virus
Latest
DivX & Xvid support too good to be true
Homebrewers will want to be on the look-out once again. If fake downgraders that bricked your PSP weren't enough, apparently another piece of malicious code has hit the web: a supposed plugin for the PSP will allow your system to play AVI, DivX and Xvid files. The program, created by a programmer named "Sc00p," is in fact, littered with trojans that will attempt to infect your PC. Uncool. While it won't brick the PSP, it may be able to harm your computer.[Via DCEmu]
MMS exploit targets Windows Mobile 2003
What's scarier than a text message luring you into getting your PC all hosed up with virii? An MMS message that somehow manages to do the infection honors all by its lonesome, that's what. Details are now emerging on what appears to be the world's first proof of concept for an MMS virus, exploiting a weakness in the way Windows Mobile 2003 handles SMIL (Synchronized Mutlimedia Integration Language) to cause a buffer overflow -- which in turn leads to the dreaded "arbitrary code execution." The fella responsible for the exploit apparently gave Microsoft the heads-up a solid six months ago; when he never heard back, he went public with it in a big way at Berlin's Chaos Communication Congress. The good news (if you can call it that) is that it's only been tested on the i-mate PDA2K and HP iPaq h6315, both of which are approaching the tail ends of their useful shelf lives. No word on whether the vulnerability applies (or can be easily adapted to) Windows Mobile 2005, but somehow, "we hope not" simply doesn't properly express our sentiments.[Via El Reg]
Does QuickTime pose a security risk?
The whole QuickTime/MySpace security hole that was discussed this week on TUAW has given rise to a general concern about QuickTime's vulnerabilities. The QuickTime bug apparently allowed a worm to infect MySpace user profiles and redirected traffic to a phishing site, where passwords were harvested. An Information Week article suggests the security flaw could extend well beyond Myspace to both Mac and Windows users. The problem seems to stem from QuickTime's JavaScript support and a bug that allows malicious JavaScript code to affect browsers. The article states that although Apple has provided an Internet Explorer patch, it has yet to issue a general QuickTime fix across all platforms.
How would you react to a wide-spread Mac OS X virus?
One of the long-standing major appeals of the Mac OS has been its relatively small and low-impact ratio of serious security vulnerabilities and virus attacks. Users wear it like a badge on their shoulder, and even Apple has jumped in by flat-out bragging about Mac OS X's security with their latest Get a Mac ad campaign.While the debate surrounding exactly why the Mac has earned this reputation has raged at least since the term 'trolling' was coined, I'm a bit more interested in bending the space-time continuum and asking you, dear readers, a hypothetical: what would happen if a truly malicious Mac OS X virus were to break out in large scale? I'm talking about something along the lines of the Sasser worm, which grounded some Delta Airline flights, brought many other companies to their knees, and is estimated to have caused billions in damage.I know Apple's machines aren't quite as integral to the various operations of our society and businesses like Windows and Linux are, but it would be hard to argue that a good portion of of the Mac user base doesn't care about the security of their chosen OS. With this in mind, I wonder: would you keep your Mac in a day and age when 3rd party virus and security tools become a basic necessity of Mac OS X? Would you bite the bullet and buy Norton Virus Mega Security Bundle Premium 2007 beta 5? Do you think all those switchers - reeled in by Apple's "We don't have any viruses" Get a Mac commercials - would become crippled in disillusion?What say you, TUAW readers. How large of a hole in Apple's security record would be 'too large'?
TUAW Podcast #13
This week's podcast involves Dan Pourhadi and the C4 developer shindig he attended, those exclusive Leopard screenshots we nabbed, iPod viruses and the corporate blame game, and we round off with Apple's preliminary 4th quarter earnings results. Dan and I kept things short this time around, as the podcast rounds off at just over 20 minutes and 18.6MB.As usual, you can grab the podcast via a direct link, our podcast RSS feed or in the iTunes Store podcast directory. Enjoy the show.Update: It seems there's a bug in our iTS feed preventing from getting this latest episode, though our other links for accessing the podcast are working just fine. We'll keep you posted.
