Virus -- Engadget

virus posts

First iPhone worm rickrolls jailbroken phones

by Nilay Patel posted Nov 8th 2009 at 10:48PM

We sort of knew this would happen as soon as we heard about that iPhone wallpaper hack in the Netherlands -- a hacker named ikex has created what's apparently the first iPhone worm, and it's currently infecting jailbroken iPhones across Australia. The "ikee" worm, as it's being called, takes advantage of the fact that jailbroken iPhones with SSH installed all have the same default root password of "alpine," and once in the system it changes your wallpaper to an image of Rick Astley and then tries to install itself on other jailbroken iPhones on the network. Sophos says it hasn't confirmed any infections outside of Oz, and to be clear, this worm can't get to stock iPhones or jailbreak owners who haven't installed SSH -- but if you're running a hacked phone we'd say you should change that root password just to be safe right away. Get to it, kids.

[Via PMP Today; thanks to everyone who sent this in]

Australian power grid attacked by virus, Linux saves the day

by Joseph L. Flatley posted Oct 8th 2009 at 4:46PM

This isn't the first time we've heard of an institutional virus outbreak -- even the crew of the International Space Station had a neat little scare not too long ago -- and now various outlets in Australia are reporting that Integral Energy, which supplies energy to homes and businesses in New South Wales and Queensland, has suffered a particularly nasty visit by the W32.Virut.CF virus. When all was said and done, the company had to repair all 1000 of the facility's desktops. Furthermore, the Sydney Morning Herald reports that the company's anti-virus software hadn't been updated since at least February. Between the lack of anti-virus updates and the fact that segregation between the company's main network and the grid was "typically none at all" this story has all the makings of a disaster. Luckily, the grid itself runs on Sun Solaris -- and when control systems became infected, how did they fix the mess? That's right: by replacing them with Linux machines. A word to the wise: they do make anti-virus auto-updates for a reason.

[Via The PC Report]

Microsoft Security Essentials anti-virus software is now live and free

by Donald Melanson posted Sep 29th 2009 at 1:27PM

In a move that's sure to please a few million Windows users and break the hearts of a handful of anti-virus companies, Microsoft has now finally made the non-beta version of its Security Essentials software available to the general public, and it's not even asking that you throw a launch party to get it for free. For those not in on the beta or following Microsoft's exciting forays into freeware, the software promises to cover all the security basics and fend off viruses, spyware and other malicious software, and Microsoft even assures us that it'll "run quietly in the background" and only intrude on your life when an action is required. You'll also, of course, get free updates on a regular basis, and it'll work just fine whether you use Windows XP, Vista or Windows 7 -- hit up the link below to grab a copy.

[Thanks to everyone who sent this in]

Snow Leopard ships with old version of Flash - great for hackers, not so much for the rest of us

by Joseph L. Flatley posted Sep 3rd 2009 at 2:31PM

As we've seen, for many people the migration to Snow Leopard has been eventful (to say the least). Even if you've been spared most of the growing pains, you'll want to make note of this next item: According to the kids at Adobe, the initial release of Mac OS X 10.6 includes an earlier version of Adobe Flash Player (10.0.23.1), necessitating an upgrade to 10.0.32.18 if you want to take advantage of the enhanced security the latter provides. What's more, even if your plug-in was up-to-date, an upgrade to Snow Leopard will downgrade your Flash Player version -- so much for auto-magically downloading the most recent updates when you install the OS, eh? Our feeling is this: if you're including Flash Player in the OS, you'd better update that as well. As Daily Tech points out, Adobe products (especially Flash) are a favorite of hackers and malcontents everywhere, so if you're serious about security you'll want to get your hands on the update ASAP. And as always, the read link is a terrific place to start.

[Via Daily Tech]

Snow Leopard packing antivirus software?

by Ross Miller posted Aug 25th 2009 at 8:28PM

If the online chatter is to be believed, Apple's very soon to be released Snow Leopard has in its code new protection for fighting malware. According to the picture above corroborated by other online reports, a DMG downloaded by Safari was checked by the OS and found to contain the "RSPlug.A" Trojan. The system promptly suggests you eject the disk image to avoid damage. Should Apple really be treading down this path, it begs the question of how often and how comprehensive / aggressive the company will be updating its antivirus logs. If nothing else, it's a certainly a notable symbolic gesture that the one-time underdog might be gaining enough market share to catch the attention of the darker side of the internet -- and all of a sudden, David Puddy isn't looking nearly as bad.

