Security firm Kaspersky Lab has begun to independently examine Apple’s Mac OS X platform and found that it’s highly vulnerable to malware. ”As Mac OS X market share continues to increase, we expect cyber-criminals to continue to develop new types of malware and attack methods, ” the company’s CTO Nikolai Grebennikov said. “In order to meet these new threats, Kaspersky Lab has been conducting an in-depth analysis of Mac OS X vulnerabilities and new forms of malware.” Kaspersky Lab co-founder and chief executive Eugene Kaspersky previously said that Apple is a decade behind Microsoft in terms of computer security, a view Grebennikov shares.

“Our first investigations show Apple doesn’t pay enough attention to security. For example, Oracle closed a vulnerability in Java, which was a target for a major botnet several months ago,” Grebennikov said. “Apple blocked Oracle from updating Java on Mac OS, and they perform all the updates themselves. They only released the patch a few weeks ago – two or three months after the Oracle patch. That’s far too long.” Grebennikov said the existence of the botnet shows that “Apple’s security model isn’t perfect.”

While the executive claimed that he has yet to identify any iOS-specific malware, he expects to see iPads and iPhones being infected by malware in 2013. “Our experience tells us that in the near future, perhaps in a year or so, we will see the first malware targeting iOS,” he said.

Grebennikov maintains that the security analysis Kaspersky Lab has been conducting is independent of Apple, however the Cupertino-based company “is open to collaborating with us regarding new Mac OS X vulnerabilities and malware that we identify during our analysis.”

Read [Computing] Read [Engadget]

Microsoft researchers recently discovered a piece of Mac OS X malware that exploits a three-year-old flaw in old versions of Office for Mac. The threat uses a multi-stage attack, just like a Windows virus would. While Microsoft did fix the problem in 2009, the software giant notes that not every machine is up-to-date. The company’s data indicates, however, that the malware is not widespread. “No operating system that exists outside a laboratory is entirely immune to malware,” Microsoft stated on its blog. “As different operating systems continue to gain in popularity they attract more attention from would-be attackers – especially since, as we see in the example analysis above, the techniques and understanding needed to do so may be much the same as those used against other platforms. And even though an operating system may include many risk-reducing mitigation technologies, any machine’s defenses against vulnerabilities are directly related to how current its security updates for applications are kept.” Microsoft concludes by warning users of Office 2004 for Mac, Office 2008 for Mac or Open XML File Format Converter for Mac to update their software in order to protect themselves from possible threats.

Read

Hacked websites are frequently used to infect PCs with malware, however the team at Lookout Mobile Security has discovered that hacked websites are specifically targeting Android-powered mobile devices for the first time. The malware, called NotCompatible, is a Trojan that poses as a system update but acts like a proxy redirect. After visiting an infected website, the Android mobile web browser will automatically begin downloading the NotCompatible malware, which is named “Update.apk.” Like any drive-by downloads, to become infected a user needs to install the downloaded application. The malware is found on a number of websites, but all have relatively low traffic. Lookout notes that the threat does not appear to cause any direct harm to an infected device, although it could potentially be used to gain illicit access to private networks by turning an infected Android device into a proxy. If an Android device has the “Unknown sources” settings disabled — thus disabling sideloading — the NotCompatible malware will be unable to install.

[Via Gizmodo]

Read

People who browse religious websites are more likely to have their computers infected with a virus than those who visit pornographic websites, according to Symantec’s annual “Internet Security Threat Report.” The firm found that websites with religious or ideological themes had triple the average number of threats than those featuring adult content. “It is interesting to note that websites hosting adult/pornographic content are not in the top five, but ranked tenth,” Symantec said. “We hypothesize that this is because pornographic website owners already make money from the Internet and, as a result, have a vested interest in keeping their sites malware-free; it’s not good for repeat business.” The report was based on information gathered from more than 200 countries through the Symantec Global Intelligence Network. Symantec blocked a total of 5.5 billion attacks last year, an 81% increase from 2010.

[Via Raw Story]

Read

The “Flashback” virus that originated on a series of WordPress blogs and went on to infected more than 600,000 Mac computers last month may have generated its creators thousands of dollars each day. According to antivirus software firm Symantec, the Flashback malware has been generating revenue for its authors by hijacking users’ ad clicks, and due to the widespread nature of the infection, the authors could have been generating up to $10,000 per day. “Flashback specifically targets search queries made on Google and, depending on the search query, may redirect users to another page of the attacker’s choosing, where they receive revenue from the click,” the firm explained, adding that Google never receives the intended ad click. Symantec notes that ad-clicking Trojans are nothing new and a botnet of 25,000 infections could generate an author up to $450 per day.

