Bradley Barth reports: A supposedly legitimate French software firm, Tuto4PC, has actually infected an estimated 12 million PC users with a generic trojan disguised as downloadable utilities programs, according to an in-depth analysis from Cisco’s Talos research division. The so-called utilities software creates a backdoor on infected machines to automatically deliver payloads with spyware and adware capabilities, explained blog post authors and researchers Warren Mercer…
Category: Malware
Toymaker’s website pushes ransomware that holds visitors’ files hostage
Infecting site visitors with malware cannot be good for business. Their PR department must be going nuts over this one…. Dan Goodin reports: The website belonging to Maisto International, a popular maker of remote-controlled toy vehicles, has been caught pushing ransomware that holds visitors’ files hostage until they pay a hefty fee. Malicious files provided by…
Open wide and say, “Aaaargh.” ADA sends malware to dental offices?
Oh, wonderful. The American Dental Association (ADA) says it may have inadvertently mailed malware-laced USB thumb drives to thousands of dental offices nationwide. The problem first came to light in a post on the DSL Reports Security Forum. DSLR member “Mike” from Pittsburgh got curious about the integrity of a USB drive that the ADA mailed to members to share updated…
Hacker With Victims in 100 Nations Gets 7 Years in Prison
Patricia Hurtado reports: An Estonian man who admitted directing what the U.S. called a massive “cybercriminal enterprise” that infected more than 4 million computers in 100 countries was sentenced to more than seven years in prison, the U.S. said. Vladimir Tsastsin, who was brought to the U.S. in 2014 for trial after fighting extradition for…
FIN6 Group Stole Tens of Millions of Credit Card Records from PoS Systems
Catalin Cimpanu reports: Yesterday, security researchers from FireEye and iSight Partner revealed a report detailing the previously unknown mode of operation of a criminal group named FIN6. FireEye says the group surfaced in 2015 and focused only on the theft of financial information, mainly credit card data from organizations in the retail and hospitality sectors….
SpyEye Makers Get 24 Years in Prison
Brian Krebs reports: Two hackers convicted of making and selling the infamous SpyEye botnet creation kit were sentenced in Georgia today to a combined 24 years in prison for helping to infect hundreds of thousands of computers with malware and stealing millions from unsuspecting victims. Atlanta Judge Amy Totenberg handed down a sentence of nine years, six months for Aleksandr Andreevich Panin, a 27-year-old Russian national…