Internet Doomsday, July 9
msnbc techblog ^ | Suzanne Choney
Posted on Sunday, July 08, 2012 11:24:36 AM by Tanniker Smith
July 9 might be “Internet doomsday” for PC and Mac users who haven’t taken steps to make sure their systems are not infected with what’s being called DNSChanger malware.
Posted on Friday, July 06, 2012 9:24:36 PM by Slambat
It’s three days and counting before the deadline by the FBI hits in which they’ve threatened to shut down your Internet connection. The agency believes they are doing Americans a favor.
Steals GPU time, tries to capture passwords, more
Anti-malware makers Sophos and Intego have warned of a new Mac OS X Trojan Horse that hides inside pirated software, specifically GraphicConverter v7.4. The malware, known as OSX/Miner-D or “DevilRobber,” steals GPU time to generate counterfeit Bitcoins (part of anonymous digital cash system) and also attempts to steal usernames and passwords through periodic screen captures. It also sends information about the Mac’s security setup and browsing history to a remote server.
In addition, if the user is already a Bitcoin user, the malware will also try to steal the credit out of the Bitcoin “wallet.” The Bitcoin digital currency has found some favor in the open-source world another communities, but has been plagued with security breaches. The malware has been added to versions of GraphicConverter that have been uploaded to illegal file-sharing networks, so at present the malware is extremely easy to avoid — but it could spread to other pirated files. Because of this, all pirated software should be regarded as potentially infected and avoided.
Following our recent security memo about the Mac Flashback Trojan horse, Intego has seen an increase in the number of Mac users infected by this malware. After publicizing this threat, many users have posted both in the comments on this blog, and on other blogs and forums about having either seen this malware download, or actually installing it.
If you end up on a site that is serving this malware, you will see something similar to this:
The first things you see are the crashed plugin graphic and the purported error messages. After this, the fake Adobe Flash installer screen pops up, and then the Flashback Trojan horse installation package downloads. At this point, if you have the default Safari settings – which allow “safe” downloads to open automatically – you will see an Installer window open.
This is effective social engineering. Savvy Mac users will not be fooled, because they know that a Flash installer would never appear in this manner, but two things make this approach believable. First, Flash Player is not installed on Mac OS X Lion, so users will need to install it themselves if they want to view Flash content on the web. Second, if they do have Flash Player installed, and have set the Flash Player preference pane (in System Preferences) to automatically check for updates, they may think that this is an update alert. (We have never had any such alerts, in spite of having checked that setting.) So this can easily fool many Mac users into downloading the malware.
For these reasons, Intego is raising the risk level of this malware to medium.
If you see a web page similar to that shown above, do not run any installer, and if the Installer window does not open, check your Downloads folder for any package file that contains the name Flash, then delete it. Only download Flash Player installers from the Adobe web site.
Note: if anyone who has been infected by this Trojan horse knows the URL at which they got it, or has a sample, please send an e-mail (with sample
Apple Orders Technicians to Feign Ignorance About Mac Malware
Apple Orders Technicians to Feign Ignorance About Mac Malware: “Apple hopes that if it pretends that malware doesn’t exist its customers will believe so too. Apple techs are under strict orders not to help customers who are suffering from malware infe Employees claim ~6 percent of Macs are now infected by malware, though many Mac owners are convinced their computers are ‘immune’ to such problems. (Source: Cult of Mac) Microsoft actually helps protect its customers from malware programs and acknowledges they exist. It even offers its customers free protection. (Source: iTech News Net) Jobs and company hope to keep customers ignorant of the truth”
Posted by Gunny G at Friday, May 20, 2011
State should have power to block individual computers from connecting to world wide web, claims CharneyMicrosoft Proposal Opens Door For Government Licensing To Access Internet 071010top2Paul Joseph WatsonPrison Planet.comThursday, October 7, 2010A new proposal by a top Microsoft executive would open the door for government licensing to access the Internet, with authorities being empowered to block individual computers from connecting to the world wide web under the pretext of preventing malware attacks.
Speaking to the ISSE 2010 computer security conference in Berlin yesterday, Scott Charney, Microsoft vice president of Trustworthy Computing, said that cybersecurity should mirror public health safety laws, with infected PC’s being “quarantined” by government decree and prevented from accessing the Internet.“If a device is known to be a danger to the internet, the user should be notified and the device should be cleaned before it is allowed unfettered access to the internet, minimizing the risk of the infected device contaminating other devices,” Charney said.Charney said the system would be a “global collective defense” run by corporations and government and would “track and control” people’s computers similar to how government health bodies track diseases.Invoking the threat of malware attacks as a means of dissuading or blocking people from using the Internet is becoming a common theme – but it’s one tainted with political overtones.At the launch of the Obama administration’s cybersecurity agenda earlier this year, Democrats attempted to claim that the independent news website The Drudge Report was serving malware, an incident Senator Jim Inhofe described as a deliberate ploy “to discourage people from using Drudge”.
Under the new proposals, not only would the government cite the threat of malware to prevent people from visiting Drudge, they would be blocked from the entire world wide web, creating a dangerous precedent by giving government the power to dictate whether people can use the Internet and effectively opening the door for a licensing system to be introduced.Similar to how vehicle inspections are mandatory for cars in some states before they can be driven, are we entering a phase where you will have to obtain a PC health check before a government IP czar will issue you with a license, or an Internet ID card, allowing you to access the web?Of course, the only way companies or the government could know when your system becomes infected with malware is to have some kind of mandatory software or firewall installed on every PC which sends data to a centralized hub, greasing the skids for warrantless surveillance and other invasions of privacy.