Read

Apple may be the most valuable company in the world, but when it comes to security, the Cupertino-based company doesn’t hold a candle to Microsoft. Kaspersky Lab co-founder and chief executive Eugene Kaspersky on Wednesday told CBR that Apple is a decade behind Microsoft in terms of computer security. ”I think they are ten years behind Microsoft in terms of security,” Kaspersky said. “For many years I’ve been saying that from a security point of view there is no big difference between Mac and Windows. It’s always been possible to develop Mac malware, but [Flashback] was a bit different. For example it was asking questions about being installed on the system and, using vulnerabilities, it was able to get to the user mode without any alarms.” More than 600,000 Macs were infected by the Flashback trojan virus before it was discovered earlier this month and the exploit it used to infect OS X PCs was patched. “Apple will understand very soon that they have the same problems Microsoft had ten or 12 years ago,” Kaspersky said. ”They will have to make changes in terms of the cycle of updates and so on and will be forced to invest more into their security audits for the software.”

Read

Security firm Intego on Monday announced that it had discovered a new variant of the Flashback malware called Flashback.S that continues to use a Java vulnerability Apple has already patched. This variant requires no password to install, and it places its files into the user’s home folder in “~/Library/LaunchAgents/com. java.update.plist” and “~/.jupdate.” Once Fashback.S is installed, it will then delete all files and folders in “~/Library/Caches/Java/cache” in order to delete the applet from the infected Mac, and avoid detection. The virus is actively being distributed, although it will not install if it finds Intego VirusBarrier X6, Xcode or Little Snitch installed on the Mac it tries to attack.

Read

Security firm Sophos on Tuesday indicated that a surprisingly high level of malware has been found on Mac computers — the firm’s research revealed that one in every five Mac computers is harboring some kind of Windows malware. Of the 100,000 customers sampled through Sophos’s antivirus offerings, 20% of users were found to be carrying one or more instances of Windows malware. The firm highlighted that Windows malware on a Mac won’t cause any harm, however, unless the computer also runs a Windows partition in addition to OS X. The company’s research found that just 2.7% of Macs that installed the company’s free anti-virus software were infected by OS X malware. Nearly all of the OS X malware discovered was an iteration of the “Flashback” trojan called “Flshplyr.” Sophos said that cybercriminals may find Macs to be targets because OS X users are less likely to be running an anti-virus software, however Macs can get viruses and the right software can keep a user’s computer safe. A second pie chart follows below.

Read

Security firm Trusteer warned this week of a trojan that is capable of stealing an individual’s credit card information from hotels. The firm’s intelligence team discovered the remote access trojan being sold on underground forums for $280. The malware is designed to capture screenshots from point-of-sale applications that access credit card numbers and expiration dates. These systems are located on front-desk computers at hotels, and they are often unmanaged and do not contain anti-virus protections software that would stop a trojan of this type. The malware’s creators also include instructions on how to use VoIP-based social engineering to trick front-desk clerks into installing the trojan.

[Via SC Magazine]

Read

Apple on Friday issued a second software update to address a security flaw on its OS X operating system that has allowed a massive botnet to form. The update, “Java for OS X 2012-002,” is only available for desktop and laptop PCs running OS X Lion 10.7; Apple issued a similar update last week for both Lion and Snow Leopard, and the exploit was seemingly addressed properly the first time on the Snow Leopard OS. Russian anti-virus experts revealed earlier this week that the “Flashback” trojan virus had utilized a Java vulnerability to infect more than 600,000 Mac computers worldwide. The trojan is capable of intercepting sensitive data such as passwords and other personal information, and transmitting the data back to a host. A separate firm later published instructions detailing how to detect and remove the virus, and Apple’s new update should be the last step in protecting its systems from further attacks. Apple had not yet published details surrounding the new update on its website at the time of this writing.

The idea that Macs don’t get viruses is now officially a thing of the past. Of course Mac malware has been around for years, but now a massive botnet has been discovered that takes this relatively small issue and makes it a widespread problem. While hackers indeed target Windows PCs far more frequently, a trojan horse virus discovered earlier this year has reportedly now been found to affect more that half a million Mac computers worldwide. Russian anti-virus vendor Dr. Web has discovered that malware called “BackDoor.Flashback.39″ is currently present on at least 600,000 Macs. The trojan has the capability to use a java vulnerability to intercept passwords and other private data, and then transmit the information back to the person or group that deployed it. Apple has since patched the vulnerability, but security experts at F-Secure have published a simple guide to help Mac users determine whether or not they are infected, and then remove any malicious files from their computers that are tied to the Flashback trojan. A link to F-Secure’s guide can be found below.

