virus
Latest
Japan working on powerful cyber weapon, knows best defense is a good offense
The Japanese government has been (relatively) quietly churning away on an advanced new cyber weapon. In the post Stuxnet age it's no surprise that a government would be working on powerful new tools to defend its digital borders, but this particular virus (developed with help from Fujitsu) is raising eyebrows with some over how it accomplishes its goals. Essentially, when it detects an intruding piece of malware, the program follows the virtual trail left behind back to the attack's source -- disabling every machine it encounters along the way. The goal, obviously, is to stop the spread of a malicious piece of code by finding and shutting down, not just the source, but all middleman PCs that are also now potential hosts. In some admittedly extreme scenarios this weapon could potentially spiral out of control, taking out far more computers than intended. Nightmarish hellscapes dominated by computers run amok aside, its definitely interesting and we understand how it might cause some concern. Check out the source for a few more details.
DevilRobber now "improved", still nasty malware threat
We previously told you about DevilRobber and what sort of unsavory things it can do to (and with) your Mac. (In case you don't click over to read the article, here's the scoop: it's bad. Real bad.) Back in the day (November 1st), it was a Trojan horse and sent a little of your personal info off to some far flung servers. But CNet is reporting the new version has mutated, and now it tries to grab your Terminal history and system logs. This new "improved" version can be picked up by downloading Pixelmator from someplace that is not the Mac App Store (currently the only place to legitimately get a copy). But the fun doesn't end there! It also tries (but does not succeed at) making off with information stored in your 1Password data file. CNet's story makes it sound like DevilRobber can actually do something with that file, but in reality that data is safe, as confirmed by Agile themselves. They have a nice writeup on their site about all of this and the steps you can take to make extra super sure your data is safe. This is also another of those opportunities we here at TUAW occasionally take to remind you that malware is bad but real, and you DO need to protect yourself. Remember "Macs don't get viruses" is just as accurate as "Macs don't have any good games" (which is to say not accurate at all), and protection is ridiculously easy. Get yourself a nice antivirus utility and spend a little time with Little Snitch to make sure nothing suspicious is being sent from your machine, and that should help you avoid a lot of problems.
University gets $188 million AMD-based supercomputer, free copy of Norton
It used to be that you only needed a bachelor's degree and elbow patches to be taken seriously as an academic, but now it's all about that 50-petaflop supercomputer with 500 petabytes of storage whirring away in the basement. The University of Illinois used to shop with IBM, but it's just about to have a brand new Cray XK6 installed instead, so it can continue providing computing power to the National Science Foundation's Blue Waters project. It's not all about inciting gadget envy, of course: the machine's unlikely truce of AMD Opteron 6200 16-core processors and NVIDIA Tesla GPUs will help more than 25 teams of scientists to model and understand real-world phenomena, from the damage caused by earthquakes to the way viruses to break into cells. Breakthroughs from these projects will -- hopefully, one day -- make the $188 million total cost of Cray's products and services seem like a bargain. Full details in the PR after the break.
Windows 8 gets automatic updates, enforced restarts after 72 hours of polite harassment
Windows 8 is renaming the second week of every month. After "Patch Tuesday" comes "Gentle reminder Wednesday," "Polite yet firm suggestion Thursday" and "Automatic restart Friday". In order to keep everyone's system secure, Windows Update will download patches in the background before adding a notification on your lock screen that you're due a restart. If you haven't managed it within 72 hours, you'll be given a 15 minute warning to save your work and close up before it forces the shutdown -- unless you're watching a movie or conducting a presentation, it'll lie in wait for your next idle period to do it. With this system, you'll only have to complete the procedure once a month and can plan your schedule accordingly. The only time the system will deviate is when a security threat like a blaster worm appears, at which point Microsoft will ensure you're restarting as soon as a fix is available. What, you didn't know that "keeping end-users on their toes" was a feature?
F-Secure reports Mac trojan poses as PDF
Security firm F-Secure has unearthed a troubling trojan for Macs that hides itself as a PDF, only waiting until the file is opened up and displaying some Chinese characters before it dives into your Mac's hard drive and sets up a backdoor control. Currently, according to F-Secure, the backdoor doesn't actually do anything harmful, but obviously that could change in the future, either if the original hackers take advantage of the trojan, or if someone else does. F-Secure says that the trojan currently doesn't have an icon associated with it, so in the current spotted form, it should be pretty easy to identify as a virus (especially if it shows up in just a random email). But if the trojan is embedded in a file with an extension and an icon that matches a familiar document type (like a PDF, or any other kind of file you'd open in everyday use), it's possible that the backdoor could get installed. In other words, you've got to do what you should always do on any computer: beware of any file downloaded from an untrusted source on the Internet, or any email attachments coming from a sender you don't know or recognize.
