Skip

48 posts tagged with malware.
Displaying 1 through 48 of 48. Subscribe:

Adobe Digital Editions 4 spying on users

Adobe's Digital Editions 4 Epub app is spying on users by collecting data on all of the epub books on a users system and transmitting that data in plain text. Adobe's index of epub data includes title, publisher, and other metadata about the book. Digital Editions 4 also collects and transmits if the ebook has been opened, which pages were read, and in what order. [more inside]
posted by zenon on Oct 7, 2014 - 81 comments

Why the Security of USB Is Fundamentally Broken

Computer users pass around USB sticks like silicon business cards. Although we know they often carry malware infections, we depend on antivirus scans and the occasional reformatting to keep our thumbdrives from becoming the carrier for the next digital epidemic. But the security problems with USB devices run deeper than you think: Their risk isn't just in what they carry, it's built into the core of how they work.
posted by paleyellowwithorange on Aug 11, 2014 - 70 comments

An illustrated guide to the worst computer viruses in history

Computer Virus Catalog (NSFW) shows artists' renditions of famous computer viruses.
posted by codacorolla on Jul 22, 2014 - 8 comments

Digital Black-Bag Ops:

Der Spiegel reports on the NSA's "plumbers" at the Office of Tailored Access Operations, who collect and deploy exploits to infiltrate computers and even redirect shipments so they can install malware and hardware backdoors on electronics ordered by those they are targeting. Jacob Appelbaum [AKA ioerror] reports on the NSA's 'catalog', which ranges from $30 monitor cables that send back screenshots, to exploits for network security hardware from Cisco and Huawei, to backdoored BIOS code and firmware for all major hard drive manucfacturers. While some of the NSA's malware requires physical access or proximity, much of it is remotely installable over the Internet.

At the 30c3 conference in Hamburg, Appelbaum gives an in-depth talk about the NSA's Tailored Access Operations hacking activities and its 'interdiction' process, whereby computers are tampered with during shipping or as part of a 'black-bag' operation. Appelbaum, a Wikileaks affiliate who has reported on documents leaked by Edward Snowden, has been personally targeted by such operations, as have his family members.
posted by anemone of the state on Dec 30, 2013 - 201 comments

Operation Olympic Games

The Langner Group, based in Germany, has published the most detailed report yet on the Stuxnet malware that was used to sabotage Iran's uranium enrichment efforts. [more inside]
posted by jquinby on Nov 20, 2013 - 23 comments

EnCrypt Lock and Buy It

A recent strain of malware called Cryptolocker (technical description from BleepingComputer) has been infecting computers across the Internet. It's of the Ransomware (wiki) genre of attack, and searches a computer's drive for critical files by browsing their extensions (for example, focusing on word processing documents, images and music) and encrypts them with its own key that you can then buy back from the hacker for a fee of $100 to $300 dollars payable in Bitcoins. More information about the virus and how to avoid it is available at Krebs On Security, and the Malwarebytes Blog, with more recent developments on Naked Security.
posted by codacorolla on Nov 7, 2013 - 177 comments

The First Botnet, 25 Years Ago Today

How a grad student trying to build the first botnet brought the Internet to its knees. via
posted by nevercalm on Nov 3, 2013 - 7 comments

Meet badBIOS, the multi-platform malware that jumps airgaps.

"It looks like the state of the art in intrusion stuff is a lot more advanced than we assumed it was."
posted by fings on Oct 31, 2013 - 132 comments

Ransomware & Rogues Galore

Youtube user rogueamp dedicates his channel to discussing fraudulent antivirus software, AKA "rogues" and "ransomware". (MLYT)
posted by Evernix on Oct 26, 2013 - 7 comments

ILOVEYOU & other trips down viral memory lane

Relive techno fears of yore ... malware aficionado Daniel White collects vintage computer viruses, infects his machines and records the results. See more examples at his YouTube channel.
posted by madamjujujive on Jun 30, 2013 - 22 comments

the ultimate in spyware

Meet the men who spy on women through their webcams - "If you are unlucky enough to have your computer infected with a RAT, prepare to be sold or traded to the kind of person who enters forums to ask, "Can I get some slaves for my rat please? I got 2 bucks lol I will give it to you :b" At that point, the indignities you will suffer—and the horrific website images you may see—will be limited only by the imagination of that most terrifying person: a 14-year-old boy with an unsupervised Internet connection."
posted by madamjujujive on Mar 10, 2013 - 172 comments

Welcome to the Malware-Industrial Complex

“On the one hand the government is freaking out about cyber-security, and on the other the U.S. is participating in a global market in vulnerabilities and pushing up the prices,” says Soghoian, who says he has spoken with people involved in the trade and that prices range from the thousands to the hundreds of thousands. Even civilian law-enforcement agencies pay for zero-days, Soghoian says, in order to sneak spy software onto suspects’ computers or mobile phones.
posted by Chrysostom on Feb 14, 2013 - 15 comments

