Hasta La Gadget!

If you happened to get in on the Bad Piggies action recently, let’s hope you didn’t accidentally download and install the fake version in the Google Chrome Web Store. It turns out over 80,000 Chrome users are now being affected by the adware, which installs a plug-in that displays advertisements when you visit popular websites.

Not only does the plug-in introduce you to a handful of pesky advertisements, but once you give the app permission to “access your data on all websites”, the plug-in can be used to steal personal information like email addresses and credit card information.

Security company Barracuda Networks discovered the fake app and have issued a statement and a report on the unfortunate situation. They suggest that those who are affected should uninstall the fake app immediately and change their passwords on other websites. Hopefully, the plug-in wasn’t able to do a lot of damage, but who’s to say what personal information it gained from the 82,000 users it affected.

The security company also discovered that some of the plug-ins are from www.playook.info, which is a maker of “free” flash games, but Barracuda Networks took a look at the site’s Whois records and it revealed nothing. They say that hiding behind Whoisguard is considered a very suspicious thing for a business to do. So, if you’re wanting to play Bad Piggies, be sure to go to the source to download and install it. Happy gaming!

[via Pocket Gamer]

Fake Bad Piggies app infested 82,000 Google Chrome users with adware is written by Craig Lloyd & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

The FTC today froze the assets of 14 companies involved in a long-term scam. These companies, usually based in India, cold-called up English-speaking consumers posing as a representative of a major tech company, such as Microsoft, Symantec (makers of Norton Antivirus), and Dell. Using the credibility that they stole posing as representatives of a tech company, they told the marks that their PCs (usually Windows) were infected with nasty malware. Regardless of whether the PC was actually infected or not, the scammers offered to clean the machines, but not for free. Usually the scammers asked for $50-$500 in exchange for “cleaning” the computer. (more…)

By Ubergizmo. Related articles: iPhone 5 email scam in full swing, “Lady Gaga found dead in hotel room” is a scam,

As society begins to rely more and more on the smartphones and mobile devices in our everyday lives, there are many who aren’t thinking about the security risks that come along with having a constantly connected computer in your pocket. The Naval Surface Warfare Center in Crane, Indiana and a group of scientists at Indiana University just reminded us that security should be a major concern, however, in developing a particularly nasty bit of malware for phones running Android 2.3 and later.

What does the malware do, exactly? It hijacks your phone’s camera, snapping pictures of your surroundings and sending them back to an offsite server, where malicious folks could use the images to construct a 3D image of your location. Why would they want to do that? To make stealing your stuff easier. Named PlaceRaider, the malicious program runs in the background, muting your phone while snapping images so you don’t hear the shutter sound. In short, you probably won’t have a way of knowing if you’ve downloaded PlaceRaider, even as it snaps pictures of your surroundings and gives crooks a better look at what’s worthy of stealing.

It doesn’t stop there though, as all of the photos are sent through a filter to ensure that pictures that are blurry or dark don’t make it into the 3D image. PlaceRaider can even use the sensors on your phone to figure out its orientation and pinpoint your position.

That would be absolutely terrifying, but the good news is that this piece of malware was developed as a test to see what kind of security flaws exist and are ready to be taken advantage of. Naturally, there will be some out there who think that the government will actually use this to spy on its citizens, but for now, we’re willing to give the US Navy and the folks at Indiana University the benefit of the doubt. The developers installed the malware on Android phones and then handed them off to 20 unsuspecting subjects, asking another group of test subjects to build 3D models of the rooms from the pictures that were snapped. They did, and discovered that it’s pretty easy to steal personal information – such as banking information on personal checks or crucial business secrets – from the pictures and models alike.

Though PlaceRaider was developed and tested on Android, its developers say in the study that it could very easily generalize to other platforms, such as iOS or Windows Phone. On the upside, additional security measures taken by both manufacturers and users could do a lot to stop malware like PlaceRaider from, you know, ruining your life. For instance, manufacturers could make it impossible for the shutter sound to be muted, while an antivirus program could scan the smartphone to make sure there isn’t anything fishy going on in the background. At the very least, it’s probably a good idea to do a little checking around before downloading an app that seems suspicious, which is a good way to avoid the malware problem altogether.

[via Technology Review]

US Navy helps develop scary PlaceRaider smartphone malware is written by Eric Abent & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

If you’re an IT security nerd specialist holed up in some corporation’s basement, you probably don’t find this real-time visualization of the world’s cyber attacks to be beautiful. But the rest of us can sit back and appreciate the eye candy. More »

It seems that there’s more than two out-of-control computer viruses roaming around the Middle East. Security researchers think that a further three could be operating “at large,” with one positively identified on machines in Iran and Lebanon. Teams from Symantec and Kaspersky have separately found that the Flame malware had the electronic equivalent of a “handler,” a program called NEWSFORYOU, which is also in charge of three viruses that are code-named SP, SPE and IP. The two teams have been unsuccessful in finding a sample of the trio for analysis and despite finding a cache of data on a command-and-control server, decoding it is “virtually impossible.” While both security companies have declined to point a finger as to their origin, Reuters’ sources suggest the United States, while The Washington Post has been told that the project was a joint-enterprise with Israel — in keeping with the existing narrative that the pair were behind Stuxnet.

Filed under: Networking, Internet, Alt

Security researchers dissect Flame’s handling program, find three new viruses ‘at large’ originally appeared on Engadget on Mon, 17 Sep 2012 13:51:00 EDT. Please see our terms for use of feeds.

Permalink   |  Reuters, Kaspersky, Symantec  | Email this | Comments