New OS X trojan monitors Web activity to steal BitCoins

Security research site SecureMac has discovered a new trojan horse that is targeted for OS X systems, and which spies on internet traffic use to steal Bitcoins.

The trojan, called OS X/CoinThief.A, is disguised as a standard OS X application called StealthBit, which was recently uploaded to GitHub. While advertised as a legitimate project for receiving Bitcoin payments on Bitcoin Stealth Addresses (a key encryption routine for securing a bitcoin transfer), the StealthBit instead was a guise to install malicious tracker software on unsuspecting Mac users.

The project page on GitHub included source code along with precompiled binaries … Read more

Avast launches version 2014

Avast 2014 represents a significant design overhaul, embracing the flat movement without blatantly imitating Windows 8's signature look. The new version comes with a modern look and feel without compromising the organization of the many security management tools that Avast has been known for. The result is a user experience that caters to both the set-it-and-forget user as well as the more involved and interactive power player.

List of improvements include a more intuitive software version checker, a built-in app store for easier upgrades and access to Avast's other products, and an impressive real-time stat tracker that displays … Read more

New OS X Trojan found and blocked by Apple's XProtect

Security company Intego recently found a new malware package for OS X, called OSX/Leverage.A, which appears to be yet another targeted command-and-control Trojan horse, this time with apparent associations with the Syrian Electronic Army; however, Apple has blocked its ability to run with an XProtect update only days after its discovery.

The Trojan horse is distributed as an application disguised as a picture of two people kissing, presumably a scene from the television show "Leverage," hence the name of the Trojan.

When the Trojan's installer is opened, it will open an embedded version of the … Read more

New Tibet malware variant found for OS X

A new variant of the Tibet malware for OS X has been found. This variant uses a recently patched Java exploit to install a backdoor service in targeted systems and allow a remote hacker to log in and steal files.

While OS X has been affected relatively minimally by malware, the platform has been periodically plagued by a few attempts that, when active, have undergone several variant revisions in attempts to bypass security updates and known detection methods.

One of these has been an ongoing targeting of Uyghur ethnic groups via spam and other means, where various tricks and security … Read more

Comfoo cyberspy campaign still active

A cyberespionage campaign that targeted the RSA in 2010 is still active and targeting networks worldwide.

Dell SecureWorks researchers Joe Stewart and Don Jackson have released a new threat intelligence report documenting the Comfoo remote access Trojan (RAT) -- malware used to infiltrate corporate and governmental networks across the globe.

The so-called Advanced Persistent Threat (APT) attack is simply one of many that organizations are scrambling to defend against as cyberthreats become more sophisticated, and in some cases, state-sponsored.

Corporations and governments rely heavily upon digital networks to store valuable data. Bank accounts, national security data, trade secrets and confidential … Read more

Review: Magican AntiTrojan for Mac scans for the four main Trojans

With just a click, Magican AntiTrojan for Mac performs fast Mac OS X system scans for known malware such as the notorious Flashback Trojan, as well as for MacKontrol, Sabpab, and Olyx. This free and rather basic software seems to perform its job of finding and removing all traces of the infection caused by these four known Trojans well.

After asking for the root password for scanning, Magican AntiTrojan for Mac starts with an easy to understand main menu. The graphics are rendered well for the labels, including those for the program name and title. An oval-shaped blue button initiates … Read more

Mobile malware grows by 614 percent in last year

Mobile malware creators and smartphone makers seem to be in a neck-and-neck software race, but new data shows that the malware creators could be taking the lead.

Juniper Networks released its third annual Mobile Threat Report on Tuesday and the findings aren't pretty. Mobile malware grew at a rate of 614 percent from March 2012 to March 2013 -- that's equal to 276,259 malicious apps floating around out there. Last year, the increase was a mere 155 percent.

The report is based on an analysis of more than 1.85 million mobile apps and vulnerabilities across major … Read more

Microsoft warns of new Trojan hijacking Facebook accounts

Microsoft has issued a warning that a new piece of malware masquerading as a Google Chrome extension and Firefox add-on is making the rounds, threatening to hijack Facebook accounts

First detected in Brazil, Trojan:JS/Febipos.A attempts to keep itself updated, just like normal, legitimate browser extensions, Microsoft noted in a security bulletin late Friday.

Once downloaded, the Trojan monitors whether the infected computer is logged into a Facebook account and attempts to download a config file that will includes a list of commands for the browser extension. The malware can then perform a variety of Facebook actions, including … Read more

Traces of malware activity detected in App Store game

MacWorld is reporting that a program on the iOS App Store may be detected as containing malware, but in analysis the program is not considered to be malicious.

After its readers wrote in about the potential of malware in a game called Simply Find It that is available on the iTunes App Store, MacWorld confirmed traces of nonfunctional Trojan horse malware embedded in an MP3 file used by the program, which shows an HTML iframe reference to a potentially malicious (but currently unresponsive) Web page.

This is not the first time that malwarelike activity has been found in programs in … Read more

New malware variant targets Uyghur Mac users

One of the ongoing malware sagas is a political fight that is targeting Uyghur activist groups in China, where spam e-mail laced with backdoor Trojan horse malware has been continuously delivered to members of these groups in an Advanced Persistent Threat attack.

This week, security company F-secure uncovered yet another variant of this attack being used.

Like prior ones, the new variant takes advantage of old vulnerabilities in Microsoft Word, by sending attachments that will embed the malware in the affected system if the document is opened in an unpatched version of Word.

The malware used has changed a little … Read more