malware

The FBI is willing to pay top dollar to download some malware

The Federal Bureau of Investigation is willing to pay top dollar for the malicious, infectious software the rest of us pay to keep out of our computers, according to the Federal Business Opportunities website. A Monday price quote request by the Investigative Analysis Unit of the agency’s Operational Technology Division is asking computer security developers …

The FBI is willing to pay top dollar to download some malware Read More »

Backdoor Uses Evernote as Command-and-Control Server

With its rich functionality and accessibility, Evernote is a popular note-taking tool for its many users. Unfortunately, it may also provide the perfect cover for cybercriminals’ tracks. We recently uncovered a malware that appears to be using Evernote as a communication and control (C&C) server. The malware attempts to connect to Evernote via https://evernote.com/intl/zh-cn, which …

Backdoor Uses Evernote as Command-and-Control Server Read More »

Stuxnet Missing Link Found, Resolves Some Mysteries Around the Cyberweapon

Cross-posted from WIRED. As Iran met in Kazakhstan this week with members of the UN Security Council to discuss its nuclear program, researchers announced that a new variant of the sophisticated cyberweapon known as Stuxnet had been found, which predates other known versions of the malicious code that were reportedly unleashed by the U.S. and …

Stuxnet Missing Link Found, Resolves Some Mysteries Around the Cyberweapon Read More »

Dorkbot worm lurks on Skype and MSN Messenger again

The Dorkbot/Rodpicom worm, which spreads via messaging applications and leads to additional malware infections, is currently doing rounds on Skype and MSN Messenger, warns Fortinet. The vicious circle starts with potential victims receiving a direct message from a contact, asking “LOL is this your new profile pic? http://goo.gl/[removed]”. Those who follow the link land on …

Dorkbot worm lurks on Skype and MSN Messenger again Read More »

Narilam Worm manipulates databases in Iran

h-Online: Security firm Symantec has discovered a specialised worm called W32.Narilam that can compromise SQL databases. Symantec reports that the malware “speaks” Persian and Arabic and appears to target mainly companies in Iran. Narilam is, therefore, reminiscent of Stuxnet and its variants. Narilam spreads via USB flash drives and network shares. Once inside the system, …

Narilam Worm manipulates databases in Iran Read More »

Crisis malware infects VMware virtual machines

v3.co.uk: The Windows version of the Crisis Trojan is far more dangerous than first thought, being capable of infecting VMware virtual machine images, Windows Mobile devices and removable USB drives, research has revealed. Crisis was originally uncovered targeting businesses with social engineering attacks that trick users into running a malicious Java applet in July. Symantec …

Crisis malware infects VMware virtual machines Read More »

Bogus anti-hacking tool targets Syrian activists

h-online: Syrian activists, journalists and opposition group members are reportedly under attack by malware claiming to be a security tool that will help protect them against hackers. The fake “AntiHacker” tool is being spread through targeted phishing emails and via sites such as Facebook, and claims to provide “Auto-Protect & Auto-Detect & Security & Quick …

Bogus anti-hacking tool targets Syrian activists Read More »