DNS Changer

The U.S. government has requested a three-month extension for the operation of temporary DNS servers to give computer users more time to identify and purge the DNSChanger trojan from their systems.

Many major businesses and government agencies still have systems infected with the DNSChanger malware, which reroutes the victim machine to websites and online advertisements of the attackers' choosing. That may mean they could lose web connectivity.

A gang of Estonians is accused of infecting millions of computers, many in the United States, with DNS-changing trojans capable of manipulating the online advertising industry through clickjacking.

Researchers at ESET are tracking yet another outbreak of the insidious Koobface worm. The malware is spreading through Facebook messages that claim to offer hidden cameras showing erotic video. Users are asked to click on a link, which leads to a request to download a fake Adobe Flash update. If infected, machines are hit with a potent trojan cocktail that can block access to security websites, change DNS settings, install rogue anti-virus software and steal passwords. One unique feature of the ruse is that users can only click on the malicious link once — the next time they reach an error page. "It's assuming you're a security researcher trying to do research on it," Randy Abrams, director of technical education at ESET, told SCMagazineUS.com on Wednesday. — DK

Windows 7 builds on the security of the Vista operating system, including a refashioned way to control administrator access.

The Koobface worm continues to abuse social-networking sites and draw people into other malicious sites through search engine optimization tactics.

Despite conventional wisdom, Mac malware remains alive and well.

A DNS-changing trojan targeting Macintosh computers is making the rounds, disguised as a "MacCinema Installer," Dave Marcus, director of security research and communications for McAfee Avert Labs, told SCMagazineUS.com Wednesday. The latest variant, called OSX/Puper.a, was identified in late March, but researchers detected a new sample this week. Users are being prompted to download the malware when trying to view certain online videos, Marcus said. If infected, a victim's web traffic could be diverted to website of the attacker's choosing. — AM