Mac Malware Update

User Group Network UGN Safenetting and Cybercrime reportIn this edition we have another mixed-up bag of news, there’s really too much to report on in a single column, suggesting we break out the malware news into its own column! Here are the headlines …
* Microsoft’s botnet shutdown won’t stop Mac malware
* Mac malware disguised as Adobe Flash update
* Flashback Trojan poses as Flash Player installer
* Researchers warn of fake-PDF Mac Trojan
* Consumer interest in Apple not dampened by Jobs’ departure
* Kelihos Ring Sold ‘Botnet-As-A-Service’
* Hackers using QR codes to push Android malware
. . . and more



Microsoft’s botnet shutdown won’t stop Mac malware

There has been much discussion of the shutdown of the Kelihos botnet this week by Microsoft and Kaspersky. It is the third such action by the Microsoft Active Response for Security (MARS) initiave in recent memory.
      Taking down botnets is always good news and even better Microsoft named an individual defendant in their US court case this time.
READ THIS REPORT Full story : Chester Wisniewski Naked Security


Mac malware disguised as Adobe Flash update

Warnings have been made about a new Mac Trojan downloader that appears as an installer for Adobe’s Flash Player.
      According to Mac security company Intego, ‘OSX/flashback.A’ encourages users visiting certain malicious websites to download and install Flash Player.
READ THIS REPORT Full story : SC Magazine UK


Flashback Trojan poses as Flash Player installer

Are Mac malware writers getting smarter? A recently discovered Trojan deactivates a popular security tool.
      Following the discovery of the Revir Trojan, security companies are warning of another new Mac Trojan, this time posing as an Adobe Flash installer. Dubbed Flashback by Intego (apparently the first to report it), the Trojan disables Little Snitch, a security product intended to alert users of any attempt by software to ‘phone home’.
READ THIS REPORT Full story : Stephen Withers – iTWire


Researchers warn of fake-PDF Mac Trojan

Apple’s Mac OS platform’s reputation for enhanced security has taken another hit as security researchers uncover a clever new Trojan spreading via spoof PDF files.
      Describing it as a ‘fascinating’ example of new-breed Mac malware, security expert Graham Cluley of Sophos claimed that Mac users need to be aware of the risks posed by supposedly ‘safe’ file formats like PDF.
READ THIS REPORT Full story : THINQ.co.uk


Consumer interest in Apple not dampened by Jobs’ departure

Apple’s stock value didn’t plummet when Steve Jobs announced his departure as CEO (nor should it have), and it looks like the reaction from consumers matches Wall Street’s optimism.
      In contrast, negative sentiments about the company (there were around 64,000 such statements in August as measured by ConsumerAffairs.com) focused mostly on ‘technical and pricing issues,’ including problems with software updates and concerns about the Mac malware that had been more of a problem earlier in the summer.
READ THIS REPORT Full story : GigaOm


Kelihos Ring Sold ‘Botnet-As-A-Service’

A Czech-based malware ring was so sophisticated it was able to sell time and space on its network of rogue computers to third parties in exchange for cash and other compensation, Microsoft charged in what may be a groundbreaking lawsuit against the group’s organizers.
      “The Kelihos Botnet operators sell botnet capacity as a service, including the capability of sending spam email to perpetuate fraud, to collect financial and personal data, and to distribute harmful and malicious software,” Microsoft alleged in court papers filed in U.S. District Court for Eastern Virginia.
READ THIS REPORT Full story : By Paul McDougall InformationWeek


Hackers using QR codes to push Android malware

The growing popularity of Quick Response (QR codes) on smart phones has officially become a new distribution vehicle for malware on Android devices.
      According to security researchers at Kaspersky Lab (important disclosure: my employer), hackers are are using QR codes posted on web sites to redirect smart phones to other sites hosting an Android trojan.
READ THIS REPORT Full story : ZDNet (blog)


Follow the InfoManager’s previous Safenetting Alerts

DO NOT CLICKThanks for reading…

Fred Showker

You can also keep up with the efforts to curb spam and cybercrime by reading the news at
GO Knujon and
GO HostExploit.com. And, you should
GO switch to SpamCop and take a stand against spam.

Leave a comment

You must be logged in to post a comment.