“Mac malware back from the dead” plus 2 more

Mac malware back from the dead
Macs Hit by Backdoor Attack
Protect your business from the cybercrime wave

Five Filters featured article: Chilcot Inquiry. Available tools: PDF Newspaper, Full Text RSS, Term Extraction.

Posted: 19 Apr 2010 01:37 AM PDT

April 19, 2010

Backdoor attack threatens Mac users

John E. Dunn, Techworld

Apple antivirus company Intego has discovered a backdoor malware attack targeting Mac users.

Able to infect both PowerPC and newer Intel-based Macs thanks to being written as a universal binary, OSX.HellRTS.D sets out to take complete control of an infected machine, setting itself up as a server capable of doing pretty much what it wants. This will include, downloading software, spewing email, set up screen sharing, accessing files on the Mac, and copying anything it finds on the clipboard.

The company describes infection levels as currently being very low, but warns that the code is circulating on hacker forums, which will give criminals access to it. No threat vectors such as spam attachments are mentioned because none have so far been used, but an infected file seems the most likely attack method.

As with so many of the small number of Mac-specific malware attacks that come up from time to time, this one is a variant of an attack from 2004, the company said, which will sound quaint to Windows users hit by thousands of variants on most days.

Mac malware is still rare enough to be worthy of an individual press release from a security company, something that hasn't been true of Windows malware for two decades. Examples are few and far between to the extent it is almost possible to name them all in a short blog, as Techworld did this week.

See also:

PC security advice

<<newer story | back to index | older story>>

Comments

What are your views on this subject? Use the form below to post a comment on this article up to 1000 characters.

What is this?

Subscribe to PC Advisor now and claim your FREE gift

Five Filters featured article: Chilcot Inquiry. Available tools: PDF Newspaper, Full Text RSS, Term Extraction.

Macs Hit by Backdoor Attack

Posted: 18 Apr 2010 06:26 AM PDT

Apple antivirus company Intego has discovered a backdoor malware attack targeting Mac users.

Able to infect both PowerPC and newer Intel-based Macs thanks to being written as a universal binary, OSX.HellRTS.D sArtwork: Chip Taylorets out to take complete control of an infected machine, setting itself up as a server capable of doing pretty much what it wants. This will include, downloading software, spewing email, set up screen sharing, accessing files on the Mac, and copying anything it finds on the clipboard.

Five Filters featured article: Chilcot Inquiry. Available tools: PDF Newspaper, Full Text RSS, Term Extraction.

Protect your business from the cybercrime wave

Posted: 18 Apr 2010 06:00 PM PDT

A: As with everything else it has touched, the Internet has changed financial fraud, too. And the problem with that is that e-scammers are more difficult to detect. But make no mistake about it – being the victim of financial fraud of any sort can put you out of business in a hurry.

Maybe the worst case of financial fraud that I have been associated with was an old client who ran a very successful, seven-figure construction company. But after his bookkeeper embezzled several hundred thousand dollars, the company had to file two separate bankruptcies before eventually going out of business anyway.

And as I said, today's bad guys have gone high-tech and have unfortunately devised new and better ways to steal your money.

Consider the recent story about a dental group in Missouri that discovered one morning that more than $200,000 had been illegally transferred out of its bank account. To make matters worse, the dentists also found out that, unlike consumers, small businesses do not get the same protections afforded consumers who are the victim of online fraud. If your credit card is stolen, and you report it promptly, your out-of-pocket loss is capped at $50.

Such is not the case with illegal commercial wire transfers.

According to Brian Krebs, a journalist who has covered this issue extensively, "Most companies that get hit with this type of fraud quickly figure out that their banks are under no legal obligation to reimburse them."

So how does this type of fraud occur, and what can you do to protect yourself? Typically, the bad guys are able to plant malware on the victim's computer and then use that to access the company's online banking profile. They then use that information to transfer huge sums of money out of the targeted accounts.

Estimates of losses to business from these types of cyberscams run from the hundreds of millions annually, to the billions.

So what do you do? To answer that question, I recently spoke with Bill Conner, the dynamic president and CEO of Entrust. Conner is one of the world's leading experts on cybersecurity, and his company provides security for everything from Homeland Security, to all U.S. and British passports, as well as providing security documents for the World Cup in South Africa and for INTERPOL agents.

According to Conner, cybercrooks are now targeting small business: "We are in an arms race with sophisticated, high tech enemies who are now concentrating on smaller business bank accounts in addition to their continued efforts to steal from large corporations." To combat the risk, Conner suggests that small businesses employ a "triple threat" security package that would include

• Authentication

• Fraud detection, and

• "Out-of-band transaction verification and signing for high-risk transactions"

Authentication and fraud detection intuitively make sense – these sorts of products look at your transaction, and transaction history, and check for suspicious activity. Conner explained that while Entrust already offers the first two types of protection, to better serve its customers, it is adding that third, necessary layer, of protection with a new product being launched this week.

"IdentityGuard Mobile" is an app for your smartphone. When a potentially suspicious activity begins to hit your account, this product sends you a text of the transaction details and asks you to authenticate and approve it before the bank can approve it.

With the challenges to small business coming from all sides – decreased lending, tighter budgets, wary consumers – the last thing we need is to take a financial hit due to cybercrime, so we must be vigilant. Keep your security patches up to date. Make sure you have a robust antivirus suite. Change your pass codes frequently. Use the triple threat.

You will be glad you did.

Today's tip: One of the real hassles of buying a new computer is moving all of your stuff off the old one and onto the new one. That is why I was happy to learn about Laplink's PCmover. PCmover moves not only your files, but the cool part is that it also easily transfers your programs and settings to the new computer. Simply install PCmover on both your old and new computers and go. Steve says check it out.

Ask an Expert appears Mondays. You can e-mail Steve Strauss at: sstrauss@mrallbiz.com.And you can click here to see previous columns. Steven D. Strauss is a lawyer, author and speaker who specializes in small business and entrepreneurship. His latest book is The Small Business Bible. You can sign up for his free newsletter, "Small Business Success Secrets!" at his website —www.mrallbiz.com.

AntiVirus Free

Monday, April 19, 2010