Archive for the ‘Spyware’ Category

Pirated Adobe software speads new Mac Trojan

Wednesday, February 18th, 2009

All the Mac users are probably in trouble as Apple has again been the target to the Mac specific Trojan that is launched on Mac OS X through pirated editions of Adobe Photoshop CS4. Intego, the Mac security company had issued a security advisory, which warned Mac users of this Trojan variant as it is estimated to have already infected nearly 5,000 Mac users.This Trojan is a simple variant of iService Trojan malware which reached several Mac users through pirated editions of productivity suite iWorks of Apple. However similar to the previous edition of the malware this new Mac Trojan is also found to spread through file sharing websites like BitTorrent trackers and other website that include link to different pirated software.

Recently discovered Mac Trojan variant called OSX.Trojan.iServices.B was actually fond in the crack application package with different copies of Adobe Photoshop CS4 for the Mac users. Although the real Adobe Photoshop installer is a bug free software the Trojan, according to Intego, actually embeds itself into the crack application which includes the serial codes of the program. After the user has downloaded the pirated Photoshop, the crack application of the program removes an executable from the program’s data and then installs a backdoor in the file directory which does not get deleted even after rebooting the computer. If the crack application is run again then the Trojan can create another executable file but with a different name which makes the Malware more difficult to be traced and removed safely.

The crack application requests for an administrative password which it uses to launch the backdoor with its root privileges. The crack application would then open a disk image that is hidden in its resources folder called as .data and it then proceeds in cracking the Photoshop program letting it to be used as the means to spread the malware.

This malware then connects to some remote server through the web which alerts several attackers after the virus has been installed. After being downloaded this information stealing virus enables all the hackers to remotely have control over your machine where they can steal sensitive or even financial information or can have entire access over your computer. According to David Perry the directory of Global Education of Trend Micro the Security Company if this Trojan has been in your computer for a long time and is gathering your information fro long then it can even be a part of huge business plan. He further said that the Mac Trojan is not is not just a virus per se, which means it is not passed on from one user to another but is rather installed through illegal copies of the Photoshop application. As the Mac software is often more expensive compared to PC software it would be the reason for potential rise of this factor in the Mac applications. The Mac Security company Intego has warned that it is recommended that users should not download available cracking software from websites which distribute pirated software as it can cause malware problems.

New worm slithers and crawls into 10mil PCs worldwide

Monday, February 2nd, 2009

There is a new malicious computer virus which by several names like Conficker and Downandup has already attacked hundreds and thousands of computers which actually goes above 10 million infected business and personal computers throughout the world. This however leaves the security experts all messed up to find out about its impact. F-Secure the well known security researchers have found out that this new virus has different names like Downandup, Conficker and Kido which are among the popular names and it is a part of a large family of network viruses which mainly infect servers and workstations of Windows thereby causing a number of problems.

This virus was found to start spreading about two months before and it used a number of different methods to spread which include the recently patched susceptibility in Windows Server Services, infecting through USB sticks and can also spread by guessing network usernames and passwords. However although Microsoft had instantly sent an emergency patch to protect the windows operating system against the susceptibility during October as the virus has been found to quickly spread during the recent weeks.

This virus has infected as many as ten million home or personal computers throughout the world which a bigger hit on the commercial computers. According to the report of F-secure, countries like Brazil, Russia and China account for nearly 41 percent of the infected IP addresses. However according to the vice president of Symantec Security Alfred Huger said that the number of infections has so far not reached an appalling mark in the North America and Western Europe.

Similar to most other computer viruses the computer owners would be completely unaware that their machines have actually been infected as both the computer users and the companies would not instantly install patch updates. There is a distinctive problem caused by this virus where it locks out the users from their own accounts so that the virus can easily download modified versions of the virus from a long list of websites. This makes it difficult even for security companies to locate and close down the virus in one time. However after the virus gains access to most of the inside processing of the network then it can generally be very hard to completely eradicate the virus, warned by F-Secure.

Nevertheless, the impact of this virus is yet to be determined with the officials in UK, US, Russia, India and China as they say they are waiting to find out about the effects of the virus if they are major ones. The computer security researchers have said that they are waiting for the instructions to show up, so that they can determine what impact the virus would have on computer users. The virus might also operate in the background, where it will user infected computers to send infect or spam to other computers or it might also steal personal information of the computer user.

