Syber Group
Toll Free : 855-568-TSTG(8784)
Subscribe To : Envelop Twitter Facebook Feed linkedin

Dyreza Trojan Targeting Windows 10

December 9, 2015 by  
Filed under Computing

Comments Off on Dyreza Trojan Targeting Windows 10

An infectious banking trojan has been updated so that it supports financial mayhem on the freshly baked Windows 10 operating system and supporting Microsoft Edge browser.

Microsoft reckons that Windows 10 is installed on over 100 million machines, and this suggests prime picking for people who deploy banking trojans, not to mention the fact that most people will still be getting used to the software and its services and features.

The newest edition to the Windows 10 spectrum is a variant of the Zeus banking malware known as Dyreza. It is related to Dyre, a threat that we reported on earlier this year.

The warning at the time was that as many as one in 20 online banking users could be exposed to the threat, and things look as bad this time around. Heimdal Security said in a blog post that the malware has been strengthened in scale and capability.

“The info-stealer malware now includes support for Windows 10. This new variant can also hook to Microsoft Edge to collect data and then send it to malicious servers,” said the post.

“Moreover, the new Dyreza variant kills a series of processes linked to endpoint security software in order to make its infiltration in the system faster and more effective.”

The threat already has a footprint, and the people behind it have increased it. Heimdal said that, once Dyreza is done with your bank account, it will move you into position on a botnet. The firm estimates that this botnet is currently 80,000-strong.

“By adding support for Windows 10, the Dyreza malware creators have cleared their way to growing the number of infected PCs in their botnet. This financial trojan doesn’t only drain the infected computers of valuable data, it binds them into botnets,” said Heimdal.

Source- http://www.thegurureview.net/computing-category/dyreza-trojan-appears-to-be-targeting-windows-10.html

Is The Shifu Trojan Wreaking Havoc In Japan?

September 17, 2015 by  
Filed under Computing

Comments Off on Is The Shifu Trojan Wreaking Havoc In Japan?

Security research has found a banking trojan called Shifu that is going after Japanese financial firms in a big way.

Shifu is described as “masterful” by IBM X-Force, and is named after the Japanese word for thief, according to the firm. It is also the Chinese word for skilled person, or tutor.

X-Force said in a blog post that the malware has been active since the early summer, and comprises a number of known tools like Dyre, Zeus and Dridex. It has been put together by people who know what they are doing, and sounds like a significant problem for the 20 institutions it is targeting.

“The Shifu trojan may be a new beast, but its inner workings are not entirely unfamiliar. The malware relies on a few tried-and-true trojan mechanisms from other infamous crimeware codes,” said the IBM researchers.

“It appears that Shifu’s internal makeup was composed by savvy developers who are quite familiar with other banking malware, dressing Shifu with selected features from the more nefarious of the bunch.”

The Shifu package offers a range of attack features as well as clean-up tools to cover its tracks. It reads like a Now that’s what I call … recent attacks compilation CD, and has some oldies but baddies.

“Shifu wipes the local System Restore point on infected machines in a similar way to the Conficker worm, which was popular in 2009,” added the firm as one example.

The package can wreak havoc on companies and their users. If we had a bucket of damp sand we would pour it all over Shifu and stamp on it.

“This trojan steals a large variety of information that victims use for authentication purposes. For example, it keylogs passwords, grabs credentials that users key into HTTP form data, steals private certificates and scrapes external authentication tokens used by some banking applications,” said IBM.

“These elements enable Shifu’s operators to use confidential user credentials and take over bank accounts held with a large variety of financial service providers.

“Shifu’s developers could be Russian speakers or native to countries in the former Soviet Union. It is also possible that the actual authors are obfuscating their true origin, throwing researchers off by implicating an allegedly common source of cybercrime.”

Source-http://www.thegurureview.net/computing-category/is-the-shifu-trojan-wreaking-havoc-in-japan.html

Is Android Safer Than iOS?

March 21, 2013 by  
Filed under Computing

Comments Off on Is Android Safer Than iOS?

The general consensus is that iOS apps tend to be somewhat safer than their Android counterparts. Apple goes to great lengths to have apps vetted and as a result far fewer iOS apps end up with malware or security issues.

However, a new report fresh out of Appthority claims iOS apps have their fair share of issues and in some respects then can pose an even greater security risk than Android apps. The report covered the top 50 apps from the Apple App Store and Google Play and found that iOS apps exhibited riskier behaviour.

“The majority of iOS apps track for location (60%), share data with advertising or analytics networks (60%) and have access to the user’s contact list (54%). A small percentage of iOS apps also had access to the user’s calendar (14%),” the report found.

However, Android fans shouldn’t be too happy since their platform is not far behind. Half of them share data with ad networks or analytics companies, while 42 percent tracked location. Slightly better, but nothing to be proud about.
One of the most worrying findings is that both Android and iOS apps don’t do much to prevent personal data from leaking from our devices. Not a single iOS app analyzed in the study used encryption to send and receive data, and neither did 92 percent of Android apps.

So while it might seem that Android is a somewhat better platform for users with privacy concerns, both Google and Apple are pants at that sort of thing.

Source

Apple Website Is Ripe For Hacking

July 4, 2011 by  
Filed under Around The Net

Comments Off on Apple Website Is Ripe For Hacking

According to the Ethical Hacking group YGN, Apple’s website for developers is virtually wide open and gives the opportunity for hackers to introduce malware such asphishing attacks to gain access to subscriber’s vital personal information.

One group known as Networkworld identified three holes on Apple’s website that arbitrary URL redirects, cross-site scripting and HTTP response splitting. That said, these holes could allow hackers to arbitrarily redirect to other websites and make phishing attacks against developers login credentials more successful.

Read More…..

Hacker Writes Trojan For Apple’s Mac

March 1, 2011 by  
Filed under Computing

Comments Off on Hacker Writes Trojan For Apple’s Mac

As Apple’s popularity continues to increase, so too does the malicious interest of hackers in their famed products. Researchers at Sophos say they’ve uncovered a new Trojan horse program written for the Mac.

It’s called the BlackHole RAT (the RAT part is for “remote access Trojan”) and it’s pretty easy to find online in hacking forums, according to Chet Wisniewski a researcher with antivirus vendor Sophos. There’s even a YouTube video demo of the program that details what its capable of doing.

Sophos hasn’t seen the Trojan used in any online attacks -it’s more a bare-bones, proof-of-concept beta program right now – but the software is pretty easy to use, and if a criminal could find a way to get a Mac user to install it, or write attack code that would silently install it on the Mac, it would give him remote control of the hacked machine. Read More….

Conflicker Worm Still Wreaking Havoc

February 13, 2011 by  
Filed under Computing

Comments Off on Conflicker Worm Still Wreaking Havoc

Security firm fighting the dreadful Conflicker worm claim that they have it on the ropes. The team of computer-security researchers said they managed to neutralize the worm’s impact by blocking its ability to communicate with its developer, who is still anonymous.

Unfortunately after years of trying fighting the Conflicker, security experts estimate the worm infects between five million to fifteen million computers.  The Conficker worm, showed up in 2008. The worms intent is to disable a computer’s security measures, including Windows software updates and antivirus protection, leaving machines vulnerable to more malicious software.  Read more….