Engadget Podcast 092 - 10.24.2006
Ah, can you smell; the autumn in the air? For some that means it's iPod season, which, incidentally, just celebrated its fifth birthday this week. We've got the scoop there and on how you too can avoid blowing out the Windows virus candles your iPod may have shipped with, as well as some talk on Logitech snapping up Slim, Art Lebedev's latest project, and some interesting (albeit unsurprising) details that surfaced about the Treo 680 on Cingular. Tune in, Engadget Podcast 92 coming right up. Get the podcast [iTunes] Subscribe to the Podcast directly in iTunes (MP3). [RSS MP3] Add the Engadget Podcast feed (in MP3) to your RSS aggregator and have the show delivered automatically. [RSS AAC] Add the Engadget Podcast feed (in AAC) to your RSS aggregator. [RSS OGG] Add the Engadget Podcast feed (in OGG) to your RSS aggregator. Hosts: Peter Rojas and Ryan Block Producer: Trent Wolbe Music: Solvent - Instructograph (Ghostly International) Program: 00:33 - Apple says some 5.5G iPods shipped with Windows virus! 06:52 - The iPod turns five 17:00 - Logitech acquiring Slim Devices 21:32 - Here comes the Upravlator! 26:30 - Treo 680 headed to Cingular 29:08 - Listener emails 47:56 - Contests: deck out tech for Halloween, sing an Engadget song, shoot some sweet photos LISTEN (MP3) LISTEN (AAC) LISTEN (OGG) Contact the podcast: 1-888-ENGADGET, Engadget (Gizmo Project) or podcast at engadget dawt com
Microsoft blames Apple's "quality checks" for iPod virus
Ah, how we love mindless bickering between two mega corporations. In Apple's case, its beloved iPod seems to be a globe-sized target for attacks (and lawsuits), and just a day after the company laid blame to Windows for "not being hardy enough against viruses" found on recently shipped 5.5G 'Pods, Microsoft is firing back with its own harsh criticisms. James Abrams, Microsoft's former head of quality control, pronounced that "Apple didn't know what they were shipping," and suggested that fault should be redirected to Apple's lackluster "quality and content checks." Abrams even stated that McDonald's handling of its own virus-infected DAP problem was far superior to "a lesser company's blame game." Johnathan Poon, Microsoft's current quality assurance guru, finished off the tongue-lashings by prompting Steve Jobs to "contact Poon if he needed someone to advise on how to improve quality checks." Regardless of which party is truly culpable, it looks like we've got ourselves another full-fledged Mac vs PC battle royale on our hands here, and we're certainly not stepping in to break this one up.
Apple says some 5.5G iPods shipped with Windows virus!
We've alway known of Apple's hopes to wean the masses off of their Windows peecees through the elegance of the iPod, but we're afraid they've taken things a bit too far this time. According to Apple, less than one percent of their 5.5G iPod shipments made after September 12th have a little present in the form of the RavMonE.exe virus, which propagates via mass storage devices, and purportedly had infected a PC at the manufacturer where the iPods were produced. Apple has received 25 or so reports of the problem, which they learned of a week ago, and they've "been working around the clock to identify the problem and discover its root cause." Apple has instructions for removal of the virus on their site, but there's no need for full-blown panic because RavMonE.exe is "technically a worm, not a virus," meaning it lowers the security of your PC, but doesn't actual mess with your data itself. Of course, Apple is "upset at Windows for not being more hardy against such viruses," but they're "even more upset with ourselves for not catching it." As they should be.
PSP virus in the wild
PSPdemon, from the DCemu forums, has discovered a virus that can brick your system. It disguises itself as a "usb kxploit" and features folder names "SDL-TEST-5 and SDL-TEST-5%" (although this can change at any moment, of course). The file seems to be around 74kb, so make sure you double-check any files you download off the web for PSP use. A virus scanner is available for PSP files, so you may want to check it out.No one wants to have a $200 piece of bricked hardware, right?[Thanks, steve!]
Platinum-coated virus to be used for speedy memory
All the hip-cool scientists these days are enslaving living organisms to do their bidding. Luckily, they're sticking with the micro end of the size spectrum, or "nano" end in this case. Apparently they've managed to create some supa' fast memory chips by coating 30-nanometer-long bits of tobacco mosaic virus (pictured above in its natural habitat) with itsy-bitsy platinum nanoparticles. Millions of these virus transistors could eventually end up in MP3 players or digital cameras, speeding up image capture or file transfer. We're not exactly sure what makes these virus transistors so special, but apparently the transistors they've built out of the nano-coated strands, and sandwiched between two electrodes, are easy to switch between ON and OFF states, since they don't need to build up a charge at a lame-o capacitor before they can be switched. We suppose we'll just have to trust the methods of these "well meaning scientists who might just instigate the end of civilization through their attempts to advance humanity through science." If it means faster memory chips, that's a risk we're willing to take.
McAfee Virus Scan hits Windows Mobile 5.0
Windows Mobile users worried about viruses and other nastiness invading their precious little devices now have another weapon in their arsenal, with McAfee releasing it's VirusScan Mobile software for Windows Mobile 5.0. Available in both standard and Enterprise editions, it'll ward off viruses, worms, trojans, and other attacks, including what some (but not many) refer to as "SMiShing", or phishing scams attempted via SMS, and it'll stop 'em at all corners, including WiFi and Bluetooth. A free 30-day trial's available now for direct download to your device from McAfee's mobile website, with the standard version running you $29.99 for a one-year subscription.[Via Geekzone]
Is Your Warcraft Account More Valuable Than Your Credit Card Info?
