Entries in malware (15)

Monday
Mar072016

Transmission torrent app red flagged for malware on Mac OS X

Transmission has been one of the longtime favourite apps for sharing and downloading torrent files on Mac OS X and has been recently flagged for malware. Being open sourced software, the Transmission BitTorrent client version downloaded last Friday or Saturday are sketchy and are downloaders are being warned to update to the latest 2.92 version to avoid being targeted by a ransomware that infiltrated an earlier version of the open source software.

KeRanger is the is believed to be the "first fully functional" ransomware on the OS X platform. When incorporated into an app, the malware connects to a remote server via the Tor anonymizing service, then "begins encrypting certain types of document and data files on the system."

Click to read more ...

Sunday
Mar062016

OS X hit by first ransomware via Transmission BitTorrent client

Apple’s Mac operating system has been hit by the “first fully functional” ransomware threat via the Transmission BitTorrent client. According to Claud Xiao and Jin Chen of Palo Alto Networks, “attackers infected two installers of Transmission version 2.90 with KeRanger on the morning of March 4.” Once installed, the malware connected to a remote server via the Tor anonymizing service and it “begins encrypting certain types of document and data files on the system.” It then “demands that victims pay one bitcoin (about $400) to a specific address to retrieve their files.” If you downloaded the app on Friday or Saturday, it’s recommended you download the 2.92 update to avoid being targeted by the ransomware. And here are steps to identify and remove the malware if it was installed.

Apple on the same day the threat was discovered revoked the signing certificate involved to prevent new installations of the infected version via the iOS-like GateKeeper signed-app security system. They also automatically distributed an OS X XProtect antivirus signature to flag or quarantine existing compromised downloads. With these measures up, those who try to open a known-infected version of the app will get a warning dialog box that notes “Transmission.app will damage your computer. You should move it to the Trash,” or “Transmission can’t be opened. You should eject the disk image.”

Source: Apple Insider

Saturday
May162015

Malicious code found in some ‘Grand Theft Auto V’ mods

Mods are great for customizing games, particularly PC games. But that doesn’t mean they’re entirely safe. Some people do want to exploit the vulnerability these mods create. It has been found that the popular Angry Planes and No Clip mods for Grand Theft Auto V contain malicious code. A GTA Forums member found a Fade.exe executable in his temporary files folder after Angry Planes mod started to misbehave. It was found to be a keylogger. Other malware found in the mod included a Facebook spam/credential stealing module, a Messenger.com spam/credential stealing module, a UDP flooding module and a keylogger module, a Steam spamming module, and a Twitch spam/credential stealing module.

Source: Ubergizmo

Thursday
Apr102014

Kaspersky: Financial malware is on the rise

PC security leader Kaspersky latest study finds a steady rise of financial malware where the number of cyber attacks involving financial malware in 2013, increased to 28.4 million - 27.6% more than 2012. This is partly attributed to the rise in cryptocurrency like Bitcoin, which has been targeted by unscrupulous hackers.

New methonds in financial malware include banking Trojans, keyloggers and two relatively new classes of malware – one that steals from Bitcoin wallets and another that downloads software to generate the crypto-currency.

Click to read more ...