US government to beat back botnets with a cybersecurity code of conduct
Old Uncle Sam seems determined to crack down on botnets, but he still needs a little help figuring out how to do so. On Wednesday, the Department of Homeland Security and National Institute of Standards and Technology (NIST) published a request for information, inviting companies from internet and IT companies to contribute their ideas to a voluntary "code of conduct" for ISPs to follow when facing a botnet infestation. The move comes as an apparent response to a June "Green Paper" on cybersecurity, in which the Department of Commerce's Internet Policy Task Force called for a unified code of best practices to help ISPs navigate through particularly treacherous waters. At this point, the NIST is still open to suggestions from the public, though Ars Technica reports that it's giving special consideration to two models adopted overseas. Australia's iCode program, for example, calls for providers to reroute requests from shady-looking systems to a site devoted to malware removal. The agency is also taking a hard look at an initiative (diagrammed above) from Japan's Cyber Clean Center, which has installed so-called "honeypot" devices at various ISPs, allowing them to easily detect and source any attacks, while automatically notifying their customers via e-mail. There are, however, some lingering concerns, as the NIST would need to find funding for its forthcoming initiative, whether it comes from the public sector, corporations or some sort of public-private partnership. Plus, some are worried that anti-botnet programs may inadvertently reveal consumers' personal information, while others are openly wondering whether OS-makers should be involved, as well. The code's public comment period will end on November 4th, but you can find more information at the source link, below.
Russian raid suggests tie between MacDefender and ChronoPay
When the MacDefender malware made the rounds a few months ago, it sparked a frenzy of pundits claiming OS X's free ride in the malware scene was over (and as our research shows, they were wrong. Again). At the same time, we all wondered who was behind MacDefender in the first place. After a recent raid in Russia, it appears that question may have been answered. Russian law enforcement raided the offices of ChronoPay, and according to Ars Technica, the police found "mountains of evidence" that ChronoPay was providing tech support for MacDefender's bogus antivirus software. ChronoPay had earlier denied any involvement with MacDefender, but the evidence linking them to the malware program seems convincing. Like many pieces of malware for Windows, MacDefender worked by exploiting user fears of virus infection. A popup message would claim a user's Mac had been infected by a virus that only MacDefender could remove, and users who installed the software would be pestered for credit card info to purchase the software. Once users entered said info, the party behind MacDefender would then run up fraudulent charges. ChronoPay's CEO has been arrested, but Ars notes that this doesn't end the threat of MacDefender or other bits of malware. Meanwhile, although the predicted "explosion" of malware for the Mac still hasn't happened, it's still a good idea to remain vigilant against malware like MacDefender.
Microsoft to malware: your AutoRunning days on Windows are numbered
Beware, malware. The Windows AutoRun updates for Vista and XP SP3 that Microsoft released in February have so far proven successful in thwarting your file corrupting ways. Although Windows 7 was updated to disable AutoPlay within AutoRun for USB drives -- freezing the ability for a virus to exploit it -- the aforementioned versions had remained vulnerable up until right after January. Fast-forward to the period between February and May of this year, and the updates have reduced the number of incidents by 1.3 million compared to the three months prior for the supported Vista and XP builds. Amazingly, when stacked against May of last year, there was also a 68 percent decline in the amount of incidents reported across all builds of Windows using Microsoft's Malicious Software Remove Tool. There's another fancy graph after the break to help illustrate, and you'll find two more along with a full breakdown by hitting the source link down under.
Don't bring your computer viruses to Japan, because they're illegal now
Tired of getting swamped with spam and malware? Just pack your things and catch the next flight to Japan, where computer viruses are now considered illegal. Under the country's new legislation, anyone convicted of creating or distributing viruses could face up to three years in prison, or a maximum fine of ¥500,000 (about $6,200). It's all part of Japan's efforts to comply with the Convention on Cybercrime -- an international treaty that requires member governments to criminalize hacking, child pornography, and other terrible things. Privacy advocates, however, have already raised concerns over some stipulations that would allow investigators to seize data from PCs hooked up to allegedly criminal networks, and to retain any suspicious e-mail logs for up to 60 days. In an attempt to quell these fears, the Judicial Affairs Committee tacked a resolution on to the bill calling for police to exercise these powers only when they really, really need to.
