrutiny by the industry from security experts and a host of international law [...]

Read the full article →

Microsoft Offers $250,000 Reward for Information on Rustock

July 18, 2011

The Official Microsoft Blog Posted by Richard Boscovich Senior Attorney, Microsoft Digital Crimes Unit 18 Jul 2011 Last month, I shared with you that the Rustock botnet has remained inactive since Microsoft and its partners took it offline on March 16th. Today, we take our pursuit a step further. After publishing notices in two Russian [...]

Read the full article →

Microsoft-New Threat Data on Rustock

July 6, 2011

Since successfully taking down the Rustock botnet on March 16th, Microsoft has continued to analyze the threat, investigate leads on the operations and owners of the botnet and work with Community Emergency Response Teams (CERTs) and Internet Service Providers (ISPs) worldwide to help the legitimate owners of Rustock-infected computers to clean their computers of malware. [...]

Read the full article →

McAfee-How I became a Zombie

June 23, 2011

Botnets Demystified and Simplified Let’s face it: Most people–even folks in the security industry–have a hard time explaining botnets (robot networks of infected computers) in a way that your Uncle Joe or Aunt Betty can understand. Is it really a big deal? Yes, it is. With the rapid growth in malware and bot infections we’re [...]

Read the full article →

← Previous Entries