New malware turns your computer into a digital cash machine

News No Responses »
Aug 182011

Why write a bot that spams people with Viagra ads when you can write a bot that just wrings coins directly out of their computer chip?

For the uninitiated, Bitcoins are a digital currency that can be minted from excess CPU cycles of a computer and used in a variety of Internet contexts. More on Bitcoins:

http://www.nmdnet.org/2011/06/12/is-bitcoin-the-future-of-money/

So the money being “stolen” is not existing cash that is somehow withdrawn from your bank account or charged to your credit card, but is new money “printed” when your computer is hijacked by the malware.

This is kind of like breaking into an alchemist’s shop and making gold from his leftover iron.

GPGPU Bitcoin Mining Trojan

“Security researchers have unearthed a piece of malware that mints a digital currency known as Bitcoins by harnessing the immense power of an infected machine’s graphical processing units. According to new research from antivirus provider Symantec, Trojan.Badminer uses GPUs to generate virtual coins through a practice known as minting. That’s the term for solving difficult cryptographic proof-of-work problems and being rewarded with 50 Bitcoins for each per correct block.”

Posted by Jon Ippolito at 7:30 pm Tagged with: , , ,

Is that a suicide note on your Facebook page, or is your bot just happy to see me?

News 1 Response »
Jan 212011

Just when you thought it was safe to use a Mac. Well, I guess it’s still pretty safe if you don’t click on that suspicious Facebook link.

Java: write once, spam everywhere.

http://www.theregister.co.uk/2011/01/19/mac_linux_bot_vulnerabilities/

(via Bruce Sterling)

“The bot was discovered spreading over Facebook posts that planted the following message on infected users’ Facebook pages: “As you are on my friends list I thought I would let you know I have decided to end my life.” An included link leads recipients to a cross-platform JAR, or Java Archive file that can run on Windows, Mac, or Linux. Once the recipient is infected, his Facebook page carries the same dire warning.”

“Known as Trojan.Jnanabot, or alternately as OSX/Koobface.A or trojan.osx.boonana.a, the bot made waves in October when researchers discovered its Java-based makeup allowed it to attack Mac and Linux machines, not just Windows PCs as is the case with most malware. Once installed, the trojan components are stored in an invisible folder and use strong encryption to keep communications private.

“The bot can force its host to take instructions through internet relay chat, perform DDoS attacks, and post fraudulent messages to the victim’s Facebook account, among other things….”

Posted by Jon Ippolito at 12:10 pm Tagged with: , , , , ,

Rogue PDFs Behind 80% of Exploits In Q4 '09

News No Responses »
Feb 172010

Somehow people have the feeling that PDF is some innocent image format…

Just hours before Adobe is slated to deliver the latest patches for its popular PDF viewer, ScanSafe announced that by its counting, malicious Adobe Reader documents made up 80% of all exploits at the end of 2009.

http://rss.slashdot.org/~r/Slashdot/slashdot/~3/9MiQjsbAEBU/Rogue-PDFs-Behind-80-of-Exploits-In-Q4-09

Posted by John Bell at 6:04 pm Tagged with: , ,

Rogue PDFs Behind 80% of Exploits In Q4 '09

News No Responses »
Feb 172010

Bookmark this category
Somehow people have the feeling that PDF is some innocent image format…

Just hours before Adobe is slated to deliver the latest patches for its popular PDF viewer, ScanSafe announced that by its counting, malicious Adobe Reader documents made up 80% of all exploits at the end of 2009.

http://rss.slashdot.org/~r/Slashdot/slashdot/~3/9MiQjsbAEBU/Rogue-PDFs-Behind-80-of-Exploits-In-Q4-09

Posted by John Bell at 5:04 pm Tagged with: , ,
© 2011 UMaine NMDNet Suffusion theme by Sayontan Sinha