malicious code

According to reports from Last Line security firm researchers have taken a closer insight into the inside of the renewed Waledac botnet and found that the Storm botnet successor contain passwords for almost 500,000 Pop3 email accounts, allowing spam to be sent through SMTP servers. Waledac masterminds hijack legitimate email servers and evade IP-based blacklisting techniques that many spam filters use to weed out junk messages.

A new deceptive trick was created by the scammers who develop scareware. The new malicious code called by specialists as Zeven was developed by fraudsters to automatically detect a user's browser before serving up a warning page that poses as the genuine pages generated by IE, Firefox or Chrome. Victims are warned about the putative infection in their systems to lure them into installing a fake anti-virus software package, called Win7 AV. Such warnings are generated from malicious scripts planted on compromised websites.

The first exploits have been released targeting programs including the Firefox browser, uTorrent BitTorrent client, and Microsoft PowerPoint, a day after Microsoft affirmed a vulnerability in Windows applications, executing malicious code on end-user PCs. 

A new type of clickjacking was recently noticed and removed on Facebook. The new “Share” attack relied on luring unwitting users into opening a "Facebook fan page" for the “Top 10 Funny T-Shirt Fails ROFL” and other potentially eye-catching content. Once selected these bogus pages load malicious script from an external domain that means the user will unwittingly share the dodgy page on their profile, promoting the scam to a mark's friends and contacts on Facebook.

Over 1 million webpages were infected in the course of an attack that can expose users to malware exploits. Among these websites there are at least two that belong to Apple. The SQL injection attacks bombard the websites of legitimate companies with database commands that attempt to add hidden links that lead to malware exploits.

Visitors of the US Treasure websites were hit by the cyber attack last week when the government websites redirected users to destinations which attempted to install malware on their PCs, a security researcher warned on Monday.

According to Roger Thompson, chief research officer of AVG Technologies, the infection buries an invisible iframe in bep.treas.gov, moneyfactory.gov, and bep.gov that invokes malicious scripts from grepad.com.

Kaspersky Lab announced the launch of a completely new product to protect TV users against malicious content like spam, cookies and other malware, as reported by the Russian media source SecurityLab.

According to some experts though there are no viruses targeting TV sets yet it won’t be a challenge to the wide popularity of the product.

In the course of research that studied the newly discovered botnet Kneber experts found that different infections on the same host can work together and thus ensure better survival rate.

Alex Cox, the senior consultant in the research department at NetWitness who discovered Kneber, noted that it is interesting how Kneber interacts with other malware networks being in a symbolic relationship with them which makes each botnet stronger against being dismantled.

Researcher Aviv Raff has found that the application used to install Adobe's ubiquitous Reader and Flash has flaws which can be exploited to remotely install malware on end user PC.

Being an ActiveX script, the Adobe Download Manager is used to install or update Reader or Flash using Internet Explorer. The researcher revealed that it can be exploited to install any file he wishes simply by tricking a user into clicking on a link on the Adobe.com domain.

This weekend Chinese local paper the Wuhan Evening News reported that the authorities closed allegedly the largest hacker training website in the country and arrested three of its members.

According to the newspaper the "Black Hawk Safety Net" website taught hacking techniques and provided malicious software downloads for its 12,000 members in exchange for a fee.

Those who want to make money on ‘affiliate’ malware program can apply for the participation the dedicated websites where cyber criminals are hiring referrals.

According to Kevin Stevens, a threat intelligence analyst for SecureWorks, who presented findings on the organizations at the Black Hat cybersecurity conference outside Washington, the two companies who are hiring advertise online.

The researcher under the nickname MustLive found that more than 8 million Flash files that make the websites hosting them vulnerable to attacks that target visitors with malicious code. Such files are placed on different websites operating in industries like casinos, news organizations, banks, and professional sports teams.

 According to the latest report of McAfee Cameroon (.cm) web domains were found to be the largest suppliers of malware having replaced Hong Kong. According to the research over 36.7% of domains registered in the West African country hosted viruses or malicious code.

McAfee explains the trend as a result of a misspelling. The security research group says that the .cm used by Cameroon is a common typo for .com and this fact was exploited by cybercriminals to set up fake typo-squatting sites that lead to malicious downloads or spyware under the country's domain.

 A new worm than installs a backdoor on jailbroken iPhones and makes them part of a botnet was recently detected by a Dutch Internet service provider. According to XS4ALL the malware targets only jailbroken iPhones whose owners have carelessly failed to change the default password.

The injure is added by the insult in that the worm changes the root password for the device, making it harder for owners trying to regain control. Infected iPhones are also tagged with a unique ID number.