Apple cracks down on MacDefender, prevents malware downloads with daily quarantine list
Preconceptions aside, Apple products do occasionally spread viruses, and not just the biological kind, which is why Cupertino saw fit to equip Mac OS X 10.6 Snow Leopard with a quarantine function to safely set malware aside. This week, however, Apple's kicking those digital white blood cells into high gear, updating that quarantine list daily with a new background process. The company's primarily got its crosshairs on the recent MacDefender scare, of course, but on the off-chance malware starts coming out of the woodwork, it sounds like you won't have to wait for a formal security update to be forewarned of the dangers. If privacy's your primary concern, however, you can also opt-out -- take a gander at our source links to see how it's done. [Thanks, Jake]
Malware, Macs, and crying wolf: Doing the math
Love Apple gear? Like math? TUAW's Doing the Math series examines the numbers and the science that lie behind the hardware. The contentious subject of Mac security has been back in the news in recent weeks following the emergence of a fake antivirus package called MacDefender (also known as Mac Security and Mac Protector) that managed to steal a number of users' credit card details, and a new piece of "crimeware" called Weyland-Yutani BOT which allows non-technical hackers to easily create password grabbing webpages that specifically target Mac browsers. This prompted a fresh round of "the Mac is under attack! Malware will drown us all! Exclamation!" blog posts, followed by the usual backlash against them. On the alarmist side, Ed Bott wrote "Coming soon to a Mac near you: serious malware", predicting doom, gloom, and dogs and cats living together. The case for the defence was eloquently made in an article entitled "Wolf!" by Mac uber-blogger John Gruber where he simply collected assorted "Mac malware is inevitable" quotes from prominent analysts... going back to 2004, and all clearly unfulfilled in the sense of widespread attacks or exploits in the wild. Bott responded with a thoughtful post where he made a more reasoned case that malware for Macs really is inevitable in the long run, regardless of how inaccurate previous predictions have been. So who's right, and who's wrong? Is it time to run to the hills or are people just sounding the gong of panic unnecessarily? In this post I'm going to try and dive a little deeper into the issues surrounding Mac malware, hypothetical and real, and separate the headlines from the facts.
MIT's genetically modified viruses boost solar-cell efficiency by herding nanotubes
The wizards of MIT have done it again. Having checked artificial leaves and Operabots off the to-do list, they've moved on to improving the efficiency of solar cells. Their technique combines a genetically modified version of the M13 virus with carbon nanotubes, which have already been shown to increase efficiency. Unfortunately, some nanotubes enhance solar cell performance, while others inhibit it – and both types tend to clump together, negating their benefits. The modified M13 virus, however, can separate the two types as well as prevent clumping; we've seen similar use of the Tobacco mosaic virus to build better electrodes. Adding virus-built structures to dye-sensitized solar cells increased power conversion efficiency by almost one-third and, with only one additional step in the manufacturing process required, the new approach could be rapidly taken up by existing production facilities. MIT: proving once again that viruses are good for more than just smiting your enemies.
Visualized: preconceived notions about personal computer security
See that chart up there? That's a beautiful visualization of a dozen folk models surrounding the idea of home computer security, devised by Michigan State's own Rick Wash. To construct it (as well pen the textual explanations to back it), he interviewed a number of computer users with varying levels of sophistication, with the goal being to find out how normal Earthlings interpreted potential threats to their PC. His findings? A vast amount of home PCs are frequently insecure because "they are administered by untrained, unskilled users." He also found that PCs remain largely at risk despite a blossoming network of preventative software and advice, and almost certainly received an A for his efforts. Hit the source link for more, but only after you've spiffed up, thrown on a pair of spectacles and kicked one foot up on the coffee table that sits in front of you.
Creeper, the first computer virus, is 40 years young today
Forty years ago today is considered by many to be the birthday of the first computer virus. Of course, in the early 1970s they weren't called computer viruses, but that doesn't make Bob Thomas's handiwork any less special. Creeper (named after a character in the old Scooby Doo cartoons) spread from BBN Technologies' DEC PDP-10 through Arpanet, displaying the message: "I'm the creeper, catch me if you can!" and messing with people's printers. One notable difference between this and the majority of viruses was the fact that it deleted old versions as it replicated itself. Incidentally, that would make 2011 the fortieth anniversary of the first antivirus software: called, appropriately enough, Reaper.
Thanko's USB kitty mask might get you noticed
You know why he's so happy? Because he's Japanese, and being Japanese is awesome. Trains run on time, robots do the work, and you get to wear kitty-faced masks with a USB- or battery-powered fan to circulate the atmosphere in front of your air holes... and nobody cares. ¥1,980 (about $24), or ¥2,190 gift wrapped for someone special.
