GLOBAL SECURITY ADVISOR RESEARCH BLOG

A new Trojan is infecting Facebook and distributes itself by sharing links on your behalf.

This new malware attack focuses on the users' Facebook profile. The malware is a Trojan Horse transmitted through a browser plugin, detected so far in Firefox and Chrome.

Tracking shows that the Trojan horse was first identified in Brazil, and its main activity is monitoring and testing whether the user logged into Facebook account. If the user is connected, the malware tries to get the configuration file that includes list of gestures that the Trojan could use on behalf of the user.

If you get an e-mail from the American airline - ‘Delta’ where you are asked to confirm the purchase of a ticket you allegedly purchased using your credit card, it is quite possible that this is a cyber-attack designed to tempt you into clicking a link, which in turn will infect your computer with malware.

The malware, is a variant of the malicious Zeus, which is known for several years and aims to take over the victim's computer and steal valuable information from it.

Whose fault is it?  New zero-day vulnerability announced and race is on for the application vendor to plug it.  Take the case with Microsoft’s recent IE8 zero-day admission (http://technet.microsoft.com/en-us/security/advisory/2847140), apparently being used by Chinese hackers to target nuclear researchers using Windows XP, sounds like something out of a Robert Ludlum novel, but its real life.  The Window of Vulnerability counter starts and the pressure is on Microsoft to come up with a fix.  Its not fair to focus on just Microsoft, or Adobe or any other of the regularly compromised software vendors, they have the issue because of their success, with so many users using their software it comes under the hackers microscope a lot more than less popular vendors.  They are working on a fix, hopefully we see it included in the next round of security updates due on the 14th of May, note it was announced on May 3rd, so at least 11 days of users being completely vulnerable, the window of vulnerability.

Another imposter anti-virus software calling itself ‘Secure Bit’ is trying to fraudulently get users' money after it convinces them that their computer is infected with viruses. If the user is not cooperating with the demands, the software locks the screen.

This anti-virus software pretender combines two methods of fraud – the fake anti-virus software and a malware that supposedly locks the screen in order to make the victim pay money to unlock. After the user installs this free “anti-virus” software it immediately notifies that the security level of the computer is low and which they need to call for support to address the found “threats”. At this point, pop-ups are opened notifying the daunting number of threats found.

Today, we do almost everything with our smartphone, but on the way we forget it is a computer in every way and our personal information may be in danger.

The first mistake of the average smartphone user is the belief that these devices are safer from your home PC and in most cases they are not aware of the tremendous amount of personal and business information that is stored on their device. Using our smartphone one can find a lot of information about us. For example where we are (GPS), what we are interested in (browser history), who our friends are (Facebook), our plans (logs), our finances (bank online connection), how we work and what we work on (business emails) and sometimes other personal information stored on our personal computer (by using the synchronization between the smartphone to the computer). In the near future, even our wallet will become digital and will be replaced by the smartphone as planned today by many cellular providers around the world.

The veteran Trojan Horse named ‘Zeus’ , which is active since 2007 and managed to knock many enterprise networks now returns thanks to a Facebook page that was set up for it. While in the meantime the page in question has been removed  from the social network, there have been a variety of botnet updates on various security loopholes and various updates added to Zeus making it more up-to-date and dangerous.

The things that Virus Writers are doing are always bad and unwanted. But sometimes they are even disgusting. Using very sad events such as wars or terror acts are making this difference. People spend their time to get rid of unwanted emails all the time and now Virus Writers are using Boston Marathon tragedy for their "social engineering tricks".

A new method for identification of mobile devices malware, which usually are not detected by the common detection methods, and uses advanced methods of machine learning.

Cellular phones security is an intensively studied area by security companies and research institutions around the world since the release of G1 devices Android based operating system in 2009.

New malicious spyware spreading around in Google Play, threatening millions of Android users. The good news is that you're only infected if you downloaded a funny Russian app, intended to transcribe other common applications. The bad news is it's probably popular applications since millions of users have already been infected.

The spyware received the non-surprising name ‘bad news’, and is currently detected in 32 different applications, created by four different developers. We can’t tell  exactly how many devices got infected, because Google Play is not showing exact number of downloads, but only a relatively wide ranges, so all we can say now is that between two million to nine million, not bad for relatively new spyware.