Tag Archive: McAfee


McAfee Threats Report

Antivirus company McAfee released a report on threats to Q4 2012. According to the report, the focus shifted to sophisticated attacks: previously had threatened the financial industry, and now the scammers are becoming increasingly interested in other important areas of economic activity.

In the attack uses a range of new tactics and technologies that bypass the security standards in the industry. Continue reading

Payment TerminalsThe new virus is similar to the previously known malware Dexter, but surpasses its predecessor in terms of functionality.

McAfee is found in one of the underground Russian forums about selling a Trojan to steal credit card data users POS-terminals.

Malicious program called vSkimmer, and can work together with the connected POS-terminals readers of bank cards, reading them with additional data. The virus also infects the operating system Windows, which is operated devices connected to the reader. All stolen vSkimmer data is sent to a remote server.

Presumably, the new virus is similar to the previously known malware Dexter, but surpasses its predecessor in terms of functionality.

In McAfee noted that the botnet vSkimmer «particularly interesting in that its purpose becomes POS-terminals running Windows». Continue reading

SymantecIn the anti-virus company Symantec today said they analyzed the code used during yesterday’s cyber attack on South Korean bank and TV servers.

The company came to the conclusion that, for a massive attack used Windows-malware, which has in its composition module to remove the information including the Linux-machines. According to Symantec, the malware was named Jokra and is a rather unusual development.

“We are quite rare components of malicious programs that run on a set of operating systems at once, so the code in this regard is quite interesting. Interesting to see how attackers trying to hurt Linux-machines even when the code was originally created under Linux”, – is spoken in Symantec.

Inside Jokra also have components test version of Windows using the program mRemote, which places the modules for remote control of different platforms.

According to official data, South Korea is now investigating the next attack. It is known that within it hit four banks and a number of local TV stations. Today, representatives of South Korea said that a cyber attack was carried out with the Chinese IP-addresses. Some time ago, the Korean telecom regulator said that hackers used a Chinese IP-addresses and to attack with the aim of placing malicious code on Korean computers. They also state that have not yet completed the investigation and continue to search for the final attack organizers. Continue reading

%d bloggers like this: