Trojan
Latest
First iPhone Trojan horse is weak, Greeks point, laugh
Well if you've been telling your buds your iPhone is totally virus free and safe, 'tis time to eat your words. Seems some incompetent 11-year old kid added an app to Installer sources that lists itself as "iPhone firmware 1.1.3 prep" -- we're calling it fail.trojan -- an update to Erica's Utilities. Though not too troublesome -- apparently only says "shoes" once installed -- it may well be the start of a whole new bag of fun for the inspired yet bored amongst us. Removing the app damages a pile of programs in the iPhone's bin folder like Erica's Utilities, OpenSSH, Doom, and Launcher, though you can sort it by simply re-installing. Apparently his father's been notified and he's been given a harsh talking to and the site with the malicious source is now offline.[Via CNET, image courtesy of thecampuscomic]
Virus warning, HiPiHi may contain trojan [UPDATED]
Users of the HiPiHi virtual world are reporting that the application uninstaller for the virtual world client may be infected with a malicious trojan, identified as BackDoor.Bifrose.YM aka BDS/Bifrose.Gen. It is not presently confirmed as to whether this is a genuine threat or a false-positive, but you need to be cautious. Not all virus scanners are reporting this - which says little about whether the threat is genuine or not. Update: Wikipedia suggests that there is usually a trojan embedded in the uninstaller. [Thanks to Massively reader ZATZAi for the heads-up, and the image]
Macworld explains how not to get bitten by malware
We recently mentioned the new OS X malware that's floating around the (nether side) of the net these days. Over at Macworld, Rob Griffiths has an extensive article discussing the ways you can tell if a piece of downloaded software is fishy. The tips range from the obvious (only download from trusted sources) to the arcane (diving into packages to examine the installer components). The overall strategy is to examine the software carefully and look for tell-tale signs that it's not legitimate.In any case, it should give you a good set of strategies to use when evaluating a questionable download.
Virtually Overlooked: Trojan
Welcome to our weekly feature, Virtually Overlooked, wherein we talk about games that aren't on the Virtual Console yet, but should be. Call it a retro-speculative.It's nice to get a little break from the insane howling taking place on all sides. Let's think of today's VO as an oasis from E3; a little sanctuary where we aren't beset by new game announcements and screaming judgments of Nintendo's doom or domination. After all, what could be so diametrically opposed from E3 than talking about a very old game that's already out, and that we already know we don't have to be excited about?You won't find any hype here or anywhere else for Capcom's Trojan. That is a promise.
Your virtual cash may be worth more than your real cash
This isn't the first time we've heard this, but recently PC World has reported that your virtual assets may worth more than your real assets. From the article:According to Craig Schmugar, a researcher with the McAfee research labs, McAfee now sees more password-stealing malware designed to nab accounts of games like Lineage and World of Warcraft than Trojans that go after financial accounts.Why? Your in-game assets can easily be converted to cash and there's much less legal risk involved in trafficking virtual goods than trafficking, say, stolen credit card numbers. So treat this as a reminder: be careful of keyloggers! (And if you're not sure how, read up on our advice on how to keep your system keylogger-free.)
Is the background downloader a virus?
According to MVP Schwick on the EU forums, several different anti-virus scanners have started detecting the Blizzard background downloader and some patch files as malware. With as much trouble as you can get into with certain kinds of malware, this sort of alert would be bound to panic anyone. However, this one has been confirmed by Blizzard as a false alarm. For now, be sure to download the latest updates to your anti-virus scanner, and if it detects any of the following, it's likely a false positive: Trojan-PSW.Win32.WOW R/PSW.WOW.RG.3 Trojan horse PSW.Generic4.TUV However, if, after upgrading your anti-virus software, you're still getting virus messages? Report it on the tech support forums. As Blizzard EU rep Torzelyn says:Updating the Virus Scanners is removing the Trojan alert, but if your particular scanner is still flagging it as a trojan, please don't patch the game just yet. I'm sorry but I'm just wanting to be cautious. Although it appears to be a false positive, as with Kaspersky, AntiVir etc.. updating the definitions is solving the problem, I don't want to just say 'use the files' because there could still be a problem somewhere.[Via BlizzPlanet]
Danger Will Robinson!