New Windows virius variants cause increased infections

Friday, January 30th, 2009

According to the study conducted by Microsoft, there has been a worm virus which is infecting computers since the month of October has now spread to nearly eight million computers throughout the world which has also created fears which this infection would reach huge new levels by the year 2009. this virus worm is called as Kido, Downadup and Conficker can actually be transferred through different ways that include through the commonly used flash drivers which makes it difficult to protect against it even though your computer system is efficient with current updates. However this does not mean that nothing can be done stay away from this virus as you can use a reliable anti virus software and also secure all your passwords which would be hard for any of such programs to break through.

Graham Cluley who is a senior technology consultant of the computer security company named Sophos said that Microsoft has done a great job by updating the home computers of people by it is found that virus still continues to infect business who did not bother to use the patch update. He also said that the shortage of IT staff during the holiday bread did not help much while also the rolling out of the patch update over a large number of users and companies was very touch. He again added that if any of the business computer users use week passwords like QWERTY or 12345 then this virus attach can easily crack them within a short time. This harmful virus mainly works by making its way through the ‘services.exe’ files that are the most important for windows functions and after merging with it the virus lets itself to cover-up as a driver while also copying itself until the virus has modified your computer registry.

After this is done the virus would create a particular server that lets different malware from the website of a hacker to be automatically downloaded to your computer system which would reset all the restore points to make is almost impossible to regain complete control over your machine. As this virus also generated thousands of rotating websites it also makes it impossible to track the original site files and it would bury it in different URLs any of which can be one of the hacker. Although Microsoft is working hard to identity and combat this new virus, some new versions of malware make it difficult.

Eddy willems who is the security expert at Kaspersky Lab said to the reporters that there is a new variant released just less than a week before and it is the one that is causing the most problems. He added that replication methods can be good way, but as it used different mechanisms like USB sticks, if anyone uses an infected USB to another company then it would infect the entire network of the company. The virus can also download a lot of content that can create new variants through the mechanism. Therefore the initial solutions by Microsoft can be best ways to stay away from this virus to keep your and your company’s machines working efficiently.

How to shop safely online this holiday season

Friday, December 5th, 2008

Holiday season is the time when consumers will be looking for good bargains on the internet. When you are shopping online, be very careful to make safe deals and not end up with any hoax deals. The retailers will be fully prepared with the special deals along with incentives for the online shopping. This is a great opportunity for the consumers to land great deals. One thing to keep in mind is the threat which is involved in online shopping in the form of hackers. You should stay away from the dangers which are involved in while shopping through the internet. Fundamental rules should be followed when you are using the internet for activities like shopping. Computers are basically dynamic devices in which new programs can be installed. When using the computer beware of the virus or other spyware programs. When you connect the modem and start using the internet, then you will become the part of the world wide network which may put you at some risk. Things may not be what it looks like. A lot of threats will exist before and more after the installation. These have been designed with exploitation in mind and you may install them automatically even without your knowledge.

 

After it gets installed, you cannot view them but they will be looming in the background. It will start logging in and take up all your personal information. In order to avoid this always update your computer with proper antivirus. The manufacture website will give you updates on all the latest virus and be sure not to ignore them. You should secure both your computer and the internet connection. People who are using connections with low bandwidth like dial up will be very susceptible to the threats as they will be directly connected. You can use something else from the PC like apple as hackers will not create exploits of the apple computers. It will be very difficult for the hackers to hack an Apple system.

 

Using another browser rather than the Internet Explorer will help you to reduce the risk of hacking. You can use other internet browsers like Safari, Mozilla Firefox and Opera. You should check for the updates of these browsers as it will help in keeping hacking at bay. You should always carefully guard your personal information. Avoid typing financial information, security number etc in places where it is not needed. No bank will ask for the security number through the mail and so be aware of any such threats or phishing scams. Be sure to avoid the pop up ads as they may be potential hackers. Always take action after proper analysis and checking. Always research before you install, download or start running programs to check for its quality and content. You should think before you react to any sort of situation. Pop ups which will be in the form of security alerts should be checked properly and never open them. Hackers are anywhere and everywhere on the internet, make sure that you keep your eyes open.