We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks.
On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy — a 14-year-old anonymity service that rents hacked PCs to cybercriminals — suddenly went offline. Security experts had long seen a link between Glupteba and AWM Proxy, but new research shows AWM Proxy’s founder is one of the men being sued by Google.
The source code for “Carberp” — a botnet creation kit coded by a team of at least two dozen hackers who used it to relieve banks of an estimated $250 million — has been posted online for anyone to download. The code leak offers security experts a fascinating and somewhat rare glimpse into the malcoding economy, but many also worry that its publication will spawn new hybrid strains of sophisticated banking malware.
Pavel Vrublevsky, the co-founder of Russian payment processor ChronoPay, is set to appear before a judge this week in a criminal case in which he is accused of hiring a botmaster to attack a competitor. Prosecutors believe that the man Vrublevsky hired in that attack was the curator of the Festi botnet, a spam-spewing machine that also has been implicated in a number of high-profile denial-of-service assaults.
A group tasked with devising strategies to deter cyber attacks is calling for mandatory public disclosure of fraud and hacking incidents by governments and organizations of all sizes, including banks.
I recently highlighted a study which showed that most of the top third-party software applications failed to take advantage of two major lines of defense built into Microsoft Windows that can help block attacks from hackers and viruses. As it turns out, a majority of anti-virus and security products made for Windows users also forgo these valuable security protections.
A new study about the (in)efficacy of anti-virus software in detecting the latest malware threats is a much-needed reminder that staying safe online is more about using your head than finding the right mix or brand of security software.
Last week, security software testing firm NSS Labs released the results of its latest controversial test of how the major anti-virus products fared in detecting real-life malware from actual malicious Web sites: Most of the products took an average of more than 45 hours — nearly two days — to detect the latest threats.