Trojan found attached to several Android games in China
We imagine dozens of tiny Trojan horses dangling off of Android phones in China as a result of a new Trojan Horse virus named "Geinimi," but frankly, that's not what happens. Adorable as that sounds, the virus attached to several Android games found on third-party Chinese app stores could be used to allow the attacker remote control of your Android-enabled device. Folks who picked up copies of Monkey Jump 2, Sex Positions, President vs. Aliens ... wait, what? Sex Positions?! Anyway, the list also includes City Defense and Baseball Superstars 2010 (among others), and the only versions found affected thus far are those distributed via Chinese app stores -- "the original versions available in the official Google Android Market have not been affected," notes mobile security firm Lookout. "Though the intent of this Trojan isn't entirely clear, the possibilities range from setting up a malicious mobile ad network to creating an Android botnet," the company added. And while the Trojan has yet to pop up on North America-based Android devices, Lookout CTO Kevin Mahaffey noted, "possible infected apps could be posted to app stores targeting US users in the future." If you've managed to end up with Geimini on your Android device, well, stop downloading games from third-party Chinese app stores. Also, you might want to look into security software that Lookout offers for free right here.
McAfee predicts Apple under threat in 2011 (again)
It happens around this time every year -- some company that makes its money from security computers claims that next year will finally be the year the Mac goes under attack from virus programmers. This year it's McAfee, who are claiming in a report that due to the popularity of iOS devices, Apple will become a "prime target" for hackers and virii in 2011. As you might expect from a company that sells anti-virus software, McAfee claims that its research shows "threats of data and identity exposure will become more pronounced," especially on the Mac. Go figure. That's not to say that you shouldn't be careful about your computer -- always stay away from sketchy websites and browse as securely as you can, always use secure passwords, and always keep your Mac up to date with the latest patches and fixes, just in case. I'm not even saying that all anti-virus software is a waste of money -- there are some good worthwhile solutions out there if you feel they're necessary. But the anti-virus folks have been predicting Macs will finally get threatened for years now, and Apple's platform is still much more secure than most others.
AT&T, Verizon, RIM get serious about security for mobile devices
As commonplace as smartphones have become, it's about time that carriers and manufacturers start getting serious about mobile security (and no, we don't mean iPhone tethers). According to a recent Wall Street Journal article, Verizon is currently working with Lookout, a San Francisco-based company known for remote backup and geolocation apps for BlackBerry, Android, and Windows Mobile devices, while RIM has recently announced a little something called BlackBerry Protect, which promises to lock or even wipe a misplaced phone, pinpoint the thing on a map, and make regularly-scheduled wireless backups. By far the most ambitious plans in the article, however, belong to AT&T, which -- aside from recent deals with MobileIron and McAfee -- is currently opening a new mobile security lab in New York City. From here, the company will research malware, worms, viruses, and other threats as they develop in the mobile sphere. "Everyone is realizing that this is an uncontrolled environment," said AT&T chief security officer Edward G. Amoroso. "We don't want to have the same problems that we had with PCs."
Scientists attempt to predict flu spread, give ZigBee radios to 700 high school students
This is the Crossbow TelosB wireless remote platform, and it did an important job for science in January of last year -- it monitored the close proximity interactions among 788 students and staff at one US high school to track a virtual flu. After collecting over 762,000 sneeze-worthy anecdotes among the module-toting teachers and teens, Stanford researchers ran 788,000 simulations charting the path the virus might take and methods the school might try to keep it in line. Sadly, the scientists didn't manage to come up with any easy answers, as virtual vaccination seemed to work equally well (or poorly) no matter who got the drugs, but that if only we could actually monitor individuals in real life as easily as in a study, prevention would be much easier. But who will bell the cat, when it's so much less political to ionize?
World's smallest battery uses a single nanowire, plant-eating virus could improve Li-ion cells tenfold
When it comes to building better batteries, building electrodes with greater surface area is key, and scientists are looking to exotic methods to attract the tiny particles they need. We've already seen graphene and carbon nanotubes soak up those electrons, but the University of Maryland has another idea -- they're using the Tobacco mosaic virus (TMV) to generate usable patterns of nanorods on the surface of existing metal electrodes. By simply modifying the germ and letting it do its thing, then coating the surface with a conductive film, they're generating ten times the energy capacity of a standard lithium-ion battery while simultaneously rendering the nasty vegetarian bug inert. Meanwhile, the Center for Integrated Nanotechnologies (CINT) at Sandia Labs was more curious how these tiny charges actually work without confusing the forest for the trees, so to speak, so a team of scientists set about constructing the world's smallest battery. Using a single tin dioxide nanowire as anode, a chunk of lithium cobalt dioxide as cathode, and piping some liquid electrolyte in between, they took a microscopic video of the charging process. See it in all its grey, goopy glory right after the break.
