Having your own website is hard enough. In addition to adding content, trying to grow your audience, maintaining it, now you have to be cautious of malware possibly being spread through your beloved website?
According to Palo Alto Networks’s recent The Modern Malware Review, “90 percent of Unknown Malware [is] Delivered Via Web-Browsing.”
This confirms that most web-based infections fly under the radar for several hours/days before being detected by major antivirus products.
In our previous blog posts, we’ve discussed how web exploits affect end users’ machines and serve malicious payloads.
Let’s take a look behind the curtain on websites and web servers that house and serve malware and how to better protect your own website.
Cydia is a program for iOS that allows you to install software packages on your Jailbroken iPod / iPhone / iPad that aren’t normally available on Apple’s App Store.
Cydia helps you manage various software sources (also known as repositories or repo) via its friendly user interface.
While many repositories are legitimate, there are just as many that let you download pirated apps for free. Beyond the copyright infringement issue, there is also the risk of downloading an infected app and getting more than what you bargained for (you can read this post about Android security which also talks about unknown sources and reputable markets).
Whether a Cydia source is legitimate or not, it remains a potential security issue simply because we don’t always know how well it may be maintained. Today, we take a look at a popular repository called iHacksRepo which had its website compromised and was leveraged to serve the Redkit Exploit Kit.
The word about the Zeus Trojan back on Facebook has spread as fast as the malware itself across many news sites.
Awareness and education about online dangers is essential but headlines like “Malware That Drains Your Bank Account Thriving On Facebook” instill fear while at the same time blame Facebook — something that may not be entirely justified.
Malicious links on social networking sites are nothing new (Twitter, Linkedin to name a few). They have been, and continue to be, abused by spammers to peddle fake AV or redirect to exploit sites distributing all sorts of nasties.
So what exactly is all the fuss about? Let’s have a look at this example reported by the New York Times.
If you use your debit or credit card to buy groceries or get cash out of an ATM you might want to know that the bad guys could have a piece of it.
Researchers at Russian security firm Group-IB say that customers from some of the largest US banks have been affected by malware that steals credit card data directly from ATMs as well as point-of-sale (POS) terminals found at regular retailers. Cyber-crooks are infecting the Operating System that powers ATMs and point-of-sale terminals with malware capable of stealing financial data.
The business model behind going directly to the source is efficient because criminals only need to compromise a few ATMs to collect hundreds, if not thousands, of credit card numbers which can immediately be sold on the black market.
You may recall a post I wrote back in April about fake Microsoft phone support calls. I had received a call from scammers whose job was to trick me into buying a bogus program for ‘only’ $299. When they saw I was not willing to pay, they got mad and deleted documents and pictures off my (virtual) machine before cutting me off in a very rude way. Well, this time we meet again, but on different terms: I am the one calling them and I make sure I’m collecting as much evidence as possible before waving good bye.