Worms

Researchers in "Crisis" mode over virtual spyware find

By

Security firms are analyzing a rare piece of data-stealing and web traffic-tracking malware that is able to spread onto virtual machines from the host operating system.

Report: Like Stuxnet, the U.S. also built Flame virus

Suspicions that the sophisticated espionage toolkit Flame was created by the same authors as Stuxnet are true, according to a published report.

Flaw in Microsoft tool that enables remote connect is patched

By

A severe vulnerability in the Remote Desktop Protocol, which was patched by Microsoft on Tuesday along with six other bugs, affects all versions of Windows and could result in a worm.

Microsoft releases four security patches, one critical

By

Microsoft on Tuesday patched one "critical" vulnerability, plus three other less-severe flaws. Not patched, as expected, is a bug related to the Duqu trojan.

Duqu trojan spreads through 0-day Microsoft bug

By

A piece of malware that has drawn comparisons to the notorious Stuxnet worm is using an unknown Windows kernel vulnerability to infect its targets.

Morto using DNS for command-and-control

By

A Windows worm known as Morto uses a unique way for infected machines to phone home for instructions.

"Morto" worm spreading via Remote Desktop connections

By

Security firms have just spotted a new worm, but experts don't think it will run rampant because there is no vulnerability involved.

New variants of Qakbot spread "like wildfire"

By

The Qakbot worm attack revealed this week that led to theft of personal information belonging to 210,000 unemployed claimants in Massachusetts was not an isolated case.

Worm steals data from unemployed in Massachusetts

By

An undetectable version of a two-year-old worm has infiltrated the network of a state agency in Massachusetts to steal sensitive information.

"Stars" worm targets systems in Iran, official says

By

On the heels of the Stuxnet worm, Iran officials say they have discovered a new piece of malware also designed to sabotage government systems.

Wind power company disputes alleged SCADA hack

By

A major U.S. energy supplier has found no evidence of breach despite claims by a former employee that he hacked into the company's New Mexico wind turbine facility as revenge for being fired.

New Koobface campaign hits Facebook

By

Researchers at web security firm Websense have discovered a new Koobface campaign that is spreading on Facebook via direct messages sent from compromised accounts. Those behind the latest campaign have attempted to obfuscate the URL in each message to avoid detection by security software or Facebook security controls, researchers said Friday. Recipients of the message are told to follow a link to view a video in which they appear. After clicking the link, users are directed to a malicious site, where they are instructed to download a "missing Flash plug-in" to play the supposed video. The download is actually a variant of the Koobface worm. - AM

Fake Microsoft security update spreading malware

By

A new wave of malicious emails containing a fake Microsoft Windows security update began hitting inboxes in an effort to spread malware, researchers at anti-virus firm Sophos have warned. The messages, which appear to be sent from Microsoft's security team and contain the subject line "Update your Windows," advise users to update their operating system by downloading an attached executable file, Graham Cluley, senior technology consultant at Sophos, wrote in a blog post Tuesday. The attached file, called "KB453396-ENU.zip," is actually an AutoRun worm. Users should be advised that Microsoft never distributes security updates via email attachments, Cluley said. - AM

New Year's-themed bogus emails work of Storm or Waledac

By

Researchers at the nonprofit Shadowserver Foundation believe they have identified a new version of either the Storm or Waledac worm, thanks to a large-scale influx of New Year's-themed spam. The emails purport to be a New Year's greeting card but contain a link to a malicious domain, claiming to host a fake Flash Player that actually is an exploit. The evil domains use fast-flux techniques to hide the host server. "The whole point of this botnet is to install malware onto systems of unsuspected visitors," researcher Steven Adair wrote on the Shadowserver blog. Storm first appeared on the scene in 2007, capitalizing on current events and holidays, and was effectively replaced by Waledac in 2009. - DK

DDoS attacks commonly leaned on to mute rights groups

By

Advocacy groups and independent media face a variety of damaging cyberattacks, and there is little they can do to stop them, a new study from Harvard University concludes.

