Tag Archive for malware

ZeuS malware is now in new form, says Kaspersky

Posted on December 20, 2014 by

malwaregraphic

Anti-virus firm Kaspersky has discovered a new strain of the ZeuS virus, saying it had targeted financial institutions worldwide.

Kaspersky announced on its blog that the banking trojan’s latest form had targeted a total of 150 different banks & 20 payment systems worldwide; focusing on the infiltration of Online banking. In total, 15 countries have been attacked, including the United Kingdom, United States, Spain, Russia, Japan & Italy.

“In the fall of 2014, we discovered a new banking Trojan, which caught our attention for two reasons:

First, it is interesting from the technical viewpoint, because it uses a new technique for loading modules.
Second, an analysis of its configuration files has shown that the malware targets a large number of online-banking systems: over 150 different banks and 20 payment systems in 15 countries. Banks in the UK, Spain, the US, Russia, Japan and Italy make up the majority of its potential targets.”

Kaspersky Lab has named the new malware as Trojan-Banker.Win32.Chthonic.

 

 

 

Advertising Message

 

Comments Off on ZeuS malware is now in new form, says Kaspersky Posted in Digital World News, Internet News

Russian malware SoakSoak has soaked through 100,000 WP Sites already

Posted on December 16, 2014 by

malwaresymbolThe Russians are at it again. Online security firm Sucuri has said it has detected a malware called SoakSoak which has infected over 100,000 WordPress (WP) Sites since last Sunday.

According to Sucuri, the malware uses a vulnerability in a slideshow plug-in called Slider Revolution. The Slider Revolution team, it claimed, had known about the vulnerability since September, but they failed to fix it.

A post on the official Sucuri blog said: Yesterday we disclosed a large malware campaign targeting and compromising over 100,000 WordPress sites, and growing by the hour. It was named SoakSoak due to the first domain used in the malware redirection path (soaksoak.ru).

After a bit more time investigating this issue, we were able to confirm that the attack vector is the RevSlider plugin. We disclosed a serious vulnerability with this plugin a few months ago, it seems that many webmasters have either not heard of or did not take seriously the vulnerability.

The biggest problem, it seems, is that the RevSlider plugin is a premium plugin, which means it’s not something everyone can easily upgrade. The security firm posted that some Website owners did not even  know they had contracted the virus, as it had been packaged & bundled into their themes. Sucuri said it was remediating 1000s of Sites.

There’s also a warning for some from Sucuri: We are hearing a lot of recommendations Online to just replace the swfobject.js and template-loader.php files to remove the infection.

It does removes the infection, but does not address the left over backdoors and initial entry points. The website will be reinfected quickly. If you are affected by this, expect to find yourself riddled with backdoors and infections, you have to not only clean, but also stop all malicious attacks. You can stop malicious attacks through the use of a Website Firewall, ours or someone else, just use a Firewall, a real one preferably.

You may also want to read: Android users since 2010 may have had their data exposed because of vulnerability

Advertising Message

Comments Off on Russian malware SoakSoak has soaked through 100,000 WP Sites already Posted in Internet News
« Older Entries