New Malware Causes Concern
Grok Headline matches for New Malware Causes Concern
Malware on the way out
Malware on the way out
07/15/2004 12:21 PM
Are spyware & adware on the way out? More and more I'm hearing
about companies taking the turn for the better. BOUT TIME! Even the
once-accused
WeatherBug has taken
strong stances and stronger actions against malware, and is
called for it. But will it last, has features and views beat
the 'ware?
First malware for OS X?
First malware for OS X?
04/09/2004 04:04 PMOne of the selling points of OS X has been, to date, the lack of any
viruses, worms, or Trojan horses. Intego reports that it has
identified a Trojan horse called MP3Concept.
Mac OS X displays the icon of the MP3 file, with an .mp3
extension, rather than showing the file as an application, leading
users to believe that they can double-click the file to listen to it.
But double clicking the file launches the hidden code, which can
damage or delete files on computers running Mac OS X, then iTunes to
play the music contained in the file, to make users think that it is
really an MP3 file . While the first versions of this Trojan horse
that Intego has isolated are benign, this technique opens the door to
more serious risks.
Link
Meeroh sez:
The Mac OS X mp3 trojan is being blown completely out of proportion.
Quick review of facts so far:
1. It was pointed out in a Usenet thread that it is possible to
embed arbitrary data in an mp3
2. It was subsequently suggested that the arbitrary data could be
executable
3. An enterprising developer proceeded to then create a file which to
any mp3 player will appear as an mp3 file, but the Mac OS X Finder
sees it as an application
4. An anti-virus vendor published advertising for their product saying
that it has a cure for this form of Trojan.
Some other relevant points:
1. This has little to do with Mac OS X vs. Mac OS 9. The exact same
file will do the exact same thing on Mac OS 9 -- be playable by mp3
players, and act as an application
2. This has little to do with Mac OS X using extensions to identify
file types. The icon shown by the Finder could be embedded in the file
itself, in which case the file would look like an mp3 file regardless
of its name.
3. This trick requires using the resource fork, and therefore the file
has to be transmitted encoded. Any mp3 file that is transferred as a
plain binary file (as opposed to a Mac binary file, with the resource
fork), is harmless.
4. The fact that the file can be played in am mp3 player is
irrelevant; if the trojan were malicious, the user would be doomed
after double-clicking on it regardless of whether the file is a valid
audio file.
To summarize, a Mac application can have any icon or name
whatsoever, including a name and an icon that make it look like a
document. Exactly what happens when you receive such an application
(in email or by downloading it in your browser) depends on your
settings, but I am not aware of any case in which it will be
automatically launched.
Therefore, to activate this Trojan you have to either receive a
Mac-encoded attachment and double-click on it in the Finder, or you
have to download a Mac-encoded a file (which is then usually decoded
to your desktop) and double-click it in the Finder.
The only reason that this is news is that a vendor of anti-virus
software took it as an opportunity to generate some advertising, as
far as I can tell.
Malware Inc.
Malware Inc.
04/04/2005 08:50 PMIn news that should surprise absolutely none of you, it appears that
the people who used to write viruses for ego purposes are increasingly
writing
spyware for money instead. Basically, what the study (bias alert:
done by a security company who's trying to sell you stuff) points out
is that, just like with file sharing applications, spyware and adware
have become a
business model for virus writers. They're
wrapping up their viruses with spyware; they still get the ego boost,
but also some profit as well. No wonder virus companies are
desperately trying to come up with decent anti-spyware offerings.
Analyzing malware
Analyzing malware
02/19/2004 04:11 AMMalware is a set of instructions that run on your computer and make
your system do something that an attacker wants it to do. I strongly
encourage you to run attack and defensive tools in a laboratory of
your own. Here's how.
Malware: Do you know your enemy?
Malware: Do you know your enemy?
02/05/2005 09:11 PMZDNet Feb 4 2005 12:40PM GMT
Click Here For Malware
Click Here For Malware
09/23/2004 06:52 AMTechTree Sep 23 2004 10:05AM GMT
All quiet on the malware front
All quiet on the malware front
07/01/2004 06:55 AMZafi tops viral charts in placid June
Malware Might Become a Problem for
Macintosh
Malware Might Become a Problem for
Macintosh
09/04/2004 01:38 AMDirect and Related Links
for 'Malware Might Become a Problem for Macintosh'
“Macintosh users have had some bragging rights over their
Windows counterparts for various reasons, not the least of which is
“malware” — viruses, worms and Trojan horses —
that is a frequent pain to Windows users. But on March 20, a
“proof of concept” Trojan horse named MPSConcept (file
name MP3Virus.Gen) was discovered, paving the way for more serious
malware. The malware is theoretically benign but is intended to show a
particular vulnerability in an…
Other News: Using Malware for Profit
Other News: Using Malware for Profit
09/09/2004 10:37 AMUSA Today spent eight months digging into details of computer malware
and its use for profit.
Malware attacks IE users via pop-ups
Malware attacks IE users via pop-ups
06/30/2004 07:34 AMOh dear
Other News: Sniffer Malware
Other News: Sniffer Malware
09/20/2004 10:43 AMThe latest malware sniffs network traffic for sensitive information, a
nasty new trick.
First 64-Bit Malware for Windows Appears
First 64-Bit Malware for Windows Appears
05/27/2004 11:05 AMProof-of-concept threat not spreading in wild, only affects 64-bit
Windows systems.
Malware Analysis for Administrators
Malware Analysis for Administrators
05/24/2004 12:36 PMBig muscle on the way to battle malware
Big muscle on the way to battle malware
12/27/2004 04:34 AMUSA Today Dec 27 2004 8:50AM GMT
Other News: Macs and Malware
Other News: Macs and Malware
03/19/2005 02:34 AMOne anti-virus executive says Macs are untroubled by malware, but
here's why you need to keep up your guard.
