Tag: risk assessment

New Mac trojan tricks users into paying pricey cell phone fees

Doctor Web Researchers have discovered new Mac-based malware that’s designed to trick users into paying pricey subscription fees. Dubbed Trojan.SMSSend.3666, the trojan masquerades as “VKMusic 4 for Mac,” a name that closely resembles an app used to listen to music on a popular Russian social networking site, according to a report published on Wednesday by Russia-based antivirus provider Doctor Web. An installer prompts users for a cell phone number, purportedly as part of the registration process. Users who respond to a subsequent text message then receive a bill charged to their mobile account. “Trojans of this family used to plague Windows users, but Trojan.SMSSend.3666 targets owners of Apple computers,” Wednesday’s advisory stated. Read 1 remaining paragraphs | Comments

Read More:
New Mac trojan tricks users into paying pricey cell phone fees

FBI snares $850 million Butterfly botnet ring with help of Facebook

On Tuesday, the FBI announced that it had arrested ten people connected to a botnet that had spread through Facebook. Spread by a virus targeting Facebook users, the botnet caused over $850 million in losses to financial institutions, infected over 11 million computers, and stole credit card and bank account data. The botnet itself was shut down in October, according to an FBI statement. This is the second major outbreak of botnets based on the Butterfly (aka Mariposa) bot tool. The first incarnation, discovered in December 2008 and shut down a year later, infected over 12 million PCs worldwide and was spread primarily through file-sharing and instant messaging attacks. It also harvested financial information from over 800,000 victims. In the latest incarnation of Butterfly, the botnet spread itself using variants of Yahos, a virus that spreads itself by sending links via social networks and instant messaging. Victims clicked on the link, launching Yahos’ attack. The malware, which in some variants disguised itself as an NVIDIA video driver , then downloaded and installed the botnet controls and browser exploits that captured users’ credit card and bank account information. The spread of viruses like Yahos prompted Facebook to   partner with McAfee in 2010 to provide tools to users to clean infected systems. Read 1 remaining paragraphs | Comments

View article:
FBI snares $850 million Butterfly botnet ring with help of Facebook

Cisco machine gets listed by blackhat org that rents out hacked PCs

Enlarge KrebsonSecurity.com A computer running inside the corporate network of Cisco Systems is one of about 17,000 machines that is being rented out to online miscreants looking to get a foothold inside Fortune 500 companies, according to a published report. The Windows Server 2003 system uses Microsoft’s Remote Desktop Protocol so it can be remotely accessed by anyone with the login credentials. It’s listed on Dedicatexpress.com, a service that allows anyone in the world to access hacked computers at specific organizations, KrebsonSecurity reported . Remarkably, the username for the box is “Cisco” and the corresponding password is—you guessed it—”Cisco.” “Businesses often turn on RDP for server and desktop systems that they wish to use remotely, but if they do so using a username and password that is easily guessed, those systems will soon wind up for sale on services like this one,” reporter Brian Krebs wrote. Read 3 remaining paragraphs | Comments

Read More:
Cisco machine gets listed by blackhat org that rents out hacked PCs