Microsoft has caught on to what many Warcraft players already realized - our characters and in-game items are valuable. And for some, the value of your account itself is higher than that of the credit card you use to play the game with, making account theft a lucrative target. And, while Blizzard can help restore stolen in-game goods, once your account has been compromised, it's a long and tedious process to get it back. So in all cases, it's better to protect your account before-hand - while most of it's common sense, Blizzard has some good advice on that front.[Fan art by Sarah Jaffe]
IBM brings Bluetooth to tennis fans, McAfee brings 'em down
Anticipating the flurry of excitement surrounding Wimbledon, IBM decided to go all out for the event and outfit trees around London with Bluetooth technology so fans can keep track of scores via their cellphone when they aren't near a TV or at the match itself. Not a bad idea, if you ask most people -- except for McAfee, that is. They're warning that by leaving your phone's Bluetooth function turned on all the time you might as well be begging for a virus -- not an entirely unreasonable warning, given that it's happened before. While McAfee's not telling people to avoid using the service all together, they do recommend that you set your phone to hiddend and only turn on the Bluetooth when you intend to use it, as well as practice a bit of common sense, like not installing applications or opening files that you weren't expecting to receive, and to back up your phone's data regularly. It's not clear what, if anything, the Bluetooth system will be used for after the tournament's over.[Via textually.org]
Text messages lure in virus victims
Spam via text is nothing new, but it seems crooks are now turning to SMS to cultivate legions of zombie PCs for denial-of-service attacks. The ruse apparently begins when an unsuspecting individual receives a text message thanking them for subscribing to a dating service at the pricey rate of $2 a day, which also includes instructions on how to cancel the service through a website. When the user gets to their PC and navigates to the site, they're instructed to download an executable, and you can probably guess what happens from there. Our question is, if you don't try to cancel, do you get any dating action out of it?[Via Smart Mobs]
Spansion announces plans for increased handset security
With cellphones becoming more and more computer-like, that invariably means that they're also susceptible to some decidedly computer-like problems; we're talking viruses, DoS attacks, and other headaches. Though far from the first to address the problem, Spansion is promising a new level of security for handsets by implementing security measures directly within the Flash memory subsystem. In addition to warding off threats, Spansion says their system will also enable data recovery, as well as allow for secure mobile financial transactions and access control for things like using a cellphone to open a car door or start a car. A Software Development Kit (SDK) should be available before the end of the year, with the actual security controller available in something called the Spansion Multi Chip Package (MCP) sometime in the first half of 2007. No word yet on any handset manufactures that have signed on to offer the system, however.
New World of Warcraft Trojan
A new trojan is out in the wild looking to steal your Warcraft login information. Once infected, this virus will attempt to log all keystrokes sent between your computer and the login servers (us.logon.worldofwarcraft.com or eu.logon.worldofwarcraft.com). Any data it collects - which would include your username and password - will then be sent off to a remote attacker. Symantec is currently reporting that the virus hasn't spread far yet, but it's time-consuming and difficult to recover a lost account, whereas it's fairly quick and painless to make sure your anti-virus definitions are up to date.
Apple Support doc: Mac maintenance Quick Assist
Apple has released a "Mac Maintenance Quick Assist" support document that is more or less a 10-step guide aimed at beginners for taking care of their Mac, both inside and out. These steps include good, basic practices such as using relevant names for files instead of "DSC_00001.jpg," while also recommending that you occasionally clean your Mac (duh).I was surprised to see a few tips make this list, however. The first: Check for viruses. "Macs don't get anywhere near the amount of viruses that Windows PCs are prone to, but that doesn't mean that they can't get infected," reads tip #8. I guess the guys who wrote this article didn't get the memo from the team who made the "Macs don't get viruses" TV commercials. The other odd tips deal with Mac maintenance stuff, like repairing permissions and defragging your hard drive. I was under the impression that, since Panther, Mac OS X defragged itself. On the permissions topic, there has been a lot of chatter over the last couple of months about whether repairing permissions is actually useful. Just check out the pseudo-series John Gruber had on the topic.All in all, I think I was actually a little frightened by evidence of even cheesier one-liners making their way into Apple's support docs: "As a Mac user, you won't have to do windows, but you will need to do some housekeeping!" Yuk yuk.
Password Stealing Trojan
A new trojan out in the wild is attacking computers with the goal of stealing your World of Warcraft account information. It may seem like a trivial target for virus writers, but there's definitely money to be made reselling in-game items - and, thus, money to made by stealing your password. So be certain to keep your anti-virus up to date and if your account has been compromised, contact a GM or the billing department, but expect a lengthy process of investigation to have your items or account restored.
For those of you worried about security...
There is a little application I mentioned way back in September 2005: MacScan. Does it work? Well I have no idea, because I don't use it, and I've never heard of any particular spyware for the Mac. Yet somehow a new version is out which protects against "all the latest threats." Like that Dvorak virus? Anyway, MacScan is now a Univeral Binary, so you Intel Maccers can finally rest assured knowing your box is safe. At least, while it's booted into the Mac OS. Aw dang, I just couldn't get through one post without a reference to, uh, what was that thing again? The one that lets you boot into Windows?
Automating ClamAV
For those of you without antivirus protection for your Mac (which I guess is all of you, right?) there's always ClamAV. And while Clam is fantastic, updating the package requires a cumbersome trip to Sourceforge to download and compile on your machine. Fortunately, Macosxhints has a post with a shell script automating the process. Now since Terminal is AppleScriptable, you can run this script with a simple drop down as well. In fact, shell scripts are accessible via AppleScript directly, but I digress. You could just get all fancy and grab ClamXav, the GUI front-end to ClamAV.
