The Pony botnet has been identified as a digital wallet thief, done so by Trustwave's SpiderLabs, which detailed its findings in a recent blog post. The botnet is known to steal credentials, but to a lesser degree it is also nabbing digital coins from the wallets of infected users. The theft takes place across multiple currency types: Bitcoin, Litecoin, and 28 more.
The SANS Institute's Internet Storm Center discovered a worm that affects older Linksys wireless routers after receiving multiple complaints from owners. The ISC, as it is called, published a write up about what it had discovered about the worm called TheMoon, as well as possible models at risk. Linksys has followed up the notification with a confirmation of the issue.
Flappy Bird's creator may have yanked the game out of concern for players' addiction to the hit title, but fake versions may do damage to their wallets instead, with trojan malware flooding the Google Play store. Beleaguered developer Dong Nguyen opted to pull the official downloads of Flappy Bird because the thought of players unable to put down the simple game was giving him sleepless nights. However, its absence opened the gates for clones to take its place, some of which have been found to make unexpected premium charges to monthly smartphone bills.
What could be one of the most advanced cyber-espionage and malware systems has been identified, with Kaspersky Lab discovering a wide-reaching hacking scheme that has affected more than 380 different victims across 31 different countries. Dubbed "The Mask" from the Spanish slang "Careto" - meaning "ugly face" or "mask" - found in the malware code, the hackers have put together what Kaspersky describes as an "extremely sophisticated" set of tools including versions for Windows, Mac, Linux, and potentially Android and iOS. In addition to the broad range of potential victims, the amount of data that can be extracted from an infected machine is vast.
Emisoft has come forward with details on a newly discovered form of ransomware. This one is dubbed "Linkup" and while it will hold your computer hostage, it doesn't lock your computer or encrypt all your files like we have seen in the past. Instead, this version of Linkup blocks Internet access and also turns your system into a bitcoin mining zombie.
Browser hijacking is an annoying sort of malicious activity that often spawns from downloading toolbars or freeware of some sort, the end result being a messed up browser and trouble regaining control. Late last year, Chrome scored a "Reset browser settings" button, something Google has decided to take up a notch for Windows users.
The Neiman Marcus hack saw potentially 1.1m credit card details stolen, the high-end retailer has admitted, though claims no online customers were impacted nor PINs stolen. "The malware actively attempted to collect or "scrape" payment card data from July 16, 2013 to October 30, 2013" Neiman Marcus president and CEO Karen Katz wrote in an open letter to customers, though so far credit card companies have said only around 2,400 cards have actually seen fraudulent activity as a result. Still, the retailer has offered a make-up deal to anyone who shopped there between January 2013 and 2014.
Yahoo has been hit with criticism after it has failed to tell people exactly how widely malware that it served to some visitors to its homepage has spread. Reports indicate that the malware infection of Yahoo ad servers served ads that transmitted malware to as many as two million computers in Europe.
The NSA developed in 2008 a software program for iPhones that can selectively and stealthily deliver data from iPhones to the NSA. The program is called DROPOUTJEEP. News of the malware is the latest to come out of the ongoing Snowden document media bonanza.