Latest Malware Threats

Heard of Nickispy or Morto – If your thought  on these terms has taken to some comic characters , well they do have characters and it’s form is destructive malware.Trojans, Worms like all sorts of malware variants are n news every week/day , and most security vendors are deeply engaged in specific solutions to get rid of these updated malwares -since Hackers spend their most life time in creating it.Now have a look around on some of Top threats recently based on different OS platforms.
For Google+ users with Android OS beware of this spy trojan.Nickispy is a family of Trojan horse viruses that targets smartphones powered by the Android operating system.  The most recent strain of Nickispy, Nickispy.C, duplicates as the Google+ (Google Plus) service in an attempt to dupe Android OS users into installing the malware.  Nickispy.C attempts to trick users into installing a third-party app called Google++ (notice the use of two “plus” signs rather than one), and it even uses the same icon as the real Google+ service.
This Android spyware automatically executes upon boot-up and runs certain services that monitor SMS, calls, and location.When executed, it does several routines such as gathering the GPS location, recording calls made in the infected phone, and stealing messages in the inbox and outbox.It sends the information it gathers to a remote site using port 2018.This spyware may be unknowingly downloaded by a user while visiting malicious websites.
Users installing Google++ provide Nickispy with complete access to their smartphone’s text messages and call logs, and the malware can even record phone calls as well as GPS position history.   Nickispy can additionally secretly answer calls on its own and send a user’s private information to a remote site without the user’s knowledge.Most vulrebality of these malware variant are seen in Android smartphones running  OS version 2.2 or earlier.Smartphones running version 2.3 (“Gingerbread”) or later are protected from this as a result of the modify_phone_state permission being disabled.
File size: Varies
File type: DEX
Memory resident: Yes
Initial samples received date: 12 Aug 2011
Payload: Record and collect calls, Answers calls, Steals information

This Mac OS based  malware disguises itself as a harmless document by dropping and executing a non-malicious .PDF file onto the affected system.This Trojan connects to a certain website to download and execute a malicious file detected by Trend Micro as OSX_IMULER.A.
This Trojan may be unknowingly downloaded by a user while visiting malicious websites.It executes the downloaded files. As a result, malicious routines of the downloaded files are exhibited on the affected system.This Trojan may be unknowingly downloaded by a user while visiting malicious websites.Seems to be Mac OS updates fixed this vulnerability.
File size: 192,512 bytes
File type: ELF
Memory resident: No
Initial samples received date: 23 Sep 2011
Payload: Downloads files

Morto is computer worm that spreads via the Windows Remote Desktop Protocol (RDP) and infects Microsoft Windows workstations and servers. Morto first appeared publically in August 2011, when network administrators started noticing heavy spikes in traffic on Port 3389/TCP.
File size: 50,372 bytes
File type: EXE
Memory resident: Yes
Initial samples received date: 29 Aug 2011
Payload: Terminates processes

An Android OS based Trojan that silently executes malicious code in the background.This is the new variant of DroidDreamLight that exhibits information theft routines. It also guises itself as apps like battery-monitoring tool, a task-listing tool, and an app listing the permissions used by installed apps.
File size: 268,640 bytes
File type: DEX
Memory resident: Yes
Initial samples received date: 14 Sep 2011
Payload: Steals information


About Technology Timely

Aimed on updated tech news

Posted on September 27, 2011, in Security, Technews. Bookmark the permalink. 2 Comments.

  1. Please tell me how to save my Android Device from this critical virus?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: