• Google Will Help Protect Your Computer from Malware

    // Gradly // blog, google, Microsoft, Tech. No Responses

    Google has been able to detect a large number of computers infected with a specific piece of malware. If you go to Google and do a search (any word will do) right now, check to see whether you get a “Your computer appears to be infected” warning at the top of the search results. If you see the message, you need to clean up the infection from your machine.

    As we work to protect our users and their information, we sometimes discover unusual patterns of activity. Recently, we found some unusual search traffic while performing routine maintenance on one of our data centers. After collaborating with security engineers at several companies that were sending this modified traffic, we determined that the computers exhibiting this behavior were infected with a particular strain of malicious software, or “malware.” As a result of this discovery, today some people will see a prominent notification at the top of their Google web search results:

    This particular malware causes infected computers to send traffic to Google through a small number of intermediary servers called “proxies.” We hope that by taking steps to notify users whose traffic is coming through these proxies, we can help them update their antivirus software and remove the infections.

    You can run a system scan on your computer yourself by following the steps mentioned here. This is malware that’s specific to Windows.

  • New Trojan Targets the Mac

    // Gradly // Apple, blog, News, Rants & Raves No Responses

    Some security researchers have long complained that Apple won’t take security seriously because doing so conflict with the company’s marketing message that Mac buyers need not worry about being attacked. The discovery of a beta of a Mac-attacking Trojan once again shows Mac invulnerability to be a myth. And in an unrelated move, Apple has reached out to security researchers, showing that it may finally take security seriously.

    The security company Sophos says that it’s found the beta of a backdoor Trojan targeting the Mac that’s “a variant of “a well-known Remote Access Trojan (RAT) for Windows known as darkComet.”

    The author calls it the ‘BlackHole RAT,’ strongly implying that plans are to have it masquerade as the legitimate Black Hole security application designed to keep a Mac safe by purging private information such as clipboard data and recent file lists.

    Sophos is quick to point out that the Trojan is not yet finished. But the company clearly believes that attacks on the Mac are in the offing. It notes on its blog:

    It appears there is a new backdoor Trojan in town and it targets users of Mac OS X. As even the malware itself admits, it is not yet finished, but it could be indicative of more underground programmers taking note of Apple’s increasing market share.

    That Sophos researcher Chet Wisniewski has seen another Trojan called HellRTS already in circulation on file-sharing sites used to pirate Mac software.

    Apple hasn’t responded specifically to these new threats, but there’s a major, encouraging sign that it is taking Mac security very seriously, possibly because it now has a big enough market share that malware writers see it as a financially viable target.

    The Edible Apple blog reports that Apple is offering security experts free preview versions of OS X 10.7, called Lion, “so that they can take a look at Apple’s new security measures and presumably reach back to Apple with any thoughts, observations, and concerns they might have.”

    The site reports that Apple sent out the following note to security experts:

    “I wanted to let you know that I’ve requested that you be invited to the prerelease seed of Mac OS X Lion, and you should receive an invitation soon. As you have reported Mac OS X security issues in the past, I thought that you might be interested in taking a look at this. It contains several improvements in the area of security countermeasures.”

    Security researchers so far are pleased that Apple seems to be taking security more seriously than they have in the past. Edible Apple reports that MacBook hacker and security consultant Dino Dai Zov tweeted “This looks to be a step in the direction of opening up a bit and inviting more dialogue with external researchers.”

    And CNet quotes OS X hacker Charlie Miller saying in an email:

    “As far as I know they have never reached out to security researchers in this way. Also, we won’t have to pay for it like everybody else. It’s not hiring us to do pen-tests of it, but at least it’s not total isolation anymore, and at least security crosses their mind now.”

    That’s more than just faint praise, it appears that Apple may finally accept that security needs to trump marketing.

    [via: computerworld]