I saw this screen shot last night on the WoW LJ community, and I have to admit, it took me by surprise. This is the first time I've ever actually seen the World of Warcraft launcher/load screen come out and point-blank warn people about the presence of Trojans on their machines. As there are a lot of variants of this particular Trojan out in the wild, that specific name doesn't surprise me.Considering the fact that two Blue accounts were recently compromised, it looks like it's a good time to once again make sure your systems are patched, your virus scanners are up to date, and that you've got some good lines of defense against these Trojans. (Personally, I'm a huge fan of FireFox and some of the browser extensions that have come out for it.) Or, as some of my friends have told me, I could just get a Mac, and not have to worry so much about these kinds of things either. I keep telling them I'll happily switch when they buy me one.
London hit by malware-infected USB ruse
Joining the infamous Chip & PIN terminal hacks as yet another way to siphon banking details from unlucky Londoners, a group of "malware purveyors" reportedly dropped off tempting Trojan-infused USB drives in a UK parking lot in hopes that unsuspecting individuals would take the bait and subsequently hand over their banking credentials. Supposedly, Check Point regional director Nick Lowe mentioned the wile at the Infosec trade show, but couldn't elaborate due to the ongoing investigation. Another insight suggested that such chicanery was becoming "the new phishing email," but hey, where's the love for those oh-so-vulnerable ATMs? Take note, dear Brits, that the free storage you're eying on the park bench could end up costing you quite a bit in the long run.
Real-life Halo suit up for sale on eBay
Less than a month after energetic Troy Hurtubise set out to attract a corporate buyer for his Halo-inspired "Trojan" suit, the man known for inventing the 'bear suit' is broke and turning to eBay. Hurtubise's full-body exoskeleton ballistic armor will apparently be sold to the highest bidder (currently $10,000) when the online auction closes February 15. Hurtubise allegedly spent $15,000 (all of his family's savings) and roughly 1,750 hours creating his most ambitious project to date.The Trojan suit boasts such splendid pageantry as an ophthalmologist-approved helmet-mounted laser sight, wrist-mounted canister of ultra-mace (capable of downing 40 machete-clad "insurgents"), and crouch-mounted world clock. All this and more documented in the video below...
Project Grizzly guy forced to auction Trojan 'Halo suit'
Normally we'd start off a post about the sale of Canadian Troy Hurtubise's Trojan fully-armored exoskeleton with a few amusing Robocop quips, but the reason Troy has to let his crazy, high-tech creation go makes such frivolity seem a little inappropriate. You see, Troy -- inventor of such products as several well-documented bear suits, a fire-resistant paste, and a strange device that he claims can see through walls and skin -- spent $150,000 developing the Trojan (apparently his family's entire savings), along with 1,800 hours on everything from calibrating the helmet-mounted laser to designing the unique, um, crotch-mounted digital compass / world clock. Well even after all the media exposure that made his get-up something of an internet celebrity recently, Troy was unable to find any buyers interested in mass producing what was projected to be a $2,000 piece of equipment -- reportedly leaving him broke and facing eviction. If you do decide to pursue this one-of-a-kind wearable tank (it can supposedly withstand a shotgun blast at point blank), keep in mind that you're getting more than just the suit itself, as Troy is also throwing in rights to the so-called "Shadow Armor" formula that he developed; entrepreneurial military contractors take note. So far there hasn't been a single offer on the badass Trojan, and with a starting bid of only $1,000, there's a chance that you could pick this beauty up for a song (the reserve, however, is unknown). We had a pretty funny Batman joke to close things out with, but instead we'll just direct you to the video after the break, and use this space to wish Troy and his family the best of luck.[Via The Hamilton Spectator, thanks Bill D.]