Symantec: Mac OS X Becoming a Malware
Target
Symantec: Mac OS X Becoming a Malware
Target
03/22/2005 04:42 PMSlashdot Mar 22 2005 1:34AM GMT
Stopping Malware Before It Hits
Stopping Malware Before It Hits
11/16/2003 06:14 PMSpudGunMan writes "John Lockwood, Ph.D, an assistant professor of
computer science at Washington University, and the graduate students
that work in his ...
Microsoft Prepares to Dash Malware with
"A1"
Microsoft Prepares to Dash Malware with
"A1"
01/05/2005 03:30 AMMicrosoft's upcoming antivirus/anti-spyware subscription service,
dubbed "A1" is going beta. Microsoft Watch is reporting that even
while Redmond has remained tight-lipped, it has silently begun to
inform partners of its plans for the service. A1 will "secure the
perimeter" around Windows, making flaws in its design less significant
than in the past.
Toxic bl0gs spreading malware
Toxic bl0gs spreading malware
04/14/2005 03:22 PMComputer Weekly Apr 14 2005 5:59PM GMT
Malware: Fighting Malicious Code
Malware: Fighting Malicious Code
06/11/2004 06:33 AMA comprehensive guide for defending against viruses, worms, rrotkits
and more.
DNS Cache Poisoning Spreads Malware
DNS Cache Poisoning Spreads Malware
04/06/2005 01:53 PMMalware records banking passwords
Malware records banking passwords
06/30/2004 03:13 AMZDNet UK Jun 30 2004 7:55AM GMT
New mobile malware wipes phones
New mobile malware wipes phones
04/06/2005 01:50 PMPersonal Computer World Apr 6 2005 5:14PM GMT
Identity checks combat malware
Identity checks combat malware
03/29/2005 04:43 PMvnunet.com Mar 29 2005 8:15PM GMT
Mozilla Developers Respond to Malware
Mozilla Developers Respond to Malware
07/13/2004 10:13 AMHas Mass-Mailed Malware Peaked?
Has Mass-Mailed Malware Peaked?
03/27/2005 12:28 PMNew IE Malware Captures Passwords Ahead
Of SSL
New IE Malware Captures Passwords Ahead
Of SSL
06/29/2004 03:30 PMAdware dominates PC malware infections
Adware dominates PC malware infections
03/24/2005 01:48 PMvnunet.com Mar 24 2005 4:06PM GMT
Malware infects BitTorrent downloads
Malware infects BitTorrent downloads
06/17/2005 07:12 PMThose using BT in the legally and ethically questionable act of
downloading copyrighted content may become victims of a legally and
ethically questionable act.
Microsoft to Squash Malware with 'A1'
Microsoft to Squash Malware with 'A1'
01/05/2005 08:49 AMMicrosoft's upcoming antivirus/anti-spyware subscription service,
dubbed "A1" is going beta. Microsoft Watch is reporting that even
while Redmond has remained tight-lipped, it has silently begun to
inform partners of its plans for the service. A1 will "secure the
perimeter" around Windows.
A script to prevent damage from rm -rf
malware
A script to prevent damage from rm -rf
malware
05/18/2004 10:37 AMAfter reading about the malware / Trojan Horse business that has been
flying around lately, I realized that there is a fairly easy way to
protect against this kind of thing. I wrote a script which duplicates
a folder (like a ...
spyware, adware, sneakware, malware
spyware, adware, sneakware, malware
05/07/2004 07:56 AMNew malware masquerades as Microsoft
update
New malware masquerades as Microsoft
update
01/09/2004 09:57 PMA Trojan horse program that appears to be a Microsoft Corp. security
update can download malicious code from a remote Web site and install
a back door on the compromised computer, leaving it vulnerable to
remote control.
IDefense Inc., a Reston, Va., computer security company, said the
malicious code is the latest example of so-called social engineering
to fool Windows users. It is similar to the W32Swen worm, which last
year passed itself off as a Microsoft patch.
Nasty Malware Fouls PCs With Porn
Nasty Malware Fouls PCs With Porn
04/30/2004 04:52 AMAn especially evil new browser hijacker is sweeping the Net, spying on
users of infected machines and pummeling them with truly vile
pornography. Some folks are screaming for vengeance, but the problem
is finding out who unleashed the vicious code. By Michelle Delio.
Malware Hijacking Google Homepage
Malware Hijacking Google Homepage
10/28/2003 11:08 PMA lot of malware has been going around lately, some of it preventing
you from visiting the actual Google website, or putting up a notice
when you try to visit. The most common reason for this is spyware or
malware -- software that's included with other programs and stows away
in your computer watching what you're doing, popping up ads, and doing
other bad things. To get rid of it, you can install LavaSoft's
Ad-Aware or Spybot Search and Destroy. Both are free but neither me
nor Google are recommending either....
Malware - Fighting Malicious Code
Malware - Fighting Malicious Code
04/19/2004 01:50 PMTwenty years of malware--and counting
Twenty years of malware--and counting
11/12/2003 01:12 PMZDNet Nov 12 2003 10:40AM ET
Cost of malware soars to $166bn in 2004
Cost of malware soars to $166bn in 2004
02/01/2005 09:24 PMMicrosoft Prepares to Dash Malware with
'A1'
Microsoft Prepares to Dash Malware with
'A1'
01/05/2005 03:10 AMBetaNews Jan 5 2005 7:23AM GMT
Grok Description matches for New Malware Causes Concern
GrokA matches for New Malware Causes Concern
New Malware Causes Concern
