As the days heat up, so too does cybercrime — it seems. Here’s this week’s mix of phishing and malware news
— this week’s notes:
 Mac malware – top tips for avoiding infection
 Apple Mac malware: A short history
 Norton: The Android malware problem is just beginning
 Amazon Web Services Hosting Banking Malware: Kaspersky
 iPhone 5 ‘sneak peek’ spreads malware
 Boy-in-the-Browser attacks evade anti-malware software
 Detectives detail Facebook phishing scam
 Sony warns of phishing attacks after latest hack
 Google China Wars: How to Restore Brand Integrity
 SPAM : 100 Billion industry
 . . . and more
Mac malware – top tips for avoiding infection
More Mac scareware appeared overnight, with the cybercrooks following the same sort of strategy which has worked so well on Windows
Here are some top anti-scareware tips for Apple users
Full story : nakedsecurity.sophos.com
Apple Mac malware: A short history
There’s been a lot of discussion in the media recently about the threat that malware poses on the Mac OS X platform. It’s clearly an emotive subject, with strongly held views on both sides.
To help some of the discussions, here’s a brief overview of some of the malware we have seen infecting Apple computers. From the early 1980s, right up until the present day, here are some of the highlights in the history of Apple Mac malware.
Full story : nakedsecurity.sophos.com
Norton: The Android malware problem is just beginning
It seems like we keep hearing about new versions of Android malware every other day and Norton says that isn’t an accident.
The bad guys are going to be increasingly focused on the mobile space and Android should be one of the largest targets.
Full story : IntoMobile
Amazon Web Services Hosting Banking Malware: Kaspersky
Security researchers have long warned that cloud services were providing cyber-criminals with extensive computing resources that could be used to launch powerful and damaging cyber-attacks.
A Kaspersky researcher uncovered an example of how Amazon’s cloud services are being used to spread malware.
Full story : eWeek
iPhone 5 ‘sneak peek’ spreads malware
Just as Apple’s Worldwide Developers Conference featuring previews of Apple’s latest devices gets underway this week, so has a new spamming operation using a fictional iPhone 5G to fool victims
Computer security firm Sophos said a new batch of spam mail claims to come from Apple with the subject line, “Finally. The amazing iPhone 5. Now available in black edition.” . . . the body of the emails contains an Apple logo and an image of the supposed iPhone 5 with a built-in physical keyboard.
“The Trojan only infects the Windows operating system”
Full story : GMANews.TV
Boy-in-the-Browser attacks evade anti-malware software
Boy-in-the-Browser (BITB) attacks are gaining force as they continue to evade traditional anti-malware software.
Tomer Bitton, from the Imperva Application Defense Center, explains, “Many are familiar with Man-in-the-Browser (MitB) attacks, but most are unaware of the lesser known Boy-in-the-Browser (BitB). Not as sophisticated as MitB, BitB malware has evolved from traditional key loggers and browser session records. The recent spate of BitB trojans that targeted Chilean banks, and their customers, demonstrates that this type of attack is gaining force and continues to evade traditional anti-malware software.”
Full story : securitypark.co.uk
Detectives detail Facebook phishing scam
Joseph Campbell is facing some serious charges. Police say for about two years, the 24-year-old stalked women in Pinellas County. He allegedly did it through his computer.
Det. Jim Howard of the Belleair Police Department said the women are still dealing with the effects.
Full story : MyFox Tampa Bay
Sony warns of phishing attacks after latest hack
Sony has been the target of repeated attacks after its PlayStation Network was hacked in April.
Last week, hacking group Lulz Security targeted its entertainment division Sony Pictures, posting 37,500 records of users online.
Full story : Nicole Kobie PC Pro
Google China Wars: How to Restore Brand Integrity
Last week, Google’s patience wore thin and the company publicly confronted China with evidence of government complicity in a spear phishing hack of Gmail accounts, including those of senior US officials, Chinese dissidents, journalists, and others (phishing tricks users into giving up sensitive information including passwords).
How Google Lost Its ‘Do No Evil’ status … Levy documents the period when Google engaged with China as the tipping point in a series of ambitious initiatives that dented the search giant’s halo:
Full story : BNET (blog)
SPAM : 100 Billion industry
a new report by a team of U.S.-based computer scientists contends that the spam industry, which generates an estimated $100 billion annually, uses just three banks — one in Azerbaijan, one in Denmark, and one in the West Indies — to process 95 percent of its transactions.
The authors of the study, titled “End-To-End Analysis Of The Spam Value Chain,” ran several computers without any spam filters or antivirus protection over a period of three months. They then waded through billions of spam e-mail messages and made hundreds of purchases of generic medicine, fake luxury goods, and counterfeit software.
Full story : Nikola Krastev – www.rferl.org
Follow the InfoManager’s previous Safenetting Alerts