trojan

Bing serves up more malicious sites than Google, report says

Although most search engines have measures in place to protect users against trojans, malicious sites still manage to crop up from time to time -- even in the top search results. An independent testing lab in Germany by the name of AV-Test has just completed an 18-month survey to find out which search engines are the worst offenders.

The lab tested 40 million Web sites (PDF) across seven search engines -- Google and Bing, the world's two most popular search engines; Yandex, Russia's biggest search engine; Blekko; peer-to-peer search engine Faroo; Teoma, better known as Ask.com; and … Read more

Who wrote the Flashback Trojan?

In September 2011, security companies first noticed a new malware scam for OS X, which posed as a fake Adobe Flash installer, and hence became known as Flashback. Unlike prior scams, this malware took on some new approaches to tricking users by infecting common browsers, disabling Apple's XProtect system, and eventually morphing into a Java-based exploit that resulted in approximately 600,000 Macs being infected worldwide.

The Flashback malware has been seen as one of the more widespread and successful attacks on the OS X platform, but while it was eventually snuffed out a year later, it left everyone … Read more

Apple fights Yontoo Trojan with XProtect update

Following news of the new adware Web plug-in Trojan found to be affecting OS X systems, Apple has released an XProtect malware definitions update to protect anyone who stumbles across it.

The Trojan, called Yontoo, is initially disguised as a media player or download manager plug-in and distributed on underground file-sharing and movie trailer Web sites. When installed it pretends to be a player called Twit Tube but installs the Yontoo plug-in. This plug-in will work in all Web browsers to track your browsing behaviors and then present ads on legitimate Web sites.

Unlike other malware that can hide itself … Read more

How to remove 'Yontoo' adware Trojan from your OS X system

Security company Dr. Web is reporting on a new adware Trojan attack that is targeting Mac users, where malicious Web sites will trick users into installing a plugin that will track your browsing and display ads to you.

The malware, called "Yontoo," will be first encountered as a media player, download manager, or other plug-in requirement for viewing contents on some maliciously crafted Web sites disguised as sources for file sharing and movie trailers. When the plug-in prompt is clicked, you're redirected to a site that downloads the Trojan installer and requires you to run it. The … Read more

New adware Trojan circulating that targets Mac OS X systems

A new Mac OS X Trojan is making the rounds, installing an adware plug-in that renders ads on Web pages to generate revenue for its author.

Dubbed Trojan.Yontoo.1, it is the most prominent of an increasing number of adware Trojans making the rounds, according to Russian antivirus company Dr. Web, the same company that discovered the Flashback virus last year.

"Criminals profit from affiliate ad network programs, and their interest in users of Apple-compatible computers grows day by day," Dr. Web said yesterday in a statement. "Recently discovered, Trojan.Yontoo.1 can serve as a … Read more

More Java-based malware plagues the cross-platform runtime

Java cannot seem to get a break. Only a few days after patching the last zero-day vulnerability, two more exploits are being found that make use of the runtime. One, as noted by Kaspersky, is a recent exploit of the latest runtime's attempts to install a McRAT executable by overwriting memory in the JVM that will trigger the executable to run.

Once installed, the McRAT malware will attempt to contact command and control servers and copy itself into dll files in Windows systems.

This malware is specifically Windows-based; however, a second one outlined by Intego, is a Minecraft password-stealing … Read more

NBC Web site back up after hack attack

NBC's Web site is up and running again after being knocked offline by a cyberattack for several hours yesterday.

The NBC site was the victim of a form of malware known as the Citadel Trojan. This specific strain targets companies in an attempt to steal usernames, passwords and other sensitive data. People who visit sites infected by the trojan can find their own PCs infected as well.

In the past, Citadel typically attacked banks and financial firms but has since expanded its reach to a wider range of organizations.

NBC, which is part of cable giant Comcast, is still trying to figure out how the attack occurred, … Read more

Malware getting smarter, says McAfee

Malware continues to grow, not just in volume but in sophistication, according to a new report from McAfee.

Released today, the security vendor's fourth-quarter 2012 Threats Report found that more organizations are being targeted by more clever cyberattacks.

The number of trojans designed to steal passwords rose 72 percent last quarter. Some of these trojans are part of "customized" threats, while others are packaged with more "off-the-shelf" forms of malware. As one example, the Citadel trojan was specifically designed to hit financial services companies.

Operation High Roller and Project Bliztkrieg were also cited by McAfee … Read more

Threat of mass cyberattacks on U.S. banks is real, McAfee warns

The wave of distributed denial of service attacks that hit U.S. banks in October was next-to-nothing compared to what could happen if cybercriminals actually carry through with their plans for next year.

According to a report (PDF) released today by McAfee Labs, an impending attack on U.S. financial institutions -- dubbed Project Blitzkrieg -- isn't only a possibility, it's a "credible threat."

"McAfee Labs believes that Project Blitzkrieg is a credible threat to the financial industry and appears to be moving forward as planned," the report reads. "Although Project Blitzkrieg hasn'… Read more