The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

Zeus continues to strike online bank accounts and users, and technology designed to thwart these Trojan attacks continually fails to keep up. Symantec recently came across a new Zeus file targeting five major banks in Japan. The malware, which has caused serious problems to banking customers in Europe and the U.S, now having maximum concentration on Japanese banks. Target information was reveled by Symantec after decryption of configuration file from new sample. The attacker uses Blackhole exploit kit in order to install Zeus. Zeus, a financially aimed malware, comes in many different forms and flavors. It can be tweaked to hijack personal PCs, or come in the form of a keylogger that tracks keystrokes as users enter them. But once installation over, Zeus malware aims to steal online-banking credentials, and phishing schemes and drive-by downloads are most often the avenues hackers use to spread this increasingly sophisticated and evo...

Apple has faced a number challenges over the last year related to software errors and flaws on its flagship iPhone. According to a latest video posted on YouTube  iPhone and iPad users running the latest iOS 6.1 platform can bypass the lock screen, even when a password is set. Basically, he found that by attempting and canceling an emergency call on the iPhone, holding the lock button and then taking a screenshot took him past the stage where he should have had to enter a password to access the phone. The flaw is relatively easy to exploit and this lets you bypass the security code and use the full Phone app. From there you have access to the address book, and the pictures app by trying to change a contacts picture. Apple promised to fix the iOS 6.1 iOS Exchange bug in a forthcoming software update so perhaps they'll fix this annoying glitch as well. Steps to follow: First part: -Go to emergency call, push down the power button and tap cancel. -D...

An old vulnerability in Word for OS X is being used in increasing levels of attacks,  probably government-sponsored hacking programs  against Uyghur group, including Tibetans, NGOs and human rights organizations. A number of attacks have been seen directed at the World Uyghur Congress, a Munich-based organization that promotes human rights. Potential victims are often tricked by so-called spear phishing attacks, the targets receive an e-mail with a subject relevant to their interests, and a Word document attached.  When they open the document, TinySHell exploits a vulnerability and then infects the computer. Exploit allows long-term monitoring or even control of the compromised system though a backdoor it installs. The malware is configured to connect to command and control servers that have been used for years in APT attacks. All the attacks use exploits for the CVE-2009-0563 (Microsoft Office) vulnerability and The backdoor also includes hard...

Police in Spain have arrested a gang of 11 cyber criminals who used ransomware to demand money from thousands of victims in 30 countries using malware known as Reveton . Police arrested six Russians, two Ukrainians and two Georgians in the Costa del Sol. The gang leader, a 27-year-old Russian, was arrested in Dubai in the United Arab Emirates in December 2012 on an international arrest warrant. Spanish authorities are seeking his extradition. According to researchers from Trend Micro who worked with the Spanish to track down the group, estimate that this ransomware operation netted the group more than 1 million euros a year. The Trojan was distributed using drive by download techniques, in conjunction with the Black Hole exploit kit and initially the malware was focused on German individuals, but in later months began to target other countries, primarily the USA. Trend Micro, said there were 48 different variations of the virus in use and the malware has bee...

A Cross platform back door ' Frutas ' remote access tool (RAT) is available for download on many forums from January 2013. This Trojan builder is completely written in Java. Recently, Symantec experts analyse that Frutas RAT allows attackers to create a connect-back client JAR file to run on a compromised computer. The back door builder provides some minor obfuscation, which allows the attacker to use a custom encryption key for some of the embedded back door functionality. Once a backdoor connection is established, the RAT server alerts the attacker and allows them to perform various back door functions on the compromised computer i.e Browse file systems, Download and execute arbitrary files, Perform denial of service attacks, Open a specified website in a browser. According to Symantec only 2 out of the 46 vendors from Virus Total are detecting it as a threat.