Free Republic

Russian anti-virus software maker Doctor Web, has identified, “The first Trojan in history to steal Linux and Mac OS X passwords.” BackDoor.Wirenet.1, is the first Trojan Horse program that works on the Mac OS X and Linux platforms that is, “designed to steal passwords stored by a number of popular Internet applications.” The company, which sells anti-virus software that, conveniently, protects you against the malware they are identifying, explains that, “When launched, it creates its copy in the user’s home directory. The program uses the Advanced Encryption Standard (AES) to communicate with its control server whose address is 212.7.208.65.” The...

They must have rubbed Mayor Bloomberg the wrong way. City officials pulled the plug on a vibrator giveaway by the Trojan condom company yesterday, disappointing potentially thousands of pleasure-seeking women who hoped to get their hands on some no-cost sex toys.

Update – July 25, 2012 10:30AM PDT This threat may run on Leopard 10.5, but it has a tendency to crash. It does not run on the new Mountain Lion 10.8. _______ Intego has discovered a new Trojan called OSX/Crisis. This threat is a dropper which creates a backdoor when it’s run. It installs silently, without requiring a password, and works only in OSX versions 10.6 and 10.7 – Snow Leopard and Lion. The Trojan preserves itself against reboots, so it will continue to run until it’s removed. Depending on whether or not the dropper runs on a user...

On Monday, July 9th, the FBI will pull the plug on internet access to hundreds of thousands of computers infected with a malware Trojan known as DNSChanger. Even if your computer is clean, companies that have compromised systems in their network will be taken offline, hindering their ability to do business and possibly breaking their websites, in what many are referring to as “Internet Doomsday.”

Efforts to eliminate a high-profile Trojan may cause some Internet users to lose connectivity on Monday. And, getting systems back up and running may be far more difficult than the preventative measures themselves. The Federal Bureau of Investigation will be shutting down servers used by operators leveraging the DNSChanger Trojan, and when that happens, people with infected systems will lose access to the Internet, according to Dave Marcus, director of advanced researcher and threat intelligence at McAfee Labs. “A DNSChanger Trojan literally changes the infected computer's DNS settings,” explained Marcus. “When a user opens up a browser and enters a...

Researchers have spotted a new banking Trojan subbed 'Tinba' that appears to have hit on a simple tactic for evading security - be as small as possible. An astonishing 20KB in size, Tinba ('Tiny Banker') retains enough sophistication to match almost anything that can be done by much larger malware types. Its main purpose is to burrow into browsers in order to steal logins, but it can also use 'obfuscated' (i.e disguised) web injection and man-in-the-browser to attempt to finesse two-factor web authentication systems. A particularly interesting feature is the way it tries to evade resident security, injecting itself into...

I trust TopTenREVIEWS. So when my security softeware expired, I took their recommendation and bought COMODO Internet Security Complete 2012. A little later I decided to get a utilities tool for Windows XP SP3, and again, I went to TopTenReviews. I purchased Advanced System Optimizer 3.1, Advanced System Optimizer 3.1, now 3.2, has a tool called "System Protector", and it finds many viruses and malware that COMODO doesn't. My find was "trojan-downloader.banload". It attacked the registry the following areas: hkey-users\.default\software\microsoft\windows\currentversion\internet settings\zonemap\ranges\ range10\* range10\:range range6 range6\* range6\:range range2 range2\* range2\:range range15 range15\* range16\:range range7 range7\* range7\:range range5 range5\* range5\:range This...

Cambridge University researchers find that a microprocessor used by the US military but made in China contains secret remote access capability A microchip used by the US military and manufactured in China contains a secret "backdoor" that means it can be shut off or reprogrammed without the user knowing, according to researchers at Cambridge University's Computing Laboratory. The unnamed chip, which the researchers claim is widely used in military and industrial applications, is "wide open to intellectual property theft, fraud and reverse engineering of the design to allow the introduction of a backdoor or Trojan", they said. The discovery was...

Brand new computer.

EA Germany has denied claims made by German gamers and journalists that its Origin service is invading their privacy. Germany's privacy laws are amongst the toughest in the Western world. It should come as no surprise that EA's Origin service - which is mandatory for gamers wishing to play Battlefield 3 on PC, and has been criticized for invasion of privacy before - has come under fire in the country known for challenging Google streetview and banning the Facebook "Like" button. German gamers are taking the situation pretty seriously. The furore began a few days ago, when pictures that appeared...

