“2010 was a big year for Internet crime with botnets and targeted attacks becoming headline news on an almost weekly basis. The public disclosure of international organizations such as Google, Adobe, Juniper Networks and many others succumbing to what would eventually be labeled as “Operation Aurora” kicked off the year and revealed that “sophisticated”, “advanced” and “persistent” malware were now every-day inclusions of the criminals toolkit.”
Read from Damballa
Posts tagged “Malware”
According to a report released on Wednesday by McAfee, five multinational oil corporations have experienced cyber attacks on their computer networks. The command and control attacks have been attributed to hackers in China. A comparison has been made with these recently announced attacks at the sophisticated GhostNet and Shadow malware networks, which were both revealed by a research team at the Citizen Lab.
From The New York Times
“According to data released by EUROSTAT, the European Union’s statistics agency, one third of internet users in the EU caught a computer virus, despite the fact that 84% of internet users used IT security software (anti-virus, anti-spam or firewall) for protection.
In 2010 in the EU27, a large majority of individuals (84%) who used the internet in the last 12 months stated that they used an IT security software or tool to protect their private computer and data. Among the Member States, more than 90% of internet users in the Netherlands (96%), Luxembourg, Malta and Finland (all 91%) used IT security software, while it was less than two-thirds in Latvia (62%), Romania (64%) and Estonia (65%).”
From ZD Net
“Almost one third of internet users in the European Union caught a PC virus despite the majority having security software installed, statistics show.
Viruses were most prevalent in Bulgaria and Hungary, the survey of 30 countries reveals.
The 2010 figures, released by the EU’s statistics office to mark Internet Safety Day, show the safest countries were Austria and Ireland.”
From BBC News
“Malware is big business. Malware writers and attackers are just the most visible parts of the ecosystem; there are many invisible moving parts behind the scenes that are rarely seen or described. Now, a complete picture of the business model and inner workings of the malware industrial complex is emerging.”
From Threat Post
“”The acting head of Iran’s Atomic Energy Organization said reports of major damage to the Bushehr plant were a malicious campaign by countries hostile to Tehran’s nuclear program, but that they should be looked into in any case.
Many analysts believe Stuxnet was a cyber attack by the United States and Israel aimed at disabling Iran’s nuclear equipment and slowing down a program they believe is aimed at making nuclear weapons, something Tehran denies.”
“In 2008, monks in the Office of the High Dalai Lama had a strange feeling someone was reading their e-mail.
Discretely, the monks started making inquiries with Western security experts. They wound up at the doorstep of Information Warfare Monitor, a group of researchers based at the University of Toronto and led by a political scientist named Ronald J. Deibert.
Named one of Esquire’s “best and the brightest” a year earlier, Deibert was known as a passionate champion of online political freedom. He jumped at the chance to investigate security lapses threatening one of the highest-profile religious leaders on the planet.
Information Warfare Monitor investigators found the Dalai Lama’s network (and, ultimately, those of more than 100 countries) had been infected with malware — malicious software that covertly infiltrates a computer system.”
“Smartphones running Android try to prevent the sort of viruses and Trojans that plague PCs by carefully walling off which of the phones’ features and data applications can access. But one team of researchers has demonstrated that a clever piece of malware can listen through the walls–literally.
Six researchers at Indiana University and the City University of Hong Kong have created a proof-of-concept program called Soundminer that’s capable of using a phone’s mic to listen out for credit card numbers. When a user either speaks or types their credit card’s digits into the phone, Soundminer parses the audio file, interprets the numbers, and sends them to another app that passes them on to a remote server.”
“Zero Day blogger and malware researcher Dancho Danchev (right) has gone missing since August last year and we have some troubling information that suggests he may have been harmed in his native Bulgaria.
Dancho, who was relentless in his pursuit of cyber-criminals, last blogged here on August 18. His personal blog has not been updated since September 11, 2010.
At ZDNet, we made multiple attempts to contact him, to no avail. Telephone numbers are going to Bulgarian language voicemails and our attempts to reach him via a snail mail address also came up empty.”
“The phones in many people’s pockets today are miniature personal computers, and they are just as vulnerable as PCs to viruses, malware, and other security problems. But research presented at a conference in Germany last week shows that phones don’t even have to be smart to be vulnerable to hackers.
Using only Short Message Service (SMS) communications—messages that can be sent between mobile phones—a pair of security researchers were able to force low-end phones to shut down abruptly and knock them off a cellular network. As well as text messages, the SMS protocol can be used to transmit small programs, called “binaries,” that run on a phone. Network operators use these files to, for example, change the settings on a device remotely. The researchers used the same approach to attack phones. They performed their tricks on handsets made by Nokia, LG, Samsung, Motorola, Sony Ericsson, and Micromax, a popular Indian cell-phone manufacturer.”
From Technology Review