Security Report – June 2012 : Trojan Horses At The Gates Of OSX, Android Fortified, Picture Imperfect & LulzSec Beheaded

6/7/2012 11:32:25 AM

Trojan Horses At The Gates Of OSX

New backdoor vulnerability proves to be an advanced persistent threat for Mac users

It is quite rare to hear of attacks on the OSX ecosystem, but the few times it has happened, it raised a significant number of alarms culminating in an 'end of days'-like responses.

Description: Description: New Mac OS X Backdoor Trojan Discovered

New Mac OS X Backdoor Trojan Discovered

It has happened again recently as a new Trojan called the Flashfake Trojan has spread on Macs, creating a botnet consisting of over 700,000 computers. Kaspersky Lab's researchers have discovered another malicious program that targets Macs, which has been confirmed as an Advanced Persistent Threat. Unlike the Flashfake Trojan, the new, more malicious Backdoor.OSX. SabPub.a is a real threat for users as attackers can gain full control of their computers.

Kaspersky Lab's experts set up a fake victim machine, infected by the backdoor, and on 15 April discovered some unusual activity. The attackers seized control of the infected system and started analysing it. They sent commands to view the contents of root and home folders and even downloaded some of the fake documents stored in the system.

This analysis was most likely performed manually, and not using some automated system, which is unlikely in the widespread "mass-market" malware. Therefore, it can be confirmed that this backdoor is an example of an Advanced Persistent Threat in active use.

Alexander Gostev, Chief Security Expert at Kaspersky Lab, commented: "The SabPub backdoor once again reveals that not a single software environment is invulnerable. The relatively low number of malware for Mac OS X does not mean better protection. The most recent incidents like Flashfake and SabPub indicate that the personal data of unprotected Mac users is also at risk, either because cybercriminals understand the rising market share of such machines, or because they are hired for the direct task of attacking Apple computers."

Android Fortified

Avira launches free Android security software

Description: Description: Android security software

Cases of smartphone theft has been constantly on the rise. To that end, Avira has seen fit to launch its own Avira Free Android Security software that helps users remotely locate, lock or erase an Android phone from everywhere in the world.

"Since malware threats for Android are still relatively uncommon, we first focused on anti-theft and remote device management features in Avira Free Android Security," said Jerome Chan, general manager of Avira SEA.

Avira Free Android Security comes with Avira Android Web Console, which lets you manage up to five phones remotely. The Web Console also lets you handle behind-the-scenes chores like activating/ deactivating phones, remotely checking phone activity, current battery level, device model number and device IMEI number.

Avira Free Android Security is compatible with Android versions 2.2 (Froyo) and 2.3 (Gingerbread) and is available now for download in English.

Picture Imperfect

Fake Instagram for Android app loaded with malware

Description: Description: Fake Instagram

Ever since Instagram made it to the Android Play Store, the response towards the photo taking and sharing app has been tremendous. Recently bought over by Facebook, the app has been downloaded approximately about 5 million times in less than a week of it being launched for the Google mobile operating system.

Sophos, an IT security team is reminding Android users to only download the app via a trusted source such as the Play Store. There have been reports going around of a fake Instagram APK file that is circulating around the Internet, and if installed, will send background SMSes to premium rate services, earning money for the cybercriminals.

"Just last week, we saw a bogus edition of the Angry Birds Space game and it's quite likely that whoever is behind this latest malware are also using the names and images of other popular smartphone apps as bait." said Graham Cluley, senior technology consultant at Sophos.

LulzSec Beheaded

Leader of hacking group turns in own members

Description: Description: LulzSec claimed responsibility for the attack on their Twitter acount

LulzSec claimed responsibility for the attack on their Twitter acount

LulzSec, a hacking group that is an offshoot of Anonymous, has seen several of its top members getting caught from law enforcement agencies in a crackdown that spans a few continents.

Some sources said the crackdown happened mostly due LulzSec's leader, identified as Hector Xavier Monsegur, nicknamed Sabu, an unemployed 28 year old father of two was caught last year. It is said that ever since the FBI made his identity public, he became a cooperating witness.

"They caught him and he was secretly arrested and now works for the FBI," a source close to Sabu told

As a result of Monsegur's cooperation, the remaining top-ranking members of LulzSec were arrested or hit with additional charges. The five charged in the LulzSec conspiracy indictment were identified by sources as: Ryan Ackroyd and Jake Davis, both of London; Darren Martyn and Donncha O'Cearrbhail, both of Ireland; and Jeremy Hammond of Chicago.

Data Theft Of The Month

Gamigo hacked!

Gamigo, a free-to-play MMO games library service has recently seen its website hacked, as users have run into problems trying to access the service. Gamigo's staff detected an illegal intrusion into its user database and has resulted in a temporary closure in account registration, account management and payment services. Despite this however, Gamigo has reiterated that the gaming services have not been affected by the attack, and the game servers are still secure.

Nasa admits stolen laptop contains iss codes

NASA has recently admitted that a laptop that was stolen back in 2011 had contained codes to control the International Space Station. The unencrypted laptop went missing last year and resulted in the loss of algorithms to control the ISS. Despite this however, NASA has said that at no point in time that the ISS was in jeopardy due to the data breach. Martin said software vulnerabilities in NASA machines often go unpatched and only 1 percent of NASA mobile devices are encrypted. He said that until the space agency can implement an agency-wide encryption policy, data stored on mobile devices will remain at high risk.

Hacked, again!

Not too long after being hacked by a 17 year old from Morocco, which saw information on 350,000 customers being spread out in the open, DigitalPlayground has been hacked yet again, with 73,000 email addresses, usernames and passwords. It is said that 40,000 credit card numbers containing CCV code and expiration dates were also obtained from the attack. At the time of writing, is accessible. But the site does not allow the registration of new users.

Top 10
Review : Sigma 24mm f/1.4 DG HSM Art
Review : Canon EF11-24mm f/4L USM
Review : Creative Sound Blaster Roar 2
Review : Philips Fidelio M2L
Review : Alienware 17 - Dell's Alienware laptops
Review Smartwatch : Wellograph
Review : Xiaomi Redmi 2
Extending LINQ to Objects : Writing a Single Element Operator (part 2) - Building the RandomElement Operator
Extending LINQ to Objects : Writing a Single Element Operator (part 1) - Building Our Own Last Operator
3 Tips for Maintaining Your Cell Phone Battery (part 2) - Discharge Smart, Use Smart
- First look: Apple Watch

- 3 Tips for Maintaining Your Cell Phone Battery (part 1)

- 3 Tips for Maintaining Your Cell Phone Battery (part 2)
- How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 1)

- How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 2)

- How to create your first Swimlane Diagram or Cross-Functional Flowchart Diagram by using Microsoft Visio 2010 (Part 3)
Popular Tags
Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Biztalk Exchange Server Microsoft LynC Server Microsoft Dynamic Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Indesign Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe After Effects Adobe Photoshop Adobe Fireworks Adobe Flash Catalyst Corel Painter X CorelDRAW X5 CorelDraw 10 QuarkXPress 8 windows Phone 7 windows Phone 8