[Thanks, David]

Etisalat BlackBerry update was indeed spyware, RIM provides a solution

by Darren Murph posted Jul 21st 2009 at 9:41AM

Um, yikes? An unexpected (and unwanted) surprise struck some 145,000 BlackBerry users in the UAE this time last week, when an official looking prompt coerced many of the aforesaid Etisalat customers to follow through with a software update. Rather than bringing about performance enhancements, the SS8-built app enabled the carrier to keep tabs on customers' messages. According to RIM:

"Etisalat appears to have distributed a telecommunications surveillance application... independent sources have concluded that it is possible that the installed software could then enable unauthorized access to private or confidential information stored on the user's smartphone. Independent sources have concluded that the Etisalat update is not designed to improve performance of your BlackBerry Handheld, but rather to send received messages back to a central server."

Like we said, yikes. The zaniest part is that Etisalat isn't backing down, still assuring the world that the upgrades were "required for service enhancements." At any rate, RIM has made remarkably clear that the update wasn't one authorized by the company, and it's even providing an app remover for those who'd prefer their BlackBerry to be in working order and, you know, not forwarding all their email to some dude in an Etisalat supply closet. Good on you, RIM. Bad on you, Etisalat.

[Thanks, Gerald]

Read - Confirmation of spyware
Read - RIM app remover

Toshiba's potent TG01 back on sale through O2 Germany

by Darren Murph posted Jul 18th 2009 at 11:48PM

Well, that was snappy. Just days after O2 Germany abruptly halted the sales of Toshiba's 1GHz TG01 smartphone due to an unexplained virus outbreak among new units, it seems as if things are back in gear. Online, anyway. As of this moment, web shoppers can order the Snapdragon / WinMo-powered from the carrier once more, though there's no word on if retail shops are still keeping their stock in quarantine. Either way, we'd don a mask before waltzing in to inquire.

[Thanks, Fab]

O2 Germany's TG01 handset, now with virus!

by Joseph L. Flatley posted Jul 15th 2009 at 10:17AM

It's bad enough picking up a virus because you've made an uncharacteristic (to you at least) illegal software acquisition, but bringing one home when you're just minding your own business, trying to enjoy your legitimate and hard-earned purchase, is totally uncool. Case in point: according to Inside-Handy.de, a few unlucky customers of O2 in Germany have purchased the TG01 handset only to discover a virus present on the device. While Toshiba tries to determine the impact and the cause of the infection, O2 has halted sales of the smartphone, though there's no word on when sales will resume nor if this infection has spread to other European nations.

[Via Unwired View]

MIT builds battery from bacterial virus, humans to power machines by 2012

by Thomas Ricker posted Apr 3rd 2009 at 4:21AM

We've been tracking MIT professor Angela Belcher's attempt to build batteries and nano-electronics from viruses since 2006. Scientifically speaking, the so-called "virus" is actually a bacteriophage, a virus that preys only on bacteria while leaving humans of diminishing scientific knowledge alone to doubt that claim. Now, in a new report co-authored by Belcher, MIT research documents the construction of a lithium-ion battery (pictured after the break) with the help of a biological virus dubbed M13. M13 acts as a "biological scaffold" that allows carbon nanotubes and bits of iron phosphate to attach and form a network for conducting electricity. Specifically, MIT used the genetically engineered material to create the battery's negatively charged anode and positively charged cathode. Best of all, MIT's technique can be performed at, or below room temperature which is important from a manufacturing perspective -- a process that MIT claims will be "cheap and environmentally benign." Already MIT has constructed a virus-battery about the size of that found in a watch to turn on small lights in an MIT lab. Belcher claims that just a third of an ounce (about 10 grams) of the viral battery material could power an iPod for 40 hours. In time and with enough effort MIT expects to scale the technology to power electronic vehicles. Remember, when the time comes choose the red pill.

[Via Scientific American, Thanks James]

Continue reading MIT builds battery from bacterial virus, humans to power machines by 2012

iWork '09 trojan infects at least 20,000 machines?

by Joseph L. Flatley posted Jan 22nd 2009 at 5:14PM

Quite a number of no-goodniks who thought they'd save a few bucks by downloading a pirated version of iWork '09 have gotten more than they'd bargained for -- in the form of a Trojan Horse called OSX.Trojan.iServices.A. This guy installs itself in the computer's startup as root, and once in place it can connect to a remote server and broadcast its location, allowing malicious users to take charge of the machine remotely. And since it has root access to the OS, the trojan can not only install additional components but can also modify existing apps, making this thing extremely difficult to remove. According to a white paper released by Intego, at least 20,000 people may have downloaded the infected software -- which they'll get around to installing as soon as they finish those episodes of Celebrity Rehab they grabbed at the same time.

[Via Macworld]

Another pair of infected digiframes promise to ruin the rest of your holiday break

by Darren Murph posted Dec 29th 2008 at 4:01PM

Oh, geez. Not this again. Just months after everyone involved with that virus-ridden Insignia frame finally cleaned things up, here comes two new reports that select frames could indeed be shipping from the factory with malware pre-installed. For starters, the 1.5-inch Mercury Digital Photo Keychain -- which is sold at Walmart and other fine retailers -- seems to have some pretty nasty software loaded on, and Amazon has went so far as to issue an alert that some Samsung SPF-85H frames are leaving the dock with the 32.Sality.AE worm on the installation disc. Something tells us someone in quality control couldn't quite get in the holiday spirit.

[Via Slashdot]

ASUS pre-installs Japanese Eee Box PCs with worm, issues recall

by Thomas Ricker posted Oct 14th 2008 at 7:29AM

Uh oh. ASUS just issued a recall for all Eee Box PCs sold in Japan due to a nasty pre-installed worm. The malicious code dubbed "recycled.exe" may attempt to download additional malware while attempting to replicate itself to attached USB storage devices at the first opportunity. Of course, this isn't the first time that ASUS has been embarrassed by its image burns. Who could forget the the illegal keygen and confidential documentation shipped on those brand new laptops last month? Apparently, only ASUS who has yet to clean house.

[Via The Inquirer]

Space Station laptops catch "nuisance" virus

by Donald Melanson posted Aug 27th 2008 at 1:26PM

While it doesn't appear to be nearly as serious as some of the computer problems the International Space Station has faced, it looks like a virus has managed to find its way onto some of the laptops used on the Station, which NASA is now describing only as a "nuisance." According to SpaceRef.com, the virus is the W32.Gammima.AG worm, which is normally used to swipe sensitive information for online games. As Wired's Threat Level reports, the worm has also spread to more than one laptop on the Space Station, which would seem to suggest that it has either been spread via an on-board intranet, or via a thumb drive. Somewhat disconcertingly, when asked by Threat Level if any mission critical systems were connected to the same network as the laptops, NASA spokesperson Kelly Humphries simply said, "I don't know and even if I did, I wouldn't be able to tell you for IT security reasons."

[Via Threat Level, thanks a.c.e.r.]

Researchers design "malicious circuits," warn of potential risk

by Donald Melanson posted May 1st 2008 at 2:45PM

We've already seen a few viruses delivered via hardware, but a group of researchers from University of Illinois at Urbana-Champaign are now warning that we may not have seen anything yet. As New Scientist reports, they've apparently managed to develop their own "malicious circuits," which they say can interfere with a computer at a deeper level than a virus, and completely bypass traditional anti-virus software. To accomplish that slightly unsettling feat, the researchers created a replica of the open source Leon3 processor, and added about 1,000 malicious circuits not present in the original processor. Once they hooked that up to another computer they were apparently not only able to swipe passwords from memory, but install malware that would allow the operating system to be remotely controlled as well. Of course, they admit that sneaking such malicious circuits onto a chip isn't exactly an easy proposition, given that someone would either need to have access to a chip during its manufacturing process, or have the ability to manufacture their own. Or, as the project's lead researcher puts it, it's "not something someone would carry out on weekends."

[Via TG Daily, image courtesy Actel]

HP sends server customers virus-infected USB keys

by Nilay Patel posted Apr 7th 2008 at 5:47PM

We've seen a couple viruses make their way into the manufacturing process and onto shipping products, and it looks like HP Australia and its enterprise customers are the latest victims. USB keys shipped with some HP Proliant servers are infected with the Fakerecy and SillyFDC viruses, and the company's issued an alert saying that any up-to-date virus scanner should be able to tackle the nasties. It's a pretty low-grade threat -- the key is only used to install floppy disk drivers and neither virus is particularly destructive, but all you server admins Down Under might want to check your rigs just to be sure.

[Via The Register]