Security & Privacy

A new Mac OS X Trojan is making the rounds, installing an adware plug-in that renders ads on Web pages to generate revenue for its author.

Dubbed Trojan.Yontoo.1, it is the most prominent of an increasing number of adware Trojans making the rounds, according to Russian antivirus company Dr. Web, the same company that discovered the Flashback virus last year.

"Criminals profit from affiliate ad network programs, and their interest in users of Apple-compatible computers grows day by day," Dr. Web said yesterday in a statement. "Recently discovered, Trojan.Yontoo.1 can serve as a … Read more

Matthew Keys, the deputy social media editor at Reuters who was recently indicted of charges of conspiring with Anonymous, has denied allegations he fed information to the hacktivist group that led to the defacement of the Los Angeles Times Web site.

Prosecutors alleged last week that Keys, a former Web producer for a TV station owned by the Tribune Company, handed over log-in credentials and passwords for the network of his former employer to members of the hacker group a couple of years ago. The Tribune Company also owns the L.A. Times.

The Los Angeles Times site's defacement … Read more

The cyberattack that targeted banks, TV broadcasters, and an Internet service provider in South Korea yesterday originated from an IP address in China, but the identities of the people responsible remain unknown, South Korean regulators say.

"We've identified that a Chinese IP has connected to the organizations affected," a spokesman for South Korea's Communications Commission told a press conference on Thursday, according to a Reuters account of the event.

The revelation comes a day after a massive coordinated attack on servers in South Korea led officials to raise the alert status for the nation's army … Read more

A newly discovered botnet has found a way to siphon cash from advertisers.

Spider.io, a security researcher, yesterday announced that it has discovered a new botnet, called Chameleon, that's targeting "at least" 202 Web sites. The botnet is made up of over 120,000 host machines running Windows, according to Spider.io. Those machines are connecting to the Web with a Flash-friendly Trident-based browser that executes JavaScript. The vast majority of the machines -- 95 percent -- have come from U.S.-based IP addresses.

The botnets have targeted at least 202 Web sites, hitting them … Read more

A security researcher has revealed a method for accessing applications running on a locked Samsung handset.

The flaw is somewhat similar to one that was revealed by another researcher earlier this year on iPhones. On a Samsung handset, users can, from the lock screen, pretend to dial an emergency services number, quickly dismiss it, and with some sleight of hand, quickly gain access to any app or widget, or the settings menu in the device. The dialer can also be launched, allowing the "hacker" to place a call.

According to Terence Eden, who discovered the flaw and posted … Read more

Apple has finally managed to contain the Evasi0n jailbreak.

Released yesterday, iOS 6.1.3 fixes a security bug that allowed someone to sneak past the lock screen and make phone calls, listen to voice mail, and view contact photos.

But the update also patched several holes that Evasi0n exploited to perform an untethered jailbreak on all iOS devices, including the latest iPhone, iPad, and iPod Touch. People who upgrade to iOS 6.1.3 will no longer be able to use Evasi0n to jailbreak their devices. And once on 6.1.3, newer Apple devices cannot be downgraded to … Read more

South Korea's police are currently investigating a "massive" hack attack on Internet service provider LG Uplus, which led to server outages at three domestic broadcasters and two major banks.

As a result, the army raised its alert status amid concerns the attacks were initiated by its neighbors in North Korea.

Reuters reported Wednesday that authorities were looking into the attack on LG Uplus, which was suspected to be conducted by a group calling itself the "Whois Team".

The investigations were triggered by disrupted servers at television networks YTN, MBC and KBS. Customers at Shinhan Bank … Read more

Security researchers say they have identified a botnet that steals more than $6 million per month by generating fake customer clicks on online display ads.

Dubbed Chameleon, the botnet has infected more than 120,000 Windows-based computers in the U.S., mimicking human behavior on select Web sites to generate billions of ad impressions and fraudulent income for its creators, according to security firm Spider.io.

Click fraud costs Web advertisers in lost revenue by making them pay for illegitimate clicks. Spider.io reported that advertisers paid an average of 69 cents per one thousand impressions generated by the botnet. … Read more

The Obama Administration is headed to court today to argue that warrantless GPS tracking is just fine.

The administration will present its arguments before a federal appeals court today, despite the U.S. Supreme Court last year ruling that a warrant was needed to attach a GPS device to a suspected criminal's vehicle. According to Wired, which first reported on the story, the government believes that the high court's ruling does not account for all scenarios, and wants to see where its ruling should and shouldn't be held up.

The Supreme Court's ruling last year was … Read more