But not browsing MetaFilter

(BBC) A security check on a US company has reportedly revealed one of its staff was outsourcing his work to China. [more inside]
posted by Wordshore on Jan 16, 2013 - 86 comments

The Hunt For "Red October"

An advanced and well-orchestrated computer spy operation that targeted diplomats, governments and research institutions for at least five years has been uncovered by security researchers in Russia.
The highly targeted campaign, which focuses primarily on victims in Eastern Europe and Central Asia based on existing data, is still live, harvesting documents and data from computers, smartphones and removable storage devices, such as USB sticks, according to Kaspersky Lab, the Moscow-based antivirus firm that uncovered the campaign. Kaspersky has dubbed the operation “Red October.”
[more inside]
posted by the man of twists and turns on Jan 15, 2013 - 26 comments

Thanks for two hours of your time

"I am calling you from Windows": A tech support scammer dials Ars Technica [more inside]
posted by the man of twists and turns on Oct 26, 2012 - 98 comments

DNSChanger servers get shut down

On Monday hundreds of thousands of computers will lose their ability to connect to the Internet. [more inside]
posted by Chocolate Pickle on Jul 7, 2012 - 72 comments

An unauthorized certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks. This issue affects all supported releases of Microsoft Windows.

"Flame" is the name of a newly-identified malware program which utilizes a previously unknown MD5 collision attack to successfully spoof Microsoft Terminal Services, and install itself as a trusted program using Windows Update, Microsoft has confirmed. The program appears to have targeted computers in the Middle East, and specifically Iran; analysts have alleged it is likely created by the same entity that designed Stuxnet. Flame has been live and actively spying since 2010, but went undetected until recently, due to sophisticated anti-detection measures. [more inside]
posted by mek on Jun 8, 2012 - 53 comments

For those family computer rescue sessions

Here are some free tools for rescuing infected Windows systems: Windows Defender Offline Beta - Kaspersky Rescue Disk 10 - BitDefender Bootable CD - Avira Bootable CD - How To Geek provides instructions for scanning a system from an Ubuntu Live CD.  For more info, click through.... [more inside]
posted by JHarris on Dec 21, 2011 - 43 comments

Facebook as Malware

Facebook has been criticized repeatedly for how it treats its users' privacy (this topic is not a stranger to MeFi), but with the introduction of OpenGraph (previously) earlier this year, some are arguing that Facebook has gone beyond general privacy concerns and has become Malware.

Now, we've shown that Facebook promotes captive content on its network ahead of content on the web, prohibits users from bringing open content into their network, warns users not to visit web content, and places obstacles in front of visits to web sites even if they've embraced Facebook's technologies and registered in Facebook's centralized database of sites on the web. [more inside]
posted by Kimberly on Nov 22, 2011 - 79 comments

Stuxnet II: Electric Duqu

A year after the infrastructure-attacking Stuxnet worm was discovered in Iran, a new piece of malware using some of the same techniques (but apparently with different goals) has been found infecting systems in Europe. The new malware, dubbed “Duqu” [dü-kyü], appears to have been written by someone with direct access to the Stuxnet source code.
posted by gemmy on Oct 18, 2011 - 49 comments

The Cybercrime of Sextortion

Sextortion /sekˈstɔː(r)ʃ(ə)n/ noun The extortion and/or blackmail of an individual, wherein the item or service requested/demanded is the performance of a sexual act.

He seeded P2P networks with popular-sounding song titles that were actually malware; when someone downloaded and executed the file, their machine was infected and would open itself to his control. He took over 129 different computers for a total of 230 victims. Forty-four of the victims were juveniles. How an omniscient Internet "sextortionist" ruined the lives of teen girls. [Sextortionism, previously discussed on Mefi (working link to Sextortion at Eisenhower High article and an update).]
posted by Jasper Friendly Bear on Sep 8, 2011 - 35 comments

ANY KEY TO PLAY

Your Data depends on a game of JACKPOT and other classic vir(ii/uses). Brought to you by danooct1 and a Compaq Portable.
posted by griphus on Aug 22, 2011 - 5 comments

Stux to be you

In-depth pieces in Vanity Fair and Wired detail the structure and impact of the Stuxnet worm, and what it means for the future of cybersecurity. (Previously)
posted by Horace Rumpole on Jul 11, 2011 - 43 comments

Command and control

How Operation b107 decapitated the Rustock botnet (Previously)
posted by Artw on Mar 22, 2011 - 49 comments

Car back door

Researchers at UCSD have modified an MP3 file so that when it is played on a car's stereo system it modifies the stereo's firmware and opens up a security back door into the car's operating system. Using it, they were then able to control the door locks, the car ignition, and change the speedometer reading. [more inside]
posted by Chocolate Pickle on Mar 13, 2011 - 148 comments

2010: The Year in Data Breaches

Wikileaks may have been the big news, but there were numerous other data breaches in 2010. [more inside]
posted by These Premises Are Alarmed on Dec 28, 2010 - 26 comments

Weapons of the 21st Century?

