alert

This post has been shared originally by Malwarebytes Blog: The word about the Zeus Trojan back on Facebook has spread as fast as the malware itself across many news sites. Awareness and education about online dangers is essential but headlines like “Malware That Drains Your Bank Account Thriving On Facebook” instill fear while at the same time blame Facebook — something that may not be entirely justified. Malicious links on social networking sites are nothing new (Twitter, Linkedin to name a few)....

The Dorkbot/Rodpicom worm, which spreads via messaging applications and leads to additional malware infections, is currently doing rounds on Skype and MSN Messenger, warns Fortinet. The vicious circle starts with potential victims receiving a direct message from a contact, asking “LOL is this your new profile pic? http://goo.gl/[removed]”. Those who follow the link land on a malicious site and are infected with the worm. Apart from being able to send out the aforementioned message to further potential victims, the malware is also capable of opening a backdoor into the infected system, downloading more malicious software, spamming, reaching out to its C&C server, downloading a new version of itself, and other malicious activities....

Symantec: Phishers continue to target Indonesian celebrities with adult scams. Phishing attacks on rock star Ahmad Dhani have already been seen. In July 2012, Symantec observed a phishing site that claimed to have an adult video of Indonesian actress and singer Aura Kasih. The phishing site spoofed a social networking brand and was hosted on a free Web hosting site. The adult scam came in light of a recent scandal surrounding the singer....

Mashable: Sophos’s NakedSecurity blog outlined the threat on Wednesday. The company’s SophosLabs intercepted a “spammed-out email campaign” which was designed to spread malware. Sophos provided the following example: The blog notes that the email address above misspells “Facebook” as “Faceboook.” The link takes the user to a malicious iFrame script, which exposes the user’s computer to malware. However, within four seconds, the user’s browser is directed to a presumably innocent Facebook page like the one below to act as a smokescreen....

Tomorrow, July 9th, the FBI will shutdown the DNS servers which allow the computers infected with this malware to use the Internet. If you want to make sure you will keep your internet working, act today and check your computer to see if it’s infected by DNS Changer or not, here is a very easy to use tool: Tool available for those affected by the DNS-Changer

H-Online: Internet forums are currently circulating a list containing over six million password hashes which allegedly originate from LinkedIn. The passwords are being cracked collaboratively with about 300,000 passwords already published as plaintext. The list contains pure SHA1 hashes with no name or email addresses. If decrypted, the passwords will not easily give access to an appropriate account. However, it is probable that the person who captured the hashes also has the corresponding email addresses....

H-Online: A new type of phishing strategy, which aims to trick unsuspecting users into installing a trojan by pretending to be an account cancellation request from Facebook, has been discovered by Sophos. The email messages link to a third party application on the site that will install a Java applet and then prompt the user to update their Flash player, but will actually deliver the trojan malware. The email messages that are sent out claim to be from Facebook and state: “We are sending you this email to inform you that we have received an account cancellation request from you....

Symantec Connect: Customers of popular email service providers have been a common target for phishers for identity theft purposes. Phishers are constantly devising new phishing bait strategies in the hope of stealing user email addresses and passwords. In April 2012, Symantec observed phishing pages that mimicked popular email services in an attempt to dupe users with attractive storage plans. Customers were flooded with fake offers of free additional storage space for services such as email, online photo albums, and documents....

Corss-posted from ZDNet: Summary: Cyber criminals have created a fake Biophilla app for Android that is really just malware in disguise. Your first red flag should be that Biophilla is officially available on iOS, but not on Android. During April alone, we’ve already seen malicious versions of Angry Birds Space and Instagram in the wild. Both are Android apps that are really just malware designed to generate money from unsuspecting users by sending expensive international text messages....

Symantec Connect: Symantec is intercepting a resurgence of spam attacks on popular brands. Spam messages that are replicas of the Wikipedia email address confirmation alert are the new vector for the present. The said spam messages pretend to be originating from Wikipedia, and are selling meds, with the following subject line: “Subject: Wikipedia e-mail address confirmation”. The spoofed Wikipedia page is a ploy to give legitimacy to the sale of meds online....