Tag Archive: Virus


image

Mobile security company Lookout has continued to expand its list of Android Market applications that have been found to contain malicious code known as ‘RuFraud’. Researchers spotted 22 malicious apps by the start of the week, prompting Microsoft to offer victims free Windows Phone handsets, while five more have been discovered since then.

The titles include several horoscope apps, wallpaper utilities that offer pictures from movies such as Twilight and Moneyball, fake downloaders for popular Android games such as Angry birds, and fake free versions of other games.

Once downloaded, the apps trick users into agreeing to charges that will be applied to the bill due to SMS messages sent to premium numbers. The code appears to affect users in Europe and Asia, rather than North America.

Google has quickly pulled the offending titles from the app portal, however the situation has given credence to criticism of the mobile platform’s security features. The company’s open approach is said to make it easier for attackers to post malicious apps without encountering problems in the approval process. Fragmentation is also seen as a potential problem, as most Android handsets are running older OS versions that lack the latest security protection.

Thanks: Electronista

Advertisements

image

t used to be the case that people could claim that Apple software wasn’t susceptible to viruses, but it’s not so anymore. Actually, it hasn’t been for a while. Today, another Mac-borne virus was identified that uses processing power of computers to generate “Bitcoins,” a virtual currency.

According to TechWorld, the Trojan uses infected Macs’ video cards to generate Bitcoins. Antivirus companies said that the trojan is being distributed with legitimate software over BitTorrent. They said today that:

“This malware is complex, and performs many operations,” security researchers from Mac antivirus vendor Intego warned. “It is a combination of several types of malware: It is a Trojan horse, since it is hidden inside other applications; it is a backdoor, as it opens ports and can accept commands from command and control servers; it is a stealer, as it steals data and Bitcoin virtual money; and it is a spyware, as it sends personal data to remote servers,”

The trojan actually installs a legitimate application that is used in the Bitcoin production process –called DiabloMiner — but configures it to distribute the coins to the creators of the virus. As the application uses the GPU to create the currency, the machine runs extremely slow as a result.

Additionally, the trojan spies on users by taking automated screen captures and logging usernames and passwords, copying encrypted data, your Safari browsing history and more, then sending them back to the creators of the infection.

It’s clearly time for users on OS X to seriously consider installing antivirus protection, as this is pretty serious compared to other threats we’ve seen out there. If you’re not running anything yet, there are plenty of free solutions out there.

Thanks: Neowin

image

It’s been known for a while now that Google’s Android mobile phone and tablet operating system is the one that seems to get more attention by malware makers. Now a new report from anti-virus company McAfee seems to confirm that notion. McAfee, a division of Intel, announced earlier this week that it has recorded a massive 76 percent increase in Android-based malware attacks in the second quarter of 2011. That rise has put Android in the dubious distinction of surpassing Nokia’s Symbian OS as the operating system that has the most malware. McAfee speculates that Android will become an even bigger target for cybercriminals who create dangerous malware programs.

McAfee says that overall it has found 12 million unique malware samples in the first half of 2011 which was a 22 percent increase from the same period a year ago. The company claims that it now has 65 million malware samples in its “zoo” and says those numbers could expand to a whopping 75 million samples by the end of 2011.

In addition to all of the new threats against the Android OS, McAfee says that there is an increasing malware threat to Apple’s Mac OS. In the past the Mac OS had been ignored by the malware community but now the first ever fake anti-virus threat has been found for the Mac operating system. In addition more malware in general are being hidden in a rootkit program. This kind of “stealth malware” threat has increased 38 percent this year compared to a year ago.

Thanks: Neowin

image

As Android devices get more popular (today comScore reports Android phones comprise 40% of the U.S. smartphone market), they’re becoming a more attractive target for cybercriminals. If you use an Android smartphone, you are now 2.5 times more likely to encounter malware (malicious software) than you were six months ago.

This isn’t just about apps. This year, 30% of Android users are likely to encounter a Web-based threat such as phishing scams, “drive by downloads” and browser exploits.

This is according to a new threat report from Lookout Mobile Security. Obviously, Lookout is selling mobile-security tools. However, individual and collective mobile security risks are real.

Whether you opt to pay for mobile security, use a free service or manage it yourself, you should be aware of the risks and use basic mobile safety skills.

Cybercriminals aren’t simply targeting Android devices more often, they’re also getting sneakier about it.

