A Firefox add-on has turned 12,500 users of the browser into a botnet which scours every page visited by infected users for vulnerabilities. The ‘Advanced Power’ add-on ensnared 12,500 PCs – and found 1,800 vulnerable websites for its unknown creators.
An international plot which would have turned huge numbers of PCs into “bricks” by using deeply buried malware was foiled by the NSA, according to an interview given to CBS by NSA director Keith Alexander. The attack could have “taken down the U.S. economy”, an NSA official claimed.
The FBI custom-designs malware to snare suspects, a court has heard, and has been able “for years” to watch suspects through PC webcams, a court has heard. The teams operate “like normal hackers” – and rely on phishing and other criminal techniques.
APTs – or Advanced Persistent Threats – are the most menacing cyber attack there is, some say. Built to be stealthy, they penetrate networks, steal secrets – and vanish. ‘Catching’ one was a little like finding Bigfoot – but the much-hyped threat wasn’t quite so scary up close…
As wireless technologies and electronic controls are increasingly built into cars, vehicles could become vulnerable to hackers – either stealing information, or injecting malware, a U.S. Senator warned – inspiring debate on how real this threat is.
Only weeks after Microsoft unveiled a global Cybercrime Center armed with new, hi-tech tools to combat crime, it announced it had carried out a global action leading to “significant disruption” of the Siferef botnet, a network controlling up to two million “zombie” PCs.
A vulnerability in Android could allow attackers to “unlock” phones without cracking PIN codes – using malware to deactivate Google’s locks on handsets and tablets. The vulnerability can “turn off” all locks a user puts in place.
An audio communication system designed for ultrasonic underwater communications can be used to steal data – even from disconnected PCs in secure environments, by relaying it to the outside world from PC to PC through computer speakers, researchers claim.
An Iranian news agency has said that “malware worse than Stuxnet” may soon be unleashed, to “spy on and destroy the software structure of Iran’s nuclear program”.
Filecoder, an unpleasant and virulent strain of ransomware is now spreading globally, with experts estimating that the gang behind it must be earning “millions”. The surging value of Bitcoin may be helping the criminals, experts say.
The company, E-Sports Entertainment, served up malware which used PCs to mine Bitcoins, an attack which earned $3,602. The malware was delivered surreptitiously alongside the company’s official client.
In the first of a series of guest blog posts AV industry veteran Graham Cluley voices his opinion on how security has changed – and the changes we all need to make for the future.
By the middle of May, users around the world started to receive messages from their contacts through different instant-messaging applications, such as Skype and Gtalk – an attack that showed off how age-old techniques can ensnare thousands of users. Here, we analyze this attack.
Tens of millions of computer users are at risk from Filecoder due to a “mass spamming event”, detailed in an alert from Britain’s National Cyber Crime Unit, which is targeting small businesses with a spam campaign.
American PC users are being hit with a new wave of Filecoder ransomware, which locks access to computers and demands $300 – with a ticking timer before files are locked forever, according to US-CERT.
On November 2nd, 1988, the Morris worm was released by its author, and within 24 hours had caused damage across the world. It spread via the internet – and its release marked a new dawn for malicious software. Our five facts highlight what has changed since – and what hasn’t.
A three-year-battle with a mysterious new strain of malware has led researcher Dragos Ruiu to conclude that the BadBIOS malware infesting his lab “jumps” from PC to PC using sound – and can be transmitted without any internet connection.
Users of Google’s Chrome browser will be able to “purge” rogue plug-ins, after attacks where a supposedly helpful browser add-on contains malware – a tactic adopted by cybercriminals, as reported by We Live Security earlier this year.