Computer Security Updates Week 1 of Apr 2013

Refer to Computer Security Updates Week 5 of Mar 2013; in which the biggest news was nothing. Most still lingered onto the Spamhaus DDoS attack which was considered to be unprecedented and largest ever recorded in the industry.

It looks as if the whole industry had exhausted resources into this incident which some said almost broke the Internet; perhaps in Europe only.

For this week, here are the biggest news.
  • Kaspersky Security Scan detects active infections on computers protected by other vendors.
  • Symantec detected rising activities for banking trojan Shylock.
  • Yahoo reported NKorea's Twitter account hacked amid tension.

Check out computer security weekly updates.

Petaling Jaya, April 5, 2013 - Kaspersky Security Scan detects active infections on computers protected by other vendors

Through Kaspersky Security Scan, data from as early as 2013 showed that more than 250,000 computers with up-to-date security software from other vendors are vulnerable to malicious programs infection.

Most of these were in the Americas, as well as Europe (including Russia and Turkey). Our experts are confident that this sample is sufficiently representative to mirror the real situation.

The absolute numbers of malware programs that went undetected by security products varied. However, this is a problem for 4–5.5% of users, depending on the product vendor. The infection rates of computers with antivirus products also varied by country. The lowest percentage (less than 3%) was recorded in: Germany, Austria and Switzerland. A figure of slightly more than 3% was seen in Scandinavia and the Czech Republic. The highest infection rates on computers with updated antivirus databases (over 10%) were recorded in Russia, Ukraine, Belarus, Kazakhstan, Turkey, Indonesia, Thailand, the Philippines, Vietnam, India and Egypt.

Kaspersky Security Scan is a free application which scans the system for malware. It is a so-called Second Opinion Solution which does not need to be installed and can even be used on computers where another security solution is already in use. If malware is detected it sends anonymous data to Kaspersky Lab about the system scanned and the threats detected. The utility has been available for download since late May 2012. From May 22 last year up to mid-March 2013, Kaspersky Security Scan has been downloaded and installed by more than one million users globally.

Kaspersky decided not to name those IT security software vendors.

Symantec, Apr 5, 2013 - Shylock Beefing Up and Looking for New Business Opportunities

Symantec performed deeper analysis into the Shylock threat; a banking trojan which is c&c-powered which performs MITB attack to steal steal user credentials and apply social engineering tactics in order to convince the user to perform fraudulent transactions at the target institution.

Symantec considers this threat as sophisticated with robust architecture that comes with load balancing feature - it was first discovered in year 2011.

Recent monitoring found that its activities are picking up where downloading and executing of its complementary modules have been observed.

Five central C&C servers are currently controlling the Shylock botnet. These servers are situated in Germany and the United States at various hosting providers. Servers communicate with each other via SSH and HTTPS protocols.

Shylock is mainly predominant in the U.K and is fast spreading to other countries.

Get more details.

Yahoo, Apr 4, 2013 - NKorea's Twitter account hacked amid tension

Yahoo reported that hackers apparently broke into at least two of North Korea's government-run online sites.

The North's Uriminzokkiri Twitter and Flickr accounts stopped sending out content typical of that posted by the regime in Pyongyang, such as photos of North's leader Kim Jong Un meeting with military officials.

Get more details.