Worm

Hackers could damage US power generation plants, water treatment facilities, and other critical infrastructure with clones of the Stuxnet computer worm, warn officials at the US Department of Homeland Security.

When the Stuxnet hurt Iran's nuclear-enrichment operations, it was widely believed that it was Israel and US behind the attack.

Now Microsoft’s Malicious Software Removal Tool can detect and clean the fourth-biggest threat in automated program's history, which dates back to at least 2005.

Researchers have found that at least 2,500 victims paid to hackers so that they would free them from the worm that had sized users’ PCs. A fast-spreading virus identified by Trend Micro as Worm_Rixobot.A has been spreading in recent weeks using infected porn websites, instant messaging applications and even infected USB drives.

According to security researchers the inability of Stuxnet worm to stay unnoticed may be explained by the failure of its creators to direct to a specified target. This summer the worm which was developed to infiltrate heavy-duty industrial control programs that monitor and manage factories, oil pipelines, power plants and other critical installations came to the experts’ view.

A security researcher Sean Sullivan of the Finnish security company F-Secure came to a conclusion that social networking websites like Facebook and Twitter have a natural defense against hardcore hackers. He says that it is exactly the speed of infection spread which makes the scam scheme inefficient for hackers.

Symantec warned that a fast-spreading email worm that started its move Thursday this week may have affected numerous PCs worldwide. Users receive an email message with the subject “Here you have.” An executable screensaver that's disguised as a PDF document then tries to send the same message to everyone listed in the recipient's address book. The .scr file is a variation of the W32.Imsolk.A@mm worm Symantec discovered last month.

 When you read about Stuxnet and that it used stolen digital certificates from Realtek and JMicron to sign the worm, you may have wondered what the significance of that is or why they did that. There are actually a couple of factors to consider.

When you try to install certain types of software on Windows Vista or Windows 7 it needs to be digitally signed with a trusted certificate. On Vista there is a warning dialog if the software is not digitally signed or has an untrusted certificate. On Windows 7 the file MUST be properly signed with a trusted certificate.

McAfee announces USB flash drives worm to be the biggest security threat to PC users.

Qualys, a security risk and compliance management provider, reports that today nearly 10% of Windows systems it monitors for customers have not yet applied Microsoft 's MS08-067 security update. A year has passed since the gloomy reports that were telling about the Conficker worm and predicting that it would destroy the Internet but many users as is shown by the latest figures are still unprotected against it.

Conficker worm is reportedly thriving in the developing world. Despite high profile infection at the UK's Ministry of Defence and a series of British hospitals, to cite just a few examples, Conficker has proportionally affected systems in Africa and south America far more. Developing nations have become "malware ghettos", stats from Shadowserver suggest.

This vast cybercrime resource has remained dormant throughout 2009, after first appearing in October 2008.

 A new worm than installs a backdoor on jailbroken iPhones and makes them part of a botnet was recently detected by a Dutch Internet service provider. According to XS4ALL the malware targets only jailbroken iPhones whose owners have carelessly failed to change the default password.

The injure is added by the insult in that the worm changes the root password for the device, making it harder for owners trying to regain control. Infected iPhones are also tagged with a unique ID number.

 Over 10,000 Microsoft Live account names and their credentials were published on the Internet supposedly by the cyber criminals who had collected them through phishing and other fraud schemes.