Ten years of evolving threats: A look back at the impact of notable malicious wares of the past decade

Ten years of evolving threats: A look back at the impact of notable malicious wares of the past decade

As security firm Fortinet celebrates 10 years in business, Fortiguard Labs took a look at the 10 most intriguing threats during the past decade and showed how their feature sets have evolved, Darwin-like, over time.

Koobface exploit for Macs circulating in the wild

By

The notorious Koobface worm is back, this time with a variant that runs on Mac OS X machines.

Stuxnet worm shows critical infrastructure attacks no longer just Hollywood hype

Stuxnet worm shows critical infrastructure attacks no longer just Hollywood hype

Computer security professionals can learn from the Stuxnet outbreak.

Another record number of flaws to be fixed by Microsoft

By

Microsoft's October security update will be a doozie, as 16 patches for 49 vulnerabilities is planned.

The "Here you have" worm brought us a close encounter with ancient history

The "Here you have" worm brought us a close encounter with ancient history

A recent mass-spreading email worm demonstrated how far user education, industry collaboration and technology have come to fight malware, but it also served as a reminder that the criminals remain one step ahead.

Stuxnet should serve as wake-up call, say experts

By

The Stuxnet worm should serve as a wake-up call that cyberwarfare is a reality, experts said.

Twitter recovers after second worm attack in a week

By

Twitter is cleaning up from another fast-spreading worm that forced users to tweet out a graphic message.

Microsoft fixes another Stuxnet-related bug, 10 others

By

Microsoft devoted yet another patch this month to close off the possible spread of the insidious Stuxnet worm, which was built to target industrial control systems, specifically products manufactured by SCADA manufacturer Siemens.

Email worm traced back to cyber-jihad group

By

The person responsible for the "Here you have" email worm, which wreaked havoc last week on businesses across the United States, may be part of a cyber-jihad group wanting to hack into U.S. Army IT systems.

Major U.S. organizations hit by 'Here you have' email worm

By

A number of major U.S. major organizations were affected by a rapidly spreading email worm that hit inboxes worldwide beginning Thursday.

Mass email worm found spreading

By

Never mind the advanced persistent threat. A new mass-mailing worm that may conjure up images of Nimda and Code Red appears to be threatening email infrastructures.

A quarter of worms designed to spread via USB

By

A quarter of new worms this year specifically have been designed to spread through USB storage devices, researchers at Panda Security said Thursday. This malware typically is designed to copy itself to any device capable of storing information, including flash sticks, cell phones, external hard drives, DVDs, and MP3 players. The malware is highly effective and typically runs automatically when a USB device is connected to a computer, silently infecting the system. — AM

Stuxnet malware threat continues, targets control systems

By

Microsoft has issued a new "Fix It" temporary remedy for a Windows vulnerability that is permitting targeted malware to spread via removable media.

LoveBug: A decade of virus detection

LoveBug: A decade of virus detection

A top Symantec engineer recounts one of the most exciting days of his career: Ten years ago this week, the ILOVEYOU, or LoveBug, worm spread across the world and crippled PCs.

New Koobface worm campaign hits Facebook

By

Researchers at ESET are tracking yet another outbreak of the insidious Koobface worm. The malware is spreading through Facebook messages that claim to offer hidden cameras showing erotic video. Users are asked to click on a link, which leads to a request to download a fake Adobe Flash update. If infected, machines are hit with a potent trojan cocktail that can block access to security websites, change DNS settings, install rogue anti-virus software and steal passwords. One unique feature of the ruse is that users can only click on the malicious link once — the next time they reach an error page. "It's assuming you're a security researcher trying to do research on it," Randy Abrams, director of technical education at ESET, told SCMagazineUS.com on Wednesday. — DK

Sign up to our newsletters

RECENT COMMENTS

FOLLOW US