Leap second crashes browsers, Firefox
under attack and Windows 8 invites assaults
40. July 3, Softpedia – (International) Boxer SMS trojan advertised as Firefox for Android. June 26, Mozilla launched Firefox 14 for devices that run an Android operating system. In response, cyber criminals started masquerading an SMS trojan as the popular Web browser. The malicious element, identified as Trojan.AndroidOS.Boxer.d, is being advertised on many Russian Web sites and comes in various shapes and sizes, GFI experts said. Previously seen variants of Boxer informed users that by accepting a set of “rules” they would be charged for sending SMS messages to premium numbers. However, this version does not give any details regarding its true purpose. Once the rogue application is installed, the malware activates and sends an SMS to several numbers. Another difference, compared to older Boxer variants, is that once the SMS messages are sent, the victim is not redirected to a Web site from which the legitimate app can be downloaded. Instead, it simply loads google.com. Researchers believe this may be a tactic to make users think the application is defective. Users might download and install the fake software again, allowing Boxer to perform its malicious tasks more than once. The trojan was spotted posing as other apps as well, not just Firefox. When Instagram was launched on Google Play, Boxer was advertised as the popular photo sharing program. Source: http://news.softpedia.com/news/Boxer-SMS-Trojan-Advertised-as-Firefox-for-Android-278863.shtml
41. July 3, H Security – (International) Source code for the Zemra crimeware bot released. Source code for the Zemra trojan, which is already being used by criminals for distributed denial-of-service (DDoS) attacks, is circulating online. In contrast to the widely distributed Zeus bot, the source for which is also available online, Zemra is very new. According to security company Symantec, the trojan has only been available to purchase from underground forums since May 2012 and malicious parties are using it for the purpose of extortion. Symantec’s anti-virus solutions have only been able to detect Zemra for a week. Symantec said the crimeware pack is not currently very widespread. However, the availability of the source code means this could rapidly change, since anyone can now modify the bot for their own ends. This is not hard — Zemra was developed using the C# programming language. The source code should be comprehensible to anyone with basic programming skills. As well as various types of DDoS attack, Zemra can also download and run malware from the Web on command. It can also open a SOCKS proxy on an infected computer, allowing the bot herder to use the victim’s Internet connection. Zemra is also able to spread via USB flash drives. Communication between the bot and the PHP-based command-and-control server (also supplied) is encrypted. Source: http://www.h-online.com/security/news/item/Source-code-for-the-Zemra-crimeware-bot-released-1631420.html
42. July 2, Infosecurity – (International) Windows 8 has larger attack surface than Windows 7, researcher warns. The attack surface in Windows 8 is bigger than in Windows 7 because of new components and changed processes, especially with the Metro interface, warns a McAfee researcher. “Security risks from rogue applications and vulnerabilities in applications that interact with the web and handle user data leave lots of room for exploitation — not to mention ever-present malware on the desktop”, he explained. At the same time, Windows 8 has additional security features, which include improvements to Windows anti-malware components, declarative resource access, application vetting via the Microsoft Store, and restrictive resource access for applications. Source: http://www.infosecurity-magazine.com/view/26727/
43. July 2, Agence France-Presse – (International) ‘Leap second’ wreaks Internet havoc. An adjustment of a second in the official global clock sent dozens of Web sites crashing. The “leap second” was added to the Coordinated Universal Time to adjust clocks to the earth’s rotation the night of June 30, delaying for 1 second the transition to July 1. The extra second was too much for some software to handle. Reddit, a social news network, posted a Twitter message indicating its services were experiencing problems. Mozilla, the organization behind the Firefox browser, also had issues. The outages came roughly at the same time as a major storm that knocked out power to an Amazon data storage site which serves as cloud host for many Web sites, including Netflix. Some sites such as the social network Foursquare said they were affected by the Amazon outage. LinkedIn, the professional social network, said its service was down June 30, without elaborating. Source: http://news.yahoo.com/leap-second-wreaks-internet-havoc-172756529.html
Comments