TomTom fesses up to Trojan infection in GO 910 navigation units
If you've recently plunked down $599-ish for a TomTom GO 910 portable GPS device, but decided to hop onto the interwebs real quick just before you plug that sucker in (yeah, we know, the odds are low), then it looks like it's your lucky day. Apparently the Netherlands-based TomTom just admitted to a UK security journalist that the TomTom GO 910s that were produced between September and November of 2006 have been shipping with a couple Trojans -- similar to Apple's little RavMonE.exe debacle last year. But not to worry: "The viruses that were detected present an extremely low risk to customers' computers," according to TomTom. Of course, relaying to the public such helpful information that TomTom was obviously aware of would be clearly out of the question, but it's nice to know that while manufacturing oversights caused a couple of Trojans to be introduced to unsuspecting PC users by spendy GPS hardware, they at least aren't the nasty kind. TomTom claims the problem has been corrected, and that "Appropriate actions have been taken to make sure this is prevented from happening again in the future." They also have some instructions at the read link for removing the viruses (win32.Perlovga.A Trojan and TR/Drop.Small.qp), which mostly amount to advising you to update your virus software.[Via Slashdot]
Real-life Halo suit ready for deployment?
Perhaps it's more akin to the PAC full-body armor featured in Battlefield: 2142, but there's no denying that Troy Hurtubise's 'Trojan' suit is straight outta video game lore. The man responsible for inventing the bear-proof suit has developed, in his own words, the "first ballistic, full exoskeleton body suit of armor."Weighing just 18 kilograms (40 pounds), Hurtubise believes the Trojan will be comfortable to wear in the field (he wore it for a 4-hour drive); not to mention protective. An empty suit has withstood bullets fired from an elephant gun -- and Hurtubise is more than ready to perform a live test. ""Bring it on," he says. In addition to armor, made from high-impact plastic lined with ceramic bullet protection over ballistic foam, the suit features storage for morphine, salt, a knife, and emergency light. Plus, a recording device, pepper-spray gun, and detachable (and swallowable) transponder are built into the forearms. There's also an in-suit fresh-air system, drinking tube (attached to back-mounted canteen), laser pointer, and some hip LED face lights.Hurtubise has said that he drew inspiration for the suit from Star Wars, RoboCop, Batman, and indeed video games. He believes that Trojan suits can be produced for roughly $2,000 a pop and is actively seeking potential buyers, including military and police units. Anyone wanna pool resources and go in on a couple?[Via Engadget]
DivX & Xvid support too good to be true
Homebrewers will want to be on the look-out once again. If fake downgraders that bricked your PSP weren't enough, apparently another piece of malicious code has hit the web: a supposed plugin for the PSP will allow your system to play AVI, DivX and Xvid files. The program, created by a programmer named "Sc00p," is in fact, littered with trojans that will attempt to infect your PC. Uncool. While it won't brick the PSP, it may be able to harm your computer.[Via DCEmu]
PSP virus in the wild
PSPdemon, from the DCemu forums, has discovered a virus that can brick your system. It disguises itself as a "usb kxploit" and features folder names "SDL-TEST-5 and SDL-TEST-5%" (although this can change at any moment, of course). The file seems to be around 74kb, so make sure you double-check any files you download off the web for PSP use. A virus scanner is available for PSP files, so you may want to check it out.No one wants to have a $200 piece of bricked hardware, right?[Thanks, steve!]
New World of Warcraft Trojan
A new trojan is out in the wild looking to steal your Warcraft login information. Once infected, this virus will attempt to log all keystrokes sent between your computer and the login servers (us.logon.worldofwarcraft.com or eu.logon.worldofwarcraft.com). Any data it collects - which would include your username and password - will then be sent off to a remote attacker. Symantec is currently reporting that the virus hasn't spread far yet, but it's time-consuming and difficult to recover a lost account, whereas it's fairly quick and painless to make sure your anti-virus definitions are up to date.
Password Stealing Trojan
A new trojan out in the wild is attacking computers with the goal of stealing your World of Warcraft account information. It may seem like a trivial target for virus writers, but there's definitely money to be made reselling in-game items - and, thus, money to made by stealing your password. So be certain to keep your anti-virus up to date and if your account has been compromised, contact a GM or the billing department, but expect a lengthy process of investigation to have your items or account restored.
