In this edition we have another mixed-up bag of news, there’s really too much to report on in a single column, suggesting we break out the malware news into its own column! Here are the headlines …
* Microsoft’s botnet shutdown won’t stop Mac malware
* Mac malware disguised as Adobe Flash update
* Flashback Trojan poses as Flash Player installer
* Researchers warn of fake-PDF Mac Trojan
* Consumer interest in Apple not dampened by Jobs’ departure
* Kelihos Ring Sold ‘Botnet-As-A-Service’
* Hackers using QR codes to push Android malware
. . . and more
Microsoft’s botnet shutdown won’t stop Mac malware
There has been much discussion of the shutdown of the Kelihos botnet this week by Microsoft and Kaspersky. It is the third such action by the Microsoft Active Response for Security (MARS) initiave in recent memory.
Taking down botnets is always good news and even better Microsoft named an individual defendant in their US court case this time.
Full story : Chester Wisniewski Naked Security
Mac malware disguised as Adobe Flash update
Warnings have been made about a new Mac Trojan downloader that appears as an installer for Adobe’s Flash Player.
According to Mac security company Intego, ‘OSX/flashback.A’ encourages users visiting certain malicious websites to download and install Flash Player. Full story : SC Magazine UK
Flashback Trojan poses as Flash Player installer
Are Mac malware writers getting smarter? A recently discovered Trojan deactivates a popular security tool.
Following the discovery of the Revir Trojan, security companies are warning of another new Mac Trojan, this time posing as an Adobe Flash installer. Dubbed Flashback by Intego (apparently the first to report it), the Trojan disables Little Snitch, a security product intended to alert users of any attempt by software to ‘phone home’. Full story : Stephen Withers – iTWire
Researchers warn of fake-PDF Mac Trojan
Apple’s Mac OS platform’s reputation for enhanced security has taken another hit as security researchers uncover a clever new Trojan spreading via spoof PDF files.
Describing it as a ‘fascinating’ example of new-breed Mac malware, security expert Graham Cluley of Sophos claimed that Mac users need to be aware of the risks posed by supposedly ‘safe’ file formats like PDF. Full story : THINQ.co.uk
Consumer interest in Apple not dampened by Jobs’ departure
Apple’s stock value didn’t plummet when Steve Jobs announced his departure as CEO (nor should it have), and it looks like the reaction from consumers matches Wall Street’s optimism.
In contrast, negative sentiments about the company (there were around 64,000 such statements in August as measured by ConsumerAffairs.com) focused mostly on ‘technical and pricing issues,’ including problems with software updates and concerns about the Mac malware that had been more of a problem earlier in the summer. Full story : GigaOm
Kelihos Ring Sold ‘Botnet-As-A-Service’
A Czech-based malware ring was so sophisticated it was able to sell time and space on its network of rogue computers to third parties in exchange for cash and other compensation, Microsoft charged in what may be a groundbreaking lawsuit against the group’s organizers.
“The Kelihos Botnet operators sell botnet capacity as a service, including the capability of sending spam email to perpetuate fraud, to collect financial and personal data, and to distribute harmful and malicious software,” Microsoft alleged in court papers filed in U.S. District Court for Eastern Virginia. Full story : By Paul McDougall InformationWeek
Hackers using QR codes to push Android malware
The growing popularity of Quick Response (QR codes) on smart phones has officially become a new distribution vehicle for malware on Android devices.
According to security researchers at Kaspersky Lab (important disclosure: my employer), hackers are are using QR codes posted on web sites to redirect smart phones to other sites hosting an Android trojan. Full story : ZDNet (blog)
Follow the InfoManager’s previous Safenetting Alerts
Thanks for reading…
You can also keep up with the efforts to curb spam and cybercrime by reading the news at Knujon and HostExploit.com. And, you should switch to SpamCop and take a stand against spam.
