If you were just cruising around the web today and got hit smack in the face with a Google Chrome malware error, you weren’t the only one. A whole number of sites from such as imgur, DeviantArt, The San Francisco Chronicle, and YouTube were blocked for many users citing malware from us.bernerverein.ch. More »
This week the Botnet known as Bamital has been reported dead by the two warriors that claim to have killed it: Symantec and Microsoft. This report shows that the death of said botnet will take down its abilities in full: hijacking search results galore being the main evil this Bamital creature was working with. Each time a user in the line of fire searched for something using search engines from whens they’d be sent to a malicious 3rd party site, having malware installed from that point.
Microsoft has made it clear that their research pushes Bamital far beyond the average malicious attack on the public. What they’ve found suggests that a whopping 8 million computers had been affected by Bamital over the past two years alone, including many of the most major search engines. If you’d been using Microsoft’s Bing, Yahoo, Google, or a variety of other smaller engines over the past two years, Microsoft and Symantec are saying this week that you were at risk – but that you aren’t any longer.
That said, there are still users out there with the malware already on their computers. For those folks, Microsoft has provided their Virus and Security Solution Center for remote help. This is a continuation of what Microsoft calls their MARS initiative, aka Microsoft Active Response for Security.
The other big name you’ll want to know if you’re tracking such things is Operation b58. This code-name is the one associated with Symantec and Microsoft taking down Bamital, and is the sixth “botnet disruption operation” Microsoft has initiated in three years. That’s a whole ‘lotta botnet bunker busting! And it’s not just about sitting at home and keying in to the malware tossers from afar – Microsoft has provided photos of, for example, Microsoft DCU’s Richard Boscovich and Craig Schmidt working with a “third-party cyberforensics expert” securing a lovely collection of evidence of the Bamital botnet down in New Jersey at a web-hosting facility that will remain nameless (that’s the image you’re seeing above).
The image you see above with the yellow dot web sort of graphic is what Microsoft describes as Figure 28. This map was included in a legal declaration filed by Microsoft DCU’s Craig Schmidt (also pictured above) in Operation b58. It shows what happens when a computer infected with Bamital sees when they search in Bing for the word Chrome – ads, ads, and more ads. Fun stuff!
[via Microsoft]
Bamital Botnet destroyed: Microsoft, Symantec victorious is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
It sounds like the plot of a movie: two major software corporations join together to shut down an evil global cyber crime operation and engage in wacky hijinks along the way. While the latter can be neither confirmed nor denied, according to an exclusive report by Reuters, Microsoft and Symantec did shut down servers that had been controlling hundreds of thousands of PCs without their users being any the wiser. More »
Installing malware on your smartphone devices is something no one wants to do, but it does happen, especially for Android owners. A new Android malware has been uncovered that not only affects your Android device, but it’s also capable of targeting a user’s PC in order to spy on them.
The Android malware is called “DroidCleaner” and poses as an application to help free your Android device’s memory by “cleaning” the device. Researchers at security firm Kaspersky Lab discovered the application and say the malware infects the user’s device and can even infect their computer if they plug the infected device into it.
By Ubergizmo. Related articles: Fujitsu Has New File Transfer Method, Huawei Press Conference Live, 
In the race to the starting line, BlackBerry pulled out all the stops in order to deliver an app library that’s 70,000 strong, but now the firm’s looking to Trend Micro in an effort to keep malicious software at bay. Specifically, the phone maker will begin scanning all current and future BlackBerry World apps with the Trend Micro Mobile Application Reputation Service, a cloud-based solution that’ll exist alongside BlackBerry’s current security measures. In addition to scanning the code of an app, the service will watch for fishy behavior such as excess battery drain and abnormal resource consumption.
Alongside this announcement, BlackBerry also hinted about a service from Trend Micro that scans URLs, emails and files for potential threats. It’s currently unclear whether implementation of this service would require some form of software update, but given the privacy implications at play, it’ll be interesting to learn whether end users can disable the feature. Power to the people, right?
Filed under: Cellphones, Software, Mobile, Blackberry
It’s one thing when malware attacks your phone, but it’s another when that same malware hops over to your PC and then uses it to listen in on all your conversations on top of just messing with your phone. A newly discovered Android app—one that’s in the Google Play store—can do just that. Beware. More »
Three men involved in creating and distributing the “Gozi” virus that infected over one million computers worldwide have been officially charged today. The group’s hack allowed them to steal millions of dollars from users over a five-year period, stealing passwords and various banking information, like credit card numbers and bank account information.
The virus was first discovered by US cyber security experts back in 2007, and it’s described as “one of the most financially destructive computer viruses in history.” but the operation actually continued well into 2012. The mastermind behind Gozi, Nikita Kuzmin, was arrested in the US in November 2010 and pled guilty to computer intrusion and fraud charges in May 2011.
As for the two other co-conspirators, Deniss Calovskis and Mihai Ionut Paunescu, Calovskis was arrested in Latvia in November 2012 and Paunescu was arrested in Romania last month. Extradition proceedings for both of them are ongoing as we speak, and they face up to 67 and 60 years in prison, respectively, while Kuzmin faces up to 95 years in the clink.
The Gozivirus infected around 40,000 computers in the US, with 160 of them belonging to NASA, according to court documents. When the virus was discovered in 2007, cyber security expert Don Jackson went undercover in Russian chat rooms to try and obtain a version of the virus for testing purposes. He actually ended up getting several offers for a few thousand dollars each, but ended up severing communication before a deal was made.
[via ABC News]
Image via Flickr
Three charged over “Gozi” computer virus is written by Craig Lloyd & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
Earlier this week, a sophisticated, capable, and seemingly freelance cyber-spying operation called Red October burst onto the scene. Well, it’s probably been around for years, but we all only just found out about it. Now, it’s already disappearing. After having the light shined on it, it’s darting back into the shadows. More »
It’s come to light that two US power plants were hit by malware attacks in 2012, after employees used infected USB sticks. More »
According to the Homeland Security Department, multiple power plants in the United States were affected by malware during the beginning of October 2012. While details are relatively scarce, it was revealed that one of the power plants had been infected via a USB flash drive. The infection happened during a software update.
The power plant infected by the USB drive ended up staying offline for three weeks while the issue was fixed. The malware had been introduced via the USB drive of an outside technician who was performing software updates, and was an identity theft trojan. The malware managed to infect approximately 10 computers.
A second power plant that was also infected had malware on multiple computers, some of which were involved with the plant’s operations. Unlike the other plant, no information was provided on how this malware made its way onto the workstations. The first power plant did not have properly updated antivirus software.
The Industrial Control Systems Cyber Emergency Response Team said this in a report. “ICS-CERT’s onsite discussions with company personnel revealed a handful of machines that likely had contact with the tainted USB drive. These machines were examined immediately and drive images were taken for in-depth analysis. ICS-CERT also…discovered signs of the sophisticated malware on two engineering workstations, both critical to the operation of the control environment.”
[via USA Today]
Multiple power plant workstations slammed by malware is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.
This is site is run by Sascha Endlicher, M.A., during ungodly late night hours. Wanna know more about him? Connect via Social Media by jumping to about.me/sascha.endlicher.