In June 2010, a bit of malware of unprecedented ability was discovered by a Belarussian security firm. Stuxnet had remained undetected for over a year. Security researchers have gradually learned more about this worm, which has led to much speculation about its origins and purposes. Though questions remain, it is clear that it is extremely advanced, and that it was designed to find a very specific hardware/software system and disrupt the operation of centrifuges, causing some to assert that it was built to sabotage Iran's nuclear facilities. Recently, Iran confirmed that its nuclear facilities had been seriously affected by Stuxnet. Some experts say that a worm of this level of sophistication could only have been designed by a nation-state. Previously.
posted by entropone on Nov 30, 2010 - 83 comments

Parking Malware

The page served by Network Solutions for parked domains was serving malware until two weeks ago. Apparently it had been like that for months without anyone taking notice.
posted by Chocolate Pickle on Aug 28, 2010 - 20 comments

I'm not trying to scare you!

Scareware comprises several classes of scam software with malicious payloads, or of limited or no benefit, that are marketed to consumers by scaring them. One frequently seen version is rogue security software that deceives users into paying for the fake or simulated removal of malware. The N. Y. Times site inadvertently displayed a scareware message last September. [more inside]
posted by Obscure Reference on Apr 18, 2010 - 62 comments

The dry, technical language of Microsoft's October update did not indicate anything particularly untoward.

Its reach is impossible to measure precisely, but more than 3 million vulnerable machines may ultimately have been infected. : The inside story on the Conficker Worm at New Scientist.
posted by The Whelk on Jun 15, 2009 - 84 comments

GhostNet

Tracking GhostNet: Investigating a Cyber Espionage Network. "A vast electronic spying operation has infiltrated computers and has stolen documents from hundreds of government and private offices around the world, including those of the Dalai Lama, Canadian researchers have concluded. In a report to be issued this weekend, the researchers said that the system was being controlled from computers based almost exclusively in China, but that they could not say conclusively that the Chinese government was involved." [more inside]
posted by homunculus on Mar 28, 2009 - 31 comments

The "boss level" of internet worms.

Conficker C is scary as hell. Conficker C represents a best-of-breed specimen of malware, with its swiss-army-knife-from-hell approach to digging in, staying hidden, and making your life generally miserable. Telltale symptoms: you can't view such web sites as Microsoft.com, symantec.com, avast.com, or any other computer security-related sites the worm authors have thought to include in the blacklist; you can't run any of the superb Sysinternals utilities, or many other utilities, because they get killed within a second of starting them up; your antiviral software is impotent. But none of that is the point of the worm. [more inside]
posted by e.e. coli on Mar 21, 2009 - 232 comments

Heartland Systems data breach

"Payments processor Heartland Payment Systems has learned it was the victim of a security breach within its processing system in 2008. Heartland believes the intrusion is contained." [more inside]
posted by Class Goat on Jan 20, 2009 - 33 comments

DOWNLOADING IS WRONG

A new trojan is on the loose. It doesn't install any harmful adware/spyware, but does block both mininova and the Pirate Bay.
posted by azarbayejani on Jan 6, 2009 - 26 comments

Super-targeted spear phishing attacks

The recent cyber attacks on pro-Tibet groups in the U.S. (attack details, technical data) and on the Save Darfur Coalition, among others, have managed to catch the attention of some in the mainstream media. Such super-targeted spear phishing attacks have been on the rise for several years, and have become an important tool for corporate espionage and military infiltration attempts. Teaching users to recognize such attack emails is probably the most effective deterrence, as technology solutions have shown to not be particularly effective. Some companies and government agencies even conduct sting operations to ferret out which internal users fail the test, targeting them for additional training. [more inside]
posted by gemmy on Mar 27, 2008 - 21 comments

Alex Dragulescu code art

Gee. I think I'll uninstall my firewall and ditch the anti-virus. Malwares is pretty. via bbc.
posted by Kronos_to_Earth on Mar 5, 2008 - 15 comments