[Via Ars Technica]

Read [Dr. Web] Read [Removal guide]

Hacker group “Anonymous Operations” has confirmed that the custom Linux-based operating system released under its name earlier this week is not a platform it developed. “The Anon OS is fake,” the group posted on Twitter Wednesday evening. “It is wrapped in trojans.” The desktop operating system was released earlier this week by individuals claiming ties with Anonymous. It is based on popular Linux distribution Ubuntu, and it ships with a number of hacking tools pre-installed. According to Anonymous, it also ships with a variety of malware. The team behind Anonymous-OS responded to the group’s claims, denying that its platform contains any malicious software. “The #anonops on their twitter account say ‘That Anonymous-OS is wrapped in trojans,’ ” the group wrote on its Tumblr blog. “Please people… in our world, in Linux and opensource world, there is not virus. If any user believe that Anonymous-OS ‘is wrapped in trojans’ or ‘backdoored OS by any Law enforcement Company or Hacker’ please don’t download it! But don’t mislead the world that Linux is dangerous and has trojans!” Anonymous-OS has been downloaded more than 25,000 times.

Google announced on Thursday that the company has begun to take a more active approach to keeping malware out of the Android Market. The search giant is using a new service called “Bouncer” to search through the Market for potential malware. Bouncer will scan new applications, ones already in the Market, and developer accounts for known malware, spyware, trojans and misbehaving apps. The service has been running for some time and between the first and second halves of 2011, the company reports a 40% decrease in the number of potentially-malicious downloads from the Android Market. The drop comes as security companies have been reporting that instances of malicious applications are on the rise. Google also said Android is designed to prevent malware from doing any critical damage. “In addition to using new services to help prevent malware, we designed Android from the beginning to make mobile malware less disruptive,” the company wrote on its blog. “In the PC model, malware has more potential to misuse your information. We learned from this approach, designing Android for Internet-connected devices.”

Read

Twitter finally appears to be preparing a new wave of attacks on the malicious spammers that have overrun the popular social network during the past year. Web security firm Dasient on Monday announced that it has been acquired by Twitter. ”Since its inception, Dasient has been focused on solving web-scale security problems involving malware and other types of online abuse,” the firm noted in a blog post. “In 2009, Dasient launched its web anti-malware platform, capable of scanning URLs and websites for the presence of harmful content. In 2010, Dasient launched the industry’s first anti-malvertising service to protect ad networks and publishers from the scourge of malicious ads. Over the last year, we have been very active in securing the ads and content of the some of the industry’s largest ad networks and web sites.” The firm is seen as playing a large role in securing new self-service advertising efforts Twitter is preparing to roll out in the near future. A secondary benefit to end users, however, is that the link-spam currently plaguing members of the social network may be quelled as part of Twitter’s efforts with Dasient technology.

Read

Apple sold 925 iPhone 4S handsets each minute during the device’s debut weekend, and it sells 81 iPads every 60 seconds on average. Research In Motion sells 103 BlackBerry phones, Amazon sells 18 Kindle Fire tablets and Microsoft sells 11 Xbox 360 consoles every minute. More than 700 computers are purchased around the world every 60 seconds, and 232 of them are infected by malware. That malware stat seems surprisingly low, however, when you consider that 2 million people watch online porn every minute. Read on for more.

Website design firm GO-Globe recently spread a variety of technology-related stats out across an infographic and the result helps us put a lot of things in perspective. Beyond the scary amount of Internet porn watched around the world, we can see just how entrenched various consumer electronics and digital goods and services have become in modern life.

Eleven million conversations take place using various instant messaging platforms every 60 seconds, 2,100 people check in using foursquare and 1,100 acres of virtual land are farmed in FarmVille. Thirty-eight tons of e-waste is generated around the world every minute, though we’re not sure if that stat includes all of the virtual land in FarmVille.

Every minute, $219,000 worth of payments are made using PayPal, $10,000 of which is sent from mobile devices. EBay is used to purchase over 950 items each minute and more than 180 of those purchases are made using mobile phones or tablets.

Surprisingly, perhaps, physical media maintains a huge presence in our lives despite the advent of the digital age. Four hundred and fifty Windows 7 discs are sold, 1,400 Redbox DVDs are rented and a staggering 2.6 million CDs containing 1,820 terabytes of data are created each minute. Four thousand USB devices are sold every 60 seconds as well, along with 2,500 ink cartridges.

It’s amazing how much happened every 60 seconds in 2011 and as the year draws to a close, we can’t wait to see what each minute will hold in 2012.