First iPhone worm rickrolls jailbroken phones
[Via PMP Today; thanks to everyone who sent this in]
virus posts



"Etisalat appears to have distributed a telecommunications surveillance application... independent sources have concluded that it is possible that the installed software could then enable unauthorized access to private or confidential information stored on the user's smartphone. Independent sources have concluded that the Etisalat update is not designed to improve performance of your BlackBerry Handheld, but rather to send received messages back to a central server."

Quite a number of no-goodniks who thought they'd save a few bucks by downloading a pirated version of iWork '09 have gotten more than they'd bargained for -- in the form of a Trojan Horse called OSX.Trojan.iServices.A. This guy installs itself in the computer's startup as root, and once in place it can connect to a remote server and broadcast its location, allowing malicious users to take charge of the machine remotely. And since it has root access to the OS, the trojan can not only install additional components but can also modify existing apps, making this thing extremely difficult to remove. According to a white paper released by Intego, at least 20,000 people may have downloaded the infected software -- which they'll get around to installing as soon as they finish those episodes of Celebrity Rehab they grabbed at the same time.
While it doesn't appear to be nearly as serious as some of the computer problems the International Space Station has faced, it looks like a virus has managed to find its way onto some of the laptops used on the Station, which NASA is now describing only as a "nuisance." According to SpaceRef.com, the virus is the W32.Gammima.AG worm, which is normally used to swipe sensitive information for online games. As Wired's Threat Level reports, the worm has also spread to more than one laptop on the Space Station, which would seem to suggest that it has either been spread via an on-board intranet, or via a thumb drive. Somewhat disconcertingly, when asked by Threat Level if any mission critical systems were connected to the same network as the laptops, NASA spokesperson Kelly Humphries simply said, "I don't know and even if I did, I wouldn't be able to tell you for IT security reasons."
We've already seen a few viruses delivered via hardware, but a group of researchers from University of Illinois at Urbana-Champaign are now warning that we may not have seen anything yet. As New Scientist reports, they've apparently managed to develop their own "malicious circuits," which they say can interfere with a computer at a deeper level than a virus, and completely bypass traditional anti-virus software. To accomplish that slightly unsettling feat, the researchers created a replica of the open source Leon3 processor, and added about 1,000 malicious circuits not present in the original processor. Once they hooked that up to another computer they were apparently not only able to swipe passwords from memory, but install malware that would allow the operating system to be remotely controlled as well. Of course, they admit that sneaking such malicious circuits onto a chip isn't exactly an easy proposition, given that someone would either need to have access to a chip during its manufacturing process, or have the ability to manufacture their own. Or, as the project's lead researcher puts it, it's "not something someone would carry out on weekends."
We've seen a couple viruses make their way into the manufacturing process and onto shipping products, and it looks like HP Australia and its enterprise customers are the latest victims. USB keys shipped with some HP Proliant servers are infected with the Fakerecy and SillyFDC viruses, and the company's issued an alert saying that any up-to-date virus scanner should be able to tackle the nasties. It's a pretty low-grade threat -- the key is only used to install floppy disk drivers and neither virus is particularly destructive, but all you server admins Down Under might want to check your rigs just to be sure.