Specifically, Lookout notes that attackers are using new techniques to distribute malware to phones. These include “malvertising” (ads served up through legitimate apps that lead you to a fake Android market and trick you into downloading malware, like GGtracker) and “upgrade attacks” (where the initially downloaded app is clean, but later upgrades deploy malware).

How can mobile malware harm you? First of all, cybercriminals can rack up charges to your phone bill through “carrier billing,” a payment option that wireless carriers are increasingly pushing –and which Google is starting to make possible for Android market app purchases. Malware also can sign you up for “premium SMS” text messaging services.

Furthermore, mobile malware and spyware can pull sensitive data from your phone — such as your credit card numbers, online banking or e-mail account login credentials or your contacts list.

Infected phones also can become part of a “botnet,” which means your phone could be used without your knowledge as part of a larger attack scheme. This can also drive up your data traffic, which can push you toward your data plan’s cap faster.

Why is Android a bigger mobile security concern? It’s an open platform, which presents significant pros and cons.

On the bright side, Android’s openness has made it easier for vendors to offer cheaper smartphones (especially without costly two-year contracts) to a much broader consumer market. On the downside, Android’s openness also makes it especially susceptible to malware.

Users of Apple and BlackBerry mobile devices are not immune to mobile security threats. But the closed nature of those platforms does make it harder for cybercriminals to infiltrate those devices with malware.

However, threats such as e-mail phishing attempts and PDF exploits can put any mobile user at risk — even on the iPhone. (Apple recently patched its latest PDF vulnerability, but future iOS risks are always a possibility.)

Learn more about mobile security risks

John Hering, co-founder and CEO of Lookout, explains that a credulous user mindset has been a key factor in mobile security risks.

“We’ve observed that most mobile users are far more trusting about how they download and install software on their phone, compared to their computer,” he said. “But fortunately that’s starting to change. Android users especially are starting to get more discerning.”

However, the way people tend to use smartphones can also put them at risk. Hering noted that mobile users tend to be in distracting environments, so they generally provide only short bursts of divided attention to their phones.

Kevin Mahaffey, Lookout’s CTO and co-founder, explained that spotting malware on mobile devices is a bigger technical challenge than on computers.

“Personal computers have lots of power — both energy and processing capacity — so it’s easy to run security analyses in that environment. If it were even possible to run the same types of analytics on a mobile phone, that would destroy battery and take two decades to build,” Mahaffey said.

“So we had to consider, what if we could change the way malware detection is done? Instead of doing it on individual devices operating out in the world, what if we put it all on a big server and treat it as a data mining problem?”

This concept formed the genesis of Lookout’s Mobile Threat Network, which provides mobile device security through an online platform that aggregates and constantly scans anonymized data gathered from over 700,000 mobile apps.

One advantage of this approach is speed. Also, users don’t have to remember to update Lookout security software; the system constantly updates itself.

Mahaffey notes that if your phone is running an older version of the Android operating system, you face greater mobile security risks.

On Android phones, OS updates get deployed via a variety of manufacturers and wireless carriers. Because of this complexity, on many phones system updates lag behind — sometimes far behind — the latest “flavor” of Android (currently 2.3 “Gingerbread” for phones).

Unless you’ve rooted your Android phone to gain complete control over it, it’s up to the carrier and manufacturer, not you, when your phone will get a system update.

In contrast, iPhone system updates get deployed by a single source: Apple. So at any given time most iPhones in use probably have a fairly up-to-date version of iOS (unless it’s a much older device, such as the iPhone 3G).

Complicating this picture, to keep costs down some Android phone manufacturers skimp on processing power and other device capabilities. So some cheaper phones simply are not able to run the latest version of Android well, or at all.

This is why some brand new but cheaper models come with vastly outdated flavors of Android — like the Huawei Ascend, currently sold by MetroPCS for $99 on a $50/month no-contract plan, which comes with Android 2.1 (“Eclair,” released back in January 2010).

What red flags should mobile users watch for? According to Hering and Mahaffey, strange text messages coming from unknown sources are a common clue that you may have been subscribed unwittingly to a premium SMS service. You should contact your carrier immediately to report these.

Also, check your phone bill online periodically — probably more often than once a month.

Malware can cause a lot of surreptitious activity on your phone, so battery performance might be a clue. “If your battery suddenly starts draining really fast, consider that it might be malware,” Mahaffey said.

Hering also recommends healthy skepticism.

“Scrutinize permissions for Android apps before you download them. Does that game or utility really need permission to send premium SMS messages? Probably not,” he said.

Thanks: CNN