Trojan

(get it in RSS or Atom)

Malware found sucking up data on new Japanese space agency rocket

by Lisa Vaas on December 3, 2012 | 1 Comment
Malware found sucking up data on new Japanese space agency rocket

Malware discovered on a Japanese space agency desktop computer has been stealing data on Epsilon - a new, AI-enabled rocket - and beaming it to controllers outside the agency. It's only the latest in a string of data-siphoning incidents that's plagued the agency.

Monday review - the hot 22 stories of the week

by Anna Brading on November 19, 2012 | Leave a comment
Monday review - the hot 22 stories of the week

Here you go. All the stories we wrote in the past seven days, in case you missed anything (or just want to read them again).

Trojan horse designed to steal your photos

by Chester Wisniewski on November 6, 2012 | 26 Comments
Trojan horse designed to steal your photos

A new Trojan is on the scene designed to steal your images and memory dumps. Are the thieves digging for dirt or stealing state secrets?

IP theft attacks can hide on networks for years, unspotted by corporate victims, report claims

by Paul Roberts on October 25, 2012 | 1 Comment
IP theft attacks can hide on networks for years, without the knowledge of corporate victims, report claims

Organizations in the financial services and public administration sectors are the primary targets of sophisticated attacks aimed at stealing intellectual property, with attacks involving both external and internal agents and lasting for months or years, according to a new report from Verizon.

Unmasked! Alleged mastermind of "Project Blitzkrieg" online attack plot against US banks

by Lisa Vaas on October 9, 2012 | 3 Comments
Alleged mastermind of "Project Blitzkrieg" project targeting US banks is unmasked

Claims are made that a cyber gang is recruiting some 100 botmasters for a Trojan attack against 30 US bank, and the plot's alleged mastermind is unmasked.

But given the alleged fraudster's flamboyant claims, can we be sure he's not a trap set by Russian law enforcement?

SourceForge serves up malware-infected phpMyAdmin toolkit

by Paul Ducklin on September 27, 2012 | 3 Comments
phpmyadmin-logo-250

Being careful where you download from isn't always enough.

SourceForge, the hosting service for phpMyAdmin, has disclosed that the official phpMyAdmin 3.5.2.2 distribution was Trojanised some time last weekend.

Microsoft advisory: Internet Explorer zero day affects most Windows versions

by Paul Roberts on September 18, 2012 | 8 Comments
Microsoft advisory: Internet Explorer zero day affects most Windows versions

A newly discovered and serious security hole in Microsoft’s Internet Explorer web browser affects a wide swath of the company’s Windows and Internet Explorer installations, according to a Security Advisory released by the company late Monday.

New IE zero day exploit circulating, used to install Poison Ivy

by Paul Roberts on September 17, 2012 | 17 Comments
New IE zero day exploit circulating, used to install Poison Ivy

The gang behind that recent Java zero day attacks apparently hasn't packed up for the season. A researcher examining one of the servers used to launch attacks on vulnerable Java installations said he found a new zero day exploit for Microsoft's Internet Explorer web browser.

Apple zombie malware 'NetWeird' rummages for browser and email passwords

by Paul Ducklin on August 24, 2012 | 32 Comments
Apple malware 'NetWeird' rummages for browser and email passwords

When we write Naked Security articles about Mac malware, we often end up creating a bit of a stir.

So, with a deep breath, here's some Mac malware news: this time, it's a zombie Trojan called 'NetWeird'.

Bank's shoddy security was to blame for $588,851 online robbery, US appeals court rules

by Lisa Vaas on July 10, 2012 | 3 Comments
US appeals court holds bank liable for online security breach

A Maine construction company that saw its online bank account fraudulently drained of almost $600,000 might get some of it back due to what a US federal court has deemed shoddy security systems at its bank.

Spying Trojan targets Iranian and Syrian web surfers, dissidents

by Chester Wisniewski on May 29, 2012 | Leave a comment
GreenSimurghlogo250

A proxy tool used by Iranian internet users to evade censorship and oppression is being distributed with a Trojan horse that can log their keystrokes and surfing habits reporting back their activities to its author.

Notcom malware for Android distributed using drive-by downloads

by Chester Wisniewski on May 3, 2012 | 2 Comments
Notcom malware for Android distributed using drive-by downloads

Another Android Trojan is making the rounds, this one is distributed through drive-by downloads on compromised websites. Whether it's a proxy or a bot is not really important, make sure you don't install unsolicited packages on your phone.

Python-based malware attack targets Macs. Windows PCs also under fire

by Graham Cluley on April 27, 2012 | 17 Comments
windows-mac-thumb

A new malware attack is targeting Mac computers with a Python-based backdoor Trojan.

And Windows computers aren't getting away scott free either.

SSCC 87 - Mac botnet, Global Payments, Flash Player updater, AES-NI and cloud encryption

by Chester Wisniewski on April 7, 2012 | 5 Comments
Sophos Security Chet Chat

David Schwartzberg is this week's guest on the Chet Chat to talk about the data breach at Global Payments, a new Mac botnet and Flash Player updating. David also explained the new AES-NI encryption acceleration in Intel chips and a new way to safely store files in the cloud.

Mac backdoor Trojan embedded inside boobytrapped Word documents

by Graham Cluley on March 30, 2012 | 11 Comments
Mac backdoor Trojan embedded inside boobytrapped Word documents

A backdoor Trojan horse, which would allow a remote hacker to access your Mac computer without your knowledge and potentially snoop on your files and activity, has been discovered hidden inside a boobytrapped Word document.

SpyEye bank Trojan hides its fraud footprint

by Lisa Vaas on January 5, 2012 | 3 Comments
spyeye250

The latest variants of the information stealing SpyEye Trojan are now specializing in hiding fraudulent transactions from your online banking statements. Should we rethink giving up on our paper statements?

Targeted attacks steal credit cards from hospitality and educational institutions

by Chester Wisniewski on November 30, 2011 | 1 Comment
Detail of a four stars hotel with reflection

SophosLabs has been tracking an increase in targeted attacks focused on hospitality and education organizations. The malware steals credit card data directly from memory for later retrieval by the criminals involved.

Busted! Ukrainian cybercrime duo who ripped off $4.5 million sent to prison in UK

by Paul Ducklin on November 2, 2011 | 1 Comment
metpolicebike

London's Metropolitan Police Service has announced the conviction and sentencing of two Ukrainian cybercrooks.

The pair raided innocent victims' bank accounts of at least $4.5 million in just six months.

Bundestrojaner, Sony breach, Duqu, OS X anti-anti-virus, MS hack - 60 Sec Security

by Paul Ducklin on October 26, 2011 | Leave a comment
60ss-20111026-250

Enjoy the latest security news in brief by watching 60 Second Security!

This episode: the German Bundestrojaner controversy, Sony breached (again!), Duqu dubbed "Son of Stuxnet", OS X anti-anti-virus and Microsoft videos hacked.

Malware compromises USAF Predator drone computer systems

by Graham Cluley on October 10, 2011 | 14 Comments
Malware compromises USAF Predator drone computer systems

Malware has infected the control systems used by the United States Air Force to fly Predator and Reaper drones, logging keypresses as the unmanned aircraft are flown remotely in Afghanistan, Libya, Pakistan and other conflict zones.