Sears Wants To Hack Your Computer

Online communities to become more 'all-encompassing.' If you join the SHC community on Sears.com, all web traffic to and from your computer thereafter will be copied and sent to a third party marketing research firm - including, for example, your secure sessions with your bank! The Sears.com proxy will send your logins and passwords along with a cleartext copy of all the supposedly secure data. But wait, it gets better: you can only view the true TOS once the proxy has already been installed. [more inside]
posted by ikkyu2 on Jan 3, 2008 - 70 comments

The Economics of Malware

50 million computers are after your passwords, your money, and your processor time (single PDF link). No wonder William Gibson's new novel is set in the present: the world is fully caught up with any future we could make up. The business of spamming, carding and phishing supports and runs off a peculiar distributed platform: a market-allocated collection of ad-hoc peer-to-peer content delivery networks running on hijacked browsing appliances' stolen processor cycles. [via BoingBoing comment, previously on Metafilter].
posted by kandinski on Sep 9, 2007 - 41 comments

New Trial for Julie Amero

New Trial in pop-up porn case for Julie Amero (Previously and also)
posted by puddleglum on Jun 7, 2007 - 29 comments

Is jail a fair punishment for malware?

Should a Connecticut substitute teacher go to jail for 40 years because a classroom computer was infected with malware that allowed students to see porn?
posted by Sixtieslibber on Jan 24, 2007 - 65 comments

When malware runs wild!

"In some cases, there really is no way to recover without nuking the systems from orbit." -- Mike Danseglio, program manager in the Security Solutions group at Microsoft
posted by Steven C. Den Beste on Apr 4, 2006 - 43 comments

180 Solutions from the Inside Out

Thought-provoking interview with former employee of hated spyware-maker 180 Solutions.
via /.
posted by Afroblanco on Apr 2, 2006 - 21 comments

Get the word out about Sony

Sony BMG won't be held accountable for its dangerous DRM if music fans don't have an easy way to learn about the flawed software, the settlement, and how to submit claims. By posting a banner on your website or blog, you can help music fans protect themselves and get what they deserve. [via A Copyfighter's Musings]
posted by signal on Mar 14, 2006 - 16 comments

The Rise of Crimeware

Scientific American looks at the Rise of Crimeware Crimeware, or malware with criminal intentions is increasing exponentially. "My company scans 13 million emails a day, and of that email we stop between 3 million and 10 million messages a day because they contain some kind of malware [malicious software]. Of the malware we're seeing, 99.9% is crimeware--something where the bad guys are trying to steal money from the end user. We're detecting one to five new species of virus a day and seeing 100 to 200 new phishing sites appearing every day." Take a look at who's getting attacked. What can we do about it? (PDF report by DHS on crimeware)
posted by clockworkjoe on Mar 1, 2006 - 21 comments

are they matched to the access code and do you keep a record of what code is mailed to what person?

So if you run the CD in your personal computer, by the end of it, the Minnesota GOP will not only know what you think on particular issues, but also who you are. --a cd being sent out to home by the Minnesota GOP is polling people who use the cd, sending their personal info, including name, address, and phone, among other info, back to party headquarters. No privacy policy or statement identifying what the cd does is visible anywhere: ...As far as I could tell, nothing tells you that the answers are about to be e-mailed or otherwise transmitted to the Minnesota GOP. So you finish, and then the phone rings. "Hello, Mr/Mrs. Voters, it's Joe and I notice you support gun control and the marriage amendment, would you like to donate some money to us?" That might startle the person who may have thought he/she was viewing the presentation in the privacy of the computer room. ...
posted by amberglow on Feb 28, 2006 - 80 comments

Malware (Radlight)

Malware (Radlight) will silently remove (vi fark ) Ad-aware when installed. The forums on both sides have already sparked some heated discussions.
posted by ambirex on Apr 24, 2002 - 8 comments

Microsoft's newest version of Windows....

Microsoft's newest version of Windows.... billed as the most secure ever, contains several serious flaws that allow hackers to steal or destroy a victim's data files across the Internet or implant rogue computer software. The company released a free fix Thursday.

A Microsoft official acknowledged that the risk to consumers was unprecedented because the glitches allow hackers to seize control of all Windows XP operating system software without requiring a computer user to do anything except connect to the Internet.
posted by bkdelong on Dec 20, 2001 - 60 comments

Fight back against sneaky scumware

Fight back against sneaky scumware like TopText and Surf+, with this Javascript code by Gary Rosenzweig of CleverMedia. The code detects the scumware's presence, pops up a message letting the user know they're carrying a parasite, and then surveys the user to find out if they knew about it. In the first day of operation on his site, he discovered that 3.67% of his visitors had either TopText or Surf+ installed, and more than 90% of these visitors did not know until they were told. (Link to the Javascript code is at the bottom of the article.)
posted by cfj on Aug 31, 2001 - 7 comments

Page: 1
Posts