Hasta La Gadget!

Today’s malware has a deadline: get rid of DNSChanger now, or come Monday, July 9, you may find yourself without access to the internet altogether. Hundreds of thousands of computers around the world have been infected by the trojan, which changes DNS settings – among other things – so as to route web traffic through compromised servers. Now, the FBI is preparing to pull the plug on those servers – and many people’s internet connection with them.

Since the FBI and other law enforcement agencies seized control of the botnet behind DNSChanger, a temporary DNS server network has been running in its stead so as to keep infected users online. That network will cease operating on Monday.

“The botnet operated by Rove Digital altered user DNS settings, pointing victims to malicious DNS in data centers in Estonia, New York, and Chicago. The malicious DNS servers would give fake, malicious answers, altering user searches, and promoting fake and dangerous products. Because every web search starts with DNS, the malware showed users an altered version of the Internet” DNSChanger Working Group

The best news is, checking for a DNSChanger infection on your system and, if found, getting rid of it is straightforward. First step is heading to dns-ok.us in your browser: that will tell you whether or not there’s a sign that your computer has been infected. If it’s green, you’re in the clear (though it’s probably still worth forwarding this article on to friends and family – particularly net-confused parents – who might need some assistance checking their own machines).

If it’s red, however, you have a DNSChanger problem. Thankfully there are multiple options to get rid of it: Microsoft has a tool, as do key anti-virus vendors such as McAfee and Norton. There’s a full list of them here, and usually it’s just a case of downloading and running an app to get your computer back on an even keel.

PSA: Evict DNSChanger now or lose the web Monday is written by Chris Davies & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

You could call it technological baptism of sorts… just not the kind Apple would want. A Russian scam app known as Find and Call managed to hit the App Store and create havoc for those who dared a download, making it the first non-experimental malware to hit iOS without first needing a jailbreak. As Kaspersky found out, it wasn’t just scamware, but a trojan: the title would swipe the contacts after asking permission, send them to a remote server behind the scenes and text spam the daylights out of any phone number in that list. Thankfully, Apple has already yanked the app quickly and explained to The Loop that the app was pulled for violating App Store policies. We’d still like to know just why the app got there in the first place, but we’d also caution against delighting in any schadenfreude if you’re of the Android persuasion. The app snuck through to Google Play as well, and Kaspersky is keen to remind us that Android trojans are “nothing new;” the real solution to malware is to watch out for fishy-looking apps, no matter what platform you’re using.

[Image credit: C Jones Photography (wallpaper)]

Spam-happy iOS trojan slips into App Store, gets pulled in rapid fashion originally appeared on Engadget on Thu, 05 Jul 2012 17:29:00 EDT. Please see our terms for use of feeds.

Permalink MacRumors  |  Kaspersky, The Loop  | Email this | Comments

Malware has increasingly become a problem for Android, with most malicious apps intended to send premium text messages in the background that will rack up a nasty phone bill. Android might also be used to setup botnets and send spam emails, according to Terry Zinck’s blog on MSDN. He discovered that standard spam email messages were being sent from Yahoo! Mail servers on Android devices.

Zinck took a closer look at the header information and signatures that were being sent out with the spam. All the messages come from compromised Yahoo! accounts and sent through Yahoo! Mail servers, and all also seem to finish with the “Sent from Yahoo! Mail on Android” signature. Zinck postulates that a hacker has developed a botnet that can access Yahoo! Mail accounts on Android devices and send spam messages as a result.

Yahoo! does provide the IP address of where the emails came from, with origin countries including Chile, Indonesia, Lebanon, Oman, Philippines, Russia, Saudi Arabia, Thailand, Ukraine, and Venezuela. The odds of downloading a malicious app on the Play Store are extremely low, so Zinck believes that users are tracking down pirated versions of apps to avoid paying, or have acquired a fake version of the Yahoo! Mail app.

Yahoo! email spam linked to Android botnet is written by Ben Kersey & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

If you didn’t know, the Dalai Lama is a Mac user. He also happens to be an advocate for an ethnic Turkish group spread throughout Eastern and Central Asia who are embroiled in a human rights battle with the Chinese government. The combination of these two factors have security firm Kaspersky Labs believing that a new backdoor exploit found on Macs is targeted specifically towards his high holiness and Uyghur people he’s advocating for. More »

Google has improved the security of its Face Unlock feature for the upcoming Android 4.1 Jelly Bean release. The feature was first introduced with Android 4.0 Ice Cream Sandwich as a way to unlock your phone through face recognition. However, it was quickly discovered that it could be tricked by a using a photo of the person.

With Jelly Bean, Google is adding a new option called Liveness Check for the Face Unlock feature that will require you to blink in order to unlock your device. The face recognition portion of it is faster than before and a message is then displayed asking you to “Blink now.” Your device then unlocks once you blink.

To add this feature, you will need to check the box in the security section of the settings on your device. Although the Liveness Check does improve the security issue with Face Unlock, there’s still the possibility that those determined to get into your device could doctor a video or animated GIF of your face, played back using another smartphone screen.

[via TechCrunch]

Google secures Jelly Bean’s Face Unlock feature with Liveness Check is written by Rue Liu & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.