Miscreants behind the Zeus cybercrime toolkit and other strains of malware have begun taking advantage of an unpatched shortcut handling flaws in Windows. It was first used by a sophisticated worm to target SCADA-based industrial control and power plant systems. – Check out the Article [The Register]
Category Archives: Malware Attacks
Mass Infection of IIS/ASP Sites
Sucuri.net has released a report about a large number of sites that have been hacked and contain a malware script. A quick Google today indicates that there are currently 111,000 sites still infected. It appears that this is only impacting websites hosted on Windows servers. The situation is being investigated.
More information can be found here.
http://blog.sucuri.net/2010/06/mass-infection-of-iisasp-sites-robint-us.html
http://nsmjunkie.blogspot.com/2010/06/anatomy-of-latest-mass-iisasp-infection.html
A preventative, layered approach to head off sophisticated malware threats
It attacked early in the morning without warning, provocation or even a whiff of foreshadowing. Unnoticed, it stealthily wormed through Beefmaster.com’s network searching for and eventually gaining access to FTP credentials. It then modified countless files, redirecting the site’s visitors’ to malicious Web servers. Incredibly, it was able to hole up for 14 hours undetected while infecting hundreds of visitors’ computers with malware.
Check out the article – [Help Net Security]
Samsung Handsets Distributed With Malware-Infected Memory Cards
Another mobile-phone manufacturer has fallen victim to an increasingly common attack in which phones’ memory cards are infected with malware during the manufacturing process and then shipped out to customers. The latest victim is Samsung, which has acknowledged that the microSD cards in a batch of its S8500 Wave mobile phones sold in Germany were infected with an autorun Trojan.
Check out the article – [Threat Post]
Microsoft Releases Emergency Patch for IE Vulnerability
Today Microsoft issued an emergency security update to address a criticle security hole in its Internet Explorer Web browser. This bug is the same one that is being blamed for the attacks on large companies including Google and Adobe.
I recommend if you are using Microsoft Windows to take a minute and run windows update and install the latest IE Security Patch. If you use the automatic update feature you could be prompted within the next 24-48 hours to download and apply the patch, however you probably should go ahead and run the update while you finish reading this post.
The other thing to be on the look out with the uproar of this flaw are malicious websites that popup and alert you that you have been infected and ask you download software to remove the infection.
More details about this critical update are available on Microsoft’s website.
The Malware Oscars
Team Cymru, an independent security research firm, discusses the most innovative malware attacks of 2009 in part one of a three-part video series.
[pro-player width='560' height='340' type='video']http://www.youtube.com/watch?v=efanqZwX7g4[/pro-player] [pro-player width='560' height='340' type='video']http://www.youtube.com/watch?v=3Dublu_bnVA[/pro-player] [pro-player width='560' height='340' type='video']http://www.youtube.com/watch?v=FvUyrdx5598[/pro-player]
Fake H1N1 Email Spreading Malware
Malicious hackers are using fake alerts around H1N1 (Swine Flu) vaccines to trick end users into installing malware on Windows computers, according to warnings issued by computer security firms.
The latest malware campaign begins with e-mail messages offering information regarding the H1N1 vaccination. The e-mail messages contain a link to a bogus Centers for Disease Control and Prevention site with prompts to create a user profile. During this process, a malware file gets planted on the user’s machine.
This US-CERT advisory contains some of the e-mail subject lines being used in the spam run. Some examples:
- Governmental registration program on the H1N1 vaccination
- Your personal vaccination profile