Vinay Pidathala, Hitesh Dharmdasani, Jinjian Zhai and Zheng Bu write: FireEye has uncovered and helped weaken one of the largest advanced mobile botnets to date. The botnet, which we are dubbing “MisoSMS,” has been used in at least 64 spyware campaigns, stealing text messages and emailing them to cybercriminals in China. MisoSMS infects Android systems…
Category: Malware
TN: Bojangles fast food restaurant hacked, credit card info stolen (update 1)
Mike Krafcik reports that police in Newport, Tennessee are investigating a string of fraudulent credit and debit card charges that they say point back to a fast food restaurant, Bojangles. Police believe the restaurant’s Wi-Fi network may to be blame and the problem may not be isolated to just that one location: In a statement,…
Look What I Found: Moar Pony!
Daniel Chechik and Anat (Fox) Davidi of Trustwave write: In our last episode of “Look What I Found” we talked about a fairly large instance of the Pony Botnet Controller. With the source code of Pony leaked and in the wild, we continue to see new instances and forks of Pony 1.9. One of the latest instances we’ve run…
AHW reports online stores compromised by malware
AHW LLC in Illinois operates a number of online stores. In May, and as noted previously on this blog, they notified the New Hampshire Attorney General’s Office that Green Fun Store (greenfunstore.com) had apparently been comprised during the fourth quarter of 2012. They were alerted to the breach in March by their credit card vendor, Evalon,…
Flamingo Resort and Spa notifying employees after virus may have exposed payroll information
Flamingo Resort and Spa is notifying all current and former employees after they discovered that a virus on the payroll computer might have allowed a hacker to access their personal information, including Social Security number, date of birth, address, phone number, and for those used direct deposit, bank routing numbers. The virus was discovered within…
Most malware breaches not disclosed – survey
I generally avoid re-posting press releases as they tend to be self-serving, but some contain interesting data. From ThreatTrack: ThreatTrack Security today published a study that reveals mounting cybersecurity challenges within U.S. enterprises. Nearly 6 in 10 malware analysts reported they have investigated or addressed a data breach that was never disclosed by their company….