via the eponymous Dan Goodin [writing at Ars Technica], comes this astonishing piece on a bit of malware monikered Stardust [of which, apparently resides - firmly in this case - within Point of Sale card readers] and the implications thereof.
Apparently, we have advanced warning, and have met the enemy. Unfortunately, it be us...
'Symantec has discovered a new Linux worm that appears to be engineered to target the “Internet of things”. The worm is capable of attacking a range of small, Internet-enabled devices in addition to traditional computers. Variants exist for chip architectures usually found in devices such as home routers, set-top boxes and security cameras. Although no attacks against these devices have been found in the wild, many users may not realize they are at risk, since they are unaware they own devices that run Linux.' - via Symantec'sKaoru Hayash
Meanwhile, in the seemingly neverending and langorous tale of less than competent curatorial acumen, the Google Inc. (NasdaqGS: GOOG) Google Play store is serving up not-so-playful malware, evidently, to the tune of over 9 million downloads. Tout simplement incroyable...
viaCircleID, comes the sad tale of opportunistic spam botnet herders utilizing the recent Boston Marathon terror attacks as spam and malware laden vectors. Evidence, via Cisco Threat Researcher Craig Williams has revealed nearly 50 percentile of all spam transmits on the 15th of the month were related to bilking the unwary with a terror vector, masquerading as news reportage or charity missives.
Apparently, nefarious cybercrime organizations see no difference between the Capitalist Revisionists and Communistes Chinois' licensed Google Inc. (NasdaqGS: GOOG) Android devices. Ah, the leveling of the political landscape, as it were.
Evidently, Google Inc.'s [NasdaqGS: GOOG] GooglePlay is hosting CARBERP [the so-called CarBerp-In-The-Middle, or CitMo - a variant of Man-In-The-Browser attack agents], thence lining the pockets of miscreants, opening backdoors, stealing financial information, et cetera. Phenomenal. What happened to proactive vulnerability scanning in Mountain View?
News is making the rounds of the 'discovery' of a new (questionablel) malware artifact on a variety of systems (with the preponderance located within 'financial systems'). Is this the beginning of a coordinated attack on United States financial systems reported last week or simply year-end FUD? The discoverer, Symantec, is rating this artifact as 'Risk Level One, Very Low'... You be the judge.
The Iranian CERT is reportedly claiming a newly arisen data-wiping bit of malware is making the rounds thereabouts. Specifics of the malicious codebase were released by the Iraninan MAHER Center (the Iranian CERT organization and part of Iran's Communication's Ministry).
Additional information, published via the Kaspersky SecureList by a company employee - Roel Schouwenberg are on record, detailing the simple structure of the malware under scrutiny (a couple of batch files, modified into executable files by bat2exe). Another Wiper variant? You be the judge...