'Trojanized' version of Google Android security tool found in China

Suspicious code is lurking in a repackaged Chinese version of a tool Google released last weekend to remotely clean malicious apps off Android phones, Symantec said today.

This "trojanized" package was found on an unregulated third-party Chinese marketplace and not on the official Android Market, Symantec said in a blog post.

After 58 malicious apps were found on the Android Market last week and downloaded onto about 260,000 devices, Google removed the apps from the market and then wiped them from the phones too.

Now, Symantec says someone appears to have taken the "Android Market Security … Read more

Symantec: Malware masquerading as Android apps

Legitimate Android apps are being compromised by phony versions that masquerade as the real thing but deliver a payload of malware, according to a Symantec blog published yesterday.

Found on unregulated third-party Android markets, malicious versions of legitimate apps like Steamy Window are difficult to distinguish except for their tendency to request permissions that are more excessive than usual, says Symantec. But once installed, these apps carry a new piece of Android malware dubbed Android.Pjapps.

Even running the app doesn't raise a red flag to the user as the fakes closely look and act like the legitimate versions. … Read more

New Norton CyberCrime Index rates your risk

A new free tool from the makers of Norton attempts to quantify the real-time state of cybersecurity. It makes its debut today alongside the latest version of Symantec's all-in-one consumer security suite, Norton 360.

The Norton CyberCrime Index lies somewhere between a weather report and the United States' threat level advisory system, and Norton 360 version 5 launches with a direct link to it.

The CyberCrime Index uses a statistical model based on information from Symantec's Global Intelligence Network, ID Analytics, and DataLossDB. At the top level, the CyberCrime Index takes this data and creates a number evaluating … Read more

Symantec brings reputation security to the enterprise

SAN FRANCISCO--Security giant Symantec is trying to give companies a better way to determine how trustworthy files are.

At the RSA Conference here, Symantec CEO Enrique Salem outlined the new reputation-based security feature built into the company's new Endpoint Protection 12, client-side security software that gives files a score based on the scanning of 2.5 billion files the company keeps track of in its cloud-based database.

Dubbed the Insight Reputation System, the feature looks at files that have been downloaded from the Web and gives each one a score based on risk. This is based on what kinds … Read more

Symantec report focuses on threat of targeted attacks

In the world of security, targeted attacks should be a real concern--and extremely worrisome--to organizations around the world, Symantec said in a new quarterly report on attacks on critical infrastructure.

"The customization of targeted attacks can make them more dangerous than non-targeted attacks because they are tailored explicitly to affect a target group," Symantec wrote in its quarterly report (PDF). The company said that targeted attacks are currently being used to take data from companies, steal information for financial gain, or to simply cause "mischief."

Targeted attacks have been gathering some notoriety over the past couple … Read more

Stuxnet expert: Other sites were hit but Natanz was true target

Stuxnet may have hit different organizations, but its main target was still the Natanz nuclear enrichment plant in Iran, an expert who has analyzed the code said today.

Ralph Langner, who has been analyzing the code used in the complicated Stuxnet worm that used a Windows hole to target industrial control systems used in gas pipelines and power plants last year and possibly earlier, said the initial distribution of Stuxnet was limited to a few key installations.

"My bet is that one of the infected sites is Kalaye Electric," he wrote in an e-mail to CNET. "Again, … Read more

Intellectual Ventures files three new patent suits

Intellectual Ventures, founded by former Microsoft Chief Technology Officer Nathan Myhrvold, filed three patent infringement lawsuits today against nine companies in the security, memory, and chip markets.

One lawsuit names as defendants Check Point Software Technologies, McAfee, Symantec, and Trend Micro and accuses them of infringing on four of its patents related to antivirus and Internet security, according to the lawsuit available for download here.

The second suit accuses Elpida Memory and Hynix Semiconductor, makers of DRAM (Dynamic Random Access Memory) and Flash memory, of infringing between five and seven of its patents. And the final suit alleges that three … Read more

Symantec to Congress: Stuxnet is 'wake-up call'

The Stuxnet worm is a "wake-up call" because of its complexity and its aim at critical infrastructure systems, a Symantec director told a U.S. congressional committee today.

The malware is a milestone in many ways, Dean Turner, director of Symantec Security Response's Global Intelligence Network, said in testimony before the U.S. Senate Committee on Homeland Security and Governmental Affairs.

It is the first known threat to: spy on and reprogram industrial control systems and grant hackers control of critical infrastructures; use four zero-day vulnerabilities; compromise two digital certificates; inject code into industrial control systems and … Read more

Symantec: Stuxnet clues point to uranium enrichment target

Symantec researchers have figured out a key mystery to the Stuxnet worm code that strongly suggests it was designed to sabotage a uranium enrichment facility.

The program targets systems that have a frequency converter, which is a type of device that controls the speed of a motor, Eric Chien, technical director of Symantec Security Response, told CNET today. The malware looks for converters from either a company in Finland or Tehran, Iran.

"Stuxnet is watching these devices on the target system that is infected and checking what frequency these things are running at," looking for a range of … Read more

People feel safer on a PC than on a mobile device

If you feel safer online using your PC instead of your mobile phone, you are not alone.

A majority 87 percent of people polled for a new study think their home PCs offer better defense against viruses, malware, and hackers than do their mobile phones. Released today by the National Cyber Security Alliance and Symantec, the study (PDF) also discovered that people may be overconfident in the power of their computers to protect them as less than half are using full security software.

Though only 24 percent of those polled said they feel very safe using their home computers to … Read more