How to take Mac security seriously
Damien went into detail about the "hacker challenge" story and, as he explained, it's much ado about nothing— for now. Clearly, this Mac security thing is only going to get more important. Even Headline News had a largely exaggerated report on the Bluetooth exploit found a while ago... So what is the average Mac user supposed to do? It's all well and good if you're a sysadmin and you can do stuff like lock down a server, but if you just bought your iBook and you are now cowering in a corner because you're afraid to even open the thing (knowing that you will automatically "catch" something), what then? Read on, as I have some stories and advice for you.First it is important to note that the most likely vector of any computer attack is human. And keep in mind the difference between a vector of attack (like the SSH "hack" mentioned by Damien), and a payload, which would be a true virus or Trojan. A worm is a vector, but it might deploy a payload. Make sense? Anyway, the point is humans are the weakest link in the whole chain, yet also the most important in stopping any attack. It is this central fact that makes almost all OS'es equal in terms of security. You are only as good as the people who use a system, and those who set it up. Case in point: phishing.Phishing is a huge problem, and easy to set up. You get an email claiming some guy is your long-lost relative, and he needs some money to get out of jail. If he gets out, he'll double your money. Or, even easier to trick (but harder to set up) is the fake URL scam, where it looks like Paypal or ebay (common targets) is sending you a letter about your account. This is the true phishing scenario, played out millions of times a day on the internet. Just click on the link to "verify" your account info, or it will be deleted. Unfortunately, the link will take you to a spoofed site, and you'll be typing your sensitive info into a trap designed to steal your passwords and credit card numbers. These are spins on classic grifters' tricks, and phishing scams aren't very well guarded on OS X. Microsoft and Mozilla are trying to attack this problem with tools in their browsers (or in email clients) that will alert you to spoofed websites. So what can you do on OS X? First, check out the US government's guide to avoiding phishing scams. Second, make sure you're using something to filter spam, as this will often catch a lot of generic phishing scams. If you use Firefox, Netcraft has a toolbar that will supposedly guard against phishing, but I haven't tried it. It essentially checks URL's for you. Third, use common sense. Would ebay really send out an email to an account and NOT use their username? Of course, the common sense cure is the hardest one to invoke...One more thing about the human vector: it's all about education. You have to teach people the rules of the road, yes? Well you'll have to educate yourself or others on some basic security precautions, especially if you are the cautious type. One common concept is to never share passwords. Also, most people would recommend you don't use the same password for everything you do. And since we're talking about passwords, don't forget to change them often, and use combos of letters, numbers, and uppercase/lowercase where appropriate. If you want a freeware tool for making passwords, there's Pazzle. With Keychain, I have a bad good habit of just setting a great password, but instantly forgetting it. Let's just hope I back up my Keychain database on a regular basis, eh? Oddly enough, Wayne State has a quick little ditty on setting passwords, and of course Wikipedia has the whole history plus some ideas too. Without exposing my own tricks, I can say that if I have to remember it, I'm more likely to use l33t type spelling for relatively common stuff. Maybe not the most secure in the world, but more secure than "Fluffy" or "PHilton." And did you know OS X includes a password helper, to help create good passwords? It's all here on this Tiger Tips page. Essentially you click the little question mark (or key, as in FileVault it was a question mark, but sometimes it's a key, as in the pic on the Apple page, go standard GUI!) and a tiny dialog pops open to help you make a password. Pretty slick.Tiger introduced a ton of very necessary security features too (aside from the password helper). Stuff most people don't think about is now included, like Kerberos support in VPN, secure virtual memory, and a certificate assistant. A lot of these things are hard to find to the uninitiated, which I guess is good, since most folks won't use them. So instead, let's go over some more basic things you can do to protect yourself (after the jump).
First Tiger Trojan: Mac/Cowhand-A?
My money is on this being another proof-of-concept design, but Sophos is listing a new Mac Trojan, dubbed Mac/Cowhand-A, which lets other people gain control of your Mac: "Mac/Cowhand-A is a proxy Trojan for the Mac OSX platform. The Trojan may copy itself to the user's Preferences folder. In order to run itself on startup, the Trojan may add itself to the user's Startup Items." It's supposedly a Tiger trojan (say that three times fast), but it's listed on the low-end of Sophos's prevalence chart.
