This edition of Safenetting updates you on just some of the online dangers — including news for our readers in Canada …
* Android malware steals bank credentials – Is mobile banking safe?
* More Malware Discovered With Stolen Digital Certificates
* McAfee warns of sophisticated Android banking malware
* New Mac malware exploits Java bugs, steals passwords
* New Mac OS X malware variant spotted in the wild
* Fake LinkedIn emails leading to malware
* Malware-Infected Subscription Traps
* SourceForge Rejects ‘Anonymous OS’
* A New Mac OS X Malware Discovered
. . . and more!
New Mac OS X malware variant spotted in the wild
The latest version of the Imuler.C trojan attempts to trick end and corporate users into thinking that they’re downloading and about to view image files. The trojan horse circulates using .zip archives named “Pictures and the Ariticle of Renzin Dorjee.zip” and “FHM Feb Cover Girl Irina Shayk H-Res Pics.zip”.
According to the researchers, the malware authors are relying on a known social engineering tactic and the default Mac OS X settings, where full file extensions are not displayed by default, hence the use of image icons for application files.
Full story : ZDNet (blog)
New Mac malware exploits Java bugs, steals passwords
A new version of a well-known family of Mac malware exploits vulnerabilities in Java to steal usernames and passwords for online payment, banking and credit card websites.
Flashback.G is the first variant of the Trojan horse to use an attack vector that doesn’t require any user interaction, said Intego Security, a French firm that specializes in Mac antivirus software. Most Mac malware needs help from users to get on a machine, if only to okay an installation by entering the system password. When users come across the new malware — it’s being served from an unknown number of malicious websites — Flashback.G first tries to exploit a pair of Java bugs, one harking back to 2008, the other discovered last year.
Full story : ITworld.com
A New Mac OS X Malware Discovered
Now before all you Mac fans start beating your chests and repeating the pointless mantra of Mac’s don’t get viruses or trojan let me calm you down by letting you know that this new malware, while being targeted directly at Macs has not been seen out in the wild.
The warning comes from security firm Intego, a company that specializes in Mac-related software, and they say this this new malware is a variant of the Imuler.C trojan and it works by playing on a default action on Macs where files extensions are not shown
The trojan works by trying to convince the user that the file they have downloaded and is about to open is an image file when in fact it a zip archive named Pictures and Article of Renzin Dorjee.zip or FHM Feb Cover Girl Irina Shayk H-Res Pics.zip.
Full story : www.inquisitr.com
More Malware Discovered With Stolen Digital Certificates
Back in 2010, stolen digital certificates infamously aided in the spread of Stuxnet and a version of Zeus. A year later, we saw hackers compromise the servers of Comodo and DigiNotar, two major Certificate Authorities, running off with numerous digital certificates. Ever wonder where they went?
Some of the stolen certificates surfaced right away — one report said the DigiNotar hack in particular might have compromised the Google accounts of more than 300,000 Iranians. Last Septemeber, ESET’s Robert Lipovsky blogged about a variant of the Qbot Trojan that was signed by stolen certifcates.
Full story : PC Magazine
SourceForge Rejects ‘Anonymous OS’
A few days ago, we reported that more than 20,000 users had decided to give a brand-new operating system a try: The Anonymous OS, an Ubuntu-based Live CD that’s more a loose collection of security and hacktivism tools than a full-fledged operating system.
At least, that’s what it looks like on the outside. Due to concerns over what the release might contain on the inside — malware, especially — and the lack of transparency behind the project itself, SourceForge has officially pulled the plug on hosting the Anonymous OS.
Full story : PC Magazine
Malware-Infected Subscription Traps
Of recent, Avast held a number of websites responsible for circulating contentious software tools and enticing software applications and misleading na’ve users into downloading malware in their systems, reports softpedia on March 8, 2012.
In a so-called “button solution,” the German Federal Government have decided to issue a law against internet scammers circulating infected subscription traps, on the first week of March 2012. Researchers at Avast revealed that sites like www.software-und-tools.de are often deceiving ignorant surfers and trapping them with huge sum in the hack of freeware program.
Full story : SPAMfighter News
McAfee warns of sophisticated Android banking malware
McAfee is warning users following the discovery of a sophisticated Android malware infection which targets online banking customers. The attack poses as a key generator app with the application artwork and interface designed to resemble popular financial institutions.
Upon launching the application and entering account information, the user is then presented with a phony and randomly-generated numerical access code. Meanwhile, the malware collects and uploads the account information along with handset identification numbers to an outside control server.
Full story : V3.co.uk
Android malware steals bank credentials – Is mobile banking safe?
Mobile banking has been steadily gaining popularity, as more and more consumers get access to smartphones with internet capabilities. Today, almost every major financial institution in the world provides their account holders with easy-to-use net and mobile banking systems. But, as with every other good thing out there, malicious intent is never far around the corner. Security concerns related to the use of mobile banking applications have been recently brought to the forefront.
The latest Android malware found in the wild is proving to be one of the most dangerous.
Full story : Android Authority
Fake LinkedIn emails leading to malware
Fake email invitations from professional networking service LinkedIn may lead to the dreaded Cridex malware, a security research firm warned. GFI Labs said those who click on the links from the fake emails may be sent to a BlackHole exploit that will drop the malware to the computer.
Full story : GMA News
If you think you’re a victim, file a complaint with the
FBI Internet Crime Complaint Center : IC3.