By Larry Seltzer

If you're looking for a scary bit of malware you can do no better than Haxdoor, a rootkit that steals your confidential information. More frightening details in the Top Threat section.

What products are the attackers on the Internet going after? Symantec has some data on that and there's an unsurprising pattern to it. See the numbers in the Top Attacked Products section.

Try as they might to look respectable, adware vendors have a hard time avoiding abuse. Hear the tale of 180solutions in the Zango Abuse section.

A wide-open redirect on Yahoo!'s site is helping phishing attacks to conceal themselves. See how it works in this week's Top Phish.

If you think your privacy is under attack consider the situation in South Korea, where the Internet and online gaming have undermined privacy on a mass-scale. Get details in the Korean ID Theft section.

Posted by Spencer Cuffe in Adware, Spyware and Trojans at 09:23

By Iain Thomson

Security software house Kaspersky is warning of a new mobile virus that does not just target smartphones but any mobile capable of running Java (J2ME) applications.

The malware claims to be an application called RedBrowser, which allows mobile users to access WAP services without using a WAP connection by using a free SMS service.

In fact it sends data to a premium SMS service which charges around $5 per message.

Posted by Spencer Cuffe in Virus & AntiVirus News at 08:32

By William Eazel

Security experts have detected a new crimeware creation system that sells made-to-measure trojans to hackers for $990.

The code, dubbed Trj/Briz.A by PandaLabs, stands out because its author customizes the code for hackers. The malware specializes in stealing bank details and data from web forms.

According to PandaLabs, this trojan is "the most complex example of the business network based on malware."

Apart from the code, cyber-crooks that buy this crimeware also get a complex system for controlling the infection caused by the custom-built trojan. This allows the client to get a list containing a large quantity of data about the infected computers: IP addresses, passwords and even the physical location of the computers.

In this way, the cyber-crooks can always have their malicious activity under control.

The file that causes the Trj/Briz.A infection is called "iexplore.exe." It uses this name to pass itself off as Internet Explorer. When run, it downloads different files and deactivates Windows Security Center services and Shared Internet Access. It also collects information on programs like Outlook, Eudora and The Bat, which it sends to the attacker.

Posted by Spencer Cuffe in Virus & AntiVirus News at 09:21

By geekzone.co.nz

The Mobile Malware Researchers Association (MARA) has found what is believed to be the first malware to cross-infect a handheld PDA from a binary on the desktop PC.

The malware, a Trojan dubbed “crossover”, spreads from a Win32 desktop machine to a Windows Mobile Pocket PC handheld.

Detailed analysis and the malware binary are available to antivirus companies and security experts who qualify for MARA membership, which is free.

This proof of concept virus spreads from a desktop PC to a Windows CE or Windows Mobile device by running on every startup through an entry in the the registry, proceeding to wait for an Activesync connection to be detected. In every boot the virus recreates itself and again add new startup commands to the registry, which could over time lead to performance degradation on the host PC.

Posted by Spencer Cuffe in Virus & AntiVirus News at 09:19