Major Security Firms Detect New Trojan Capable Of Disrupting Power Plants, Oil Refineries and Other Critical Infrastructure Networks Mac Slavo October 19th, 2011 In our October 7, 2011 report There Have Been Intrusions, we noted that DHS Undersecretary Greg Shaffer warned that hackers and foreign governments are “knocking on the backdoor” of the networked systems which connect everything from infrastructure grid control systems to financial networks. It now appears that our interconnected smart grid is actively under attack, as evidenced by a new Stuxnet-style trojan that has been detected by major cyber security leaders Symantec and McAfee. Much like its...

The asteroid in the Earth's orbit around the sun has been hiding from view, mostly overhead during daylight, study finds. Turns out the moon's not the Earth's only traveling companion. Space scientists have discovered an asteroid that's been following our fair planet for thousands of years, at least — and there may be many more where it came from, according to a recent study.

In an unusual move, federal authorities will be contacting computer users with systems infected by the Coreflood botnet Trojan and asking them to agree to allow them to send commands to the malware so it will delete itself. The move comes in the in the wake of a coordinated takedown earlier this month by the FBI and other authorities, in which the U.S. government essentially substituted its own command-and-control servers in place of those used by Coreflood and issued commands telling the program to shut down on infected PCs. The move reduced activity from the Coreflood botnet by about 90...

Malware may have been a contributory cause of a fatal Spanair crash that killed 154 people two years ago. Spanair flight number JK 5022 crashed with 172 on board moments after taking off from Madrid's Barajas Airport on a scheduled flight to Las Palmas on 20 August 2008. Just 18 survived the crash and subsequent fire aboard the McDonnell Douglas MD-82 aircraft. The airline's central computer which registered technical problems on planes was infected by Trojans at the time of the fatal crash and this resulted in a failure to raise an alarm over multiple problems with the plane, according...

SNIPPET: "Thousands of online banking customers have had their accounts drained by a sophisticated new computer virus, internet security experts say. Around £675,000 was taken from a "large UK financial institution" over the last month with 3,000 customers hit - and the attacks are ongoing. Online security firm M86 Security Labs said the customers were infected with a Trojan virus - which cannot be detected by traditional anti-virus software - while browsing the internet. The Trojan, known as a Zeus v3, copies the passwords and usernames of customers' online details and transfers their funds to a different account. It then...

My Firewall/Antivirus detected an infection of the "Packed.Win32.Krap.hm!A2" and http://www.threatexpert.com/report.aspx?md5=45e98426fafd221ffb7d55ce8a1ae531 says it's: A malicious trojan horse or bot that may represent security risk for the compromised system and/or its network environment. I tried to block it and delete the infected files, but that just set off an attack against my computer, which caused me to reload from backup several times. How do I get rid of this nightmare, and prevent it from coming back?

Wonderful, just one more way for our benevolent federal government to spy on us.

Liberty flourished and those who would defeat her pressed their wills on distant shores. Wherever Liberty was oppressed, “Free Men” rose and ruined the yoke that would constrain them; the world saw America as the shining star of freedom and its defender at all cost. Despot after despot dashed their oppressive wills against the walls of Freedom and time after time, continent after continent, they were defeated. With direct assault failing the oppressors of men would need a new tactic, if Liberty could not be controlled from without it must be stolen from within. Thus began the construction of the...

Summary Trojan:Win32/Alureon.A is a data-stealing trojan. This trojan allows an attacker to intercept incoming and outgoing Internet traffic in order to gather confidential information such as user names, passwords, and credit card data. Trojan:Win32/Alureon.A may also allow an attacker to transmit malicious data to the infected computer. The trojan may modify DNS settings on the host computer to enable the attacker to perform these tasks. Therefore it may be necessary to reconfigure DNS settings after Trojan:Win32/Alureon.A is removed from the computer. Microsoft MalWare Protection Center has more info.

The United States Computer Emergency Response Team (US-CERT) has warned that the software included in the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access. In an advisory, the US-CERT warned that he installer for the Energizer DUO software places the file UsbCharger.dll in the application’s directory and Arucer.dll in the Windows system32 directory. For more: http://blogs.zdnet.com/security/?p=5602&tag=wrapper;col1