Meanwhile, in the seemingly neverending and langorous tale of less than competent curatorial acumen, the Google Inc. (NasdaqGS: GOOG) Google Play store is serving up not-so-playful malware, evidently, to the tune of over 9 million downloads. Tout simplement incroyable...
Image Courtesy Cisco
via CircleID, comes the sad tale of opportunistic spam botnet herders utilizing the recent Boston Marathon terror attacks as spam and malware laden vectors. Evidence, via Cisco Threat Researcher Craig Williams has revealed nearly 50 percentile of all spam transmits on the 15th of the month were related to bilking the unwary with a terror vector, masquerading as news reportage or charity missives.
Krebs on Security's Brian Krebs details the nefarious author of the Phoenix Exploit Kit - AlexUdakov (an alias). Evidently, AlexUdakov is now an involuntary guest of a yet unamed police division in the Russian Federation. I strongly suggest reading Krebs on Security for further, fascinating details and to remain up to date on this story of malware-gone-wild.
News, of the latest infect vector, this time within the self-branded MSN Italia pages, via the Microsoft Network.
A worthy screed, this time, by way of the inimitable Phil Muncaster at El Reg, targeting the relatively ancien régime MKD Trojan BotNet making the rounds in Zhonghua Renmin Gongheguo also know as the People's Repbulic of China (PRC).
Apparently, nefarious cybercrime organizations see no difference between the Capitalist Revisionists and Communistes Chinois' licensed Google Inc. (NasdaqGS: GOOG) Android devices. Ah, the leveling of the political landscape, as it were.
Evidently, Google Inc.'s [NasdaqGS: GOOG] GooglePlay is hosting CARBERP [the so-called CarBerp-In-The-Middle, or CitMo - a variant of Man-In-The-Browser attack agents], thence lining the pockets of miscreants, opening backdoors, stealing financial information, et cetera. Phenomenal. What happened to proactive vulnerability scanning in Mountain View?
News is making the rounds of the 'discovery' of a new (questionablel) malware artifact on a variety of systems (with the preponderance located within 'financial systems'). Is this the beginning of a coordinated attack on United States financial systems reported last week or simply year-end FUD? The discoverer, Symantec, is rating this artifact as 'Risk Level One, Very Low'... You be the judge.
Æ, Ğ, Ŭ
The Iranian CERT is reportedly claiming a newly arisen data-wiping bit of malware is making the rounds thereabouts. Specifics of the malicious codebase were released by the Iraninan MAHER Center (the Iranian CERT organization and part of Iran's Communication's Ministry).
Additional information, published via the Kaspersky SecureList by a company employee - Roel Schouwenberg are on record, detailing the simple structure of the malware under scrutiny (a couple of batch files, modified into executable files by bat2exe). Another Wiper variant? You be the judge...
Well crafted tale, worthy of Charles John Huffam Dickens, detailing the fascinating connection between the LinkedIn password fiasco and Charles Dickens. Highly Pickwickian.
via the inimitable Kim Zetter at Wired's ThreatLevel, comes the latest news of malicious, state-sponsored malware. Discovered by Kaspersky Lab, whom reports bad things flicker within the Flame...
"According to our analysis, the Flame malware is the same as “SkyWiper”, described by the CrySyS Laband by Iran Maher CERT group where it is called “Flamer”..." - via SecureList
via the comic genius of Nitrozac and Snaggy at The Joy of Tech™
