Safenetting : Malware Report 1207.15

User Group Network UGN Safenetting and Cybercrime report Malware, attack sites, and malware sites continue to generate grave news. Our earlier report this week just wasn’t enough … we have to file once again . . .
* Facebook Users Claim Malware Checkpoint Locked Their Accounts
* Intel OS X binary of latest multiplatform malware discovered
* Android malware’s dirty secret: Repackaging of legit apps
* Cross-platform Trojan attacks Windows, Intel Macs, Linux
* New Zeus malware grabs victims’ money via Facebook, GMail
and more . . .


Safenetting

Facebook Users Claim Malware Checkpoint Locked Their Accounts

The Malware Checkpoint Facebook launched Tuesday is running into some issues, with reports of users being locked out of their accounts.
      The social network introduced the service that allows users to cleanse their systems by using Scan and Repair from McAfee or Security Essentials from Microsoft, both of which are also available via the Antivirus Marketplace Facebook launched in April.
READ THIS REPORT Full story : AllFacebook


Cross-platform Trojan attacks Windows, Intel Macs, Linux

A second cross-platform Trojan downloader has been discovered that detects if you’re running Windows, Mac OS X, or Linux, and then downloads the corresponding malware for your platform.
      Unlike the first one, which supported PowerPC Macs, this one does Intel x86 Macs.
READ THIS REPORT Full story : ZDNet


Intel OS X binary of latest multiplatform malware discovered

Earlier this week security company F-Secure uncovered a new Web-based malware attack that uses Java to identify and distribute platform-specific malware binaries to OS X, Windows, and Linux installations. In the company’s first findings, the malware being issued for OS X was a PowerPC binary, which prevented it from running on many Macs using Snow Leopard and Lion; however, new developments have unveiled an x86 binary for the malware.
      This new variant of the malware is essentially the same as the previous findings, with the exception that it will run on Lion and Snow Leopard systems without the need for Rosetta. As with the previous findings, the new malware is installed by visiting a rogue Web site that runs a small Java applet. This applet first checks the system for the platform being used, and then connects to a remote server using port 8080 for OS X, 8081 for Linux, and this time port 443 for Windows (previously it used port 8082), and downloads a platform-specific malware binary. This binary then sets up a backdoor in the system that allows remote access from a hacker.
READ THIS REPORT Full story : CNET


Android malware’s dirty secret: Repackaging of legit apps

Security researchers from North Carolina State University are warning that the majority of Android malware are repackaging other legitimate (popular) apps to get past the mobile platform’s rudimentary security barriers.
      After analyzing more than 1,200 Android malware families, the reserachers — Yajin Zhou and Xuxian Jiang — found that 86.0% repackaged legitimate apps to include malicious payloads and argued that the theats can be effectively mitigated by policing existing Android Markets for repackaging detection.
READ THIS REPORT Full story : ZDNet


New Zeus malware grabs victims’ money via Facebook, GMail

A new strain of the Zeus banking-oriented malware is now targeting users via their accounts on social network Facebook and free email Gmail, a security firm warned. BitDefender said the new scam asks victims to link their credit card information with their Facebook or Google accounts to turn them into digital wallets.
      “The attack is extremely convincing as the browser shows the URL of the real login service. It also offers a good explanation as to why the user is asked to enter credit-card info: Facebook users are told they can directly buy Facebook credits after they link the credit-card to the account, while Gmail users are told they can use Gmail as a ‘digital wallet’ and pay by simply entering their e-mail address,” BitDefender said
READ THIS REPORT Full story : GMA News


GO What did you miss in the last Safenetting Malware Update

 


GO Send in your items for Safenetting readers
GO Facebook Safe Netting
GO Join / Like / contribute : UGNN FaceBook Group, (ug.netnews)

DO NOT CLICK

If you think you’re a victim, file a complaint with the
GO FBI Internet Crime Complaint Center : IC3.

You can also keep up with the efforts to curb spam and cybercrime by reading the news at
GO Knujon and
GO HostExploit.com. And, you should
GO switch to SpamCop and take a stand against spam.