A Week in Security (Apr 05 - 11)

A Week in Security (May 10 – May 16)

It’s been a busy week on the blog, with many different angles of attack covered.

First off, we looked at a compromised .gov website sending visitors to an Apple ID phishing scam. From there, we examined the website of Jamie Oliver which had been compromised for a third – and hopefully final – time, landing unfortunate visitors with a password stealer.

In PUP land, we took a deep dive into a program called WinYahoo, which was able to modify Google Chrome’s secure preferences without the browser detecting said changes. It also installed an additional extension which was capable of injecting Javascript into webpages.

An alarming message recently appeared on PCs via an advertising network which bore the cryptic message “Payload tested“. We examined what went on, and attempted to get to the bottom of the mystery.

Malware tried to sink its teeth into the modding World of GTA V, forcing owners of the game to be on their guard against fake files bearing gifts – and not the good kind.

Notable news stories and security related happenings:

  • A Concentration Camp Memorial Website was compromised and offered up illegal images to visitors right at a time when the site was likely to experience an increase in traffic (Source: The Register)
  • The latest Microsoft Security Intelligence Report offers fresh statistics which may nudge some die-hard users of Windows XP in the general direction of a newer OS (Source: SC Magazine)
  • Google continues to clamp down on the possibility of rogue Chrome extensions by announcing that all extensions will need to be hosted on the Chrome Web Store (Source: Help Net Security)
  • Ransomware on a man’s PC convinced him that the Police knew of his dubious porn habits, and as a result he turned himself in to Law Enforcement – who knew absolutely nothing about it (Source: News & Star)
  • Hackers making planes “fly sideways“? At this stage, it’s hard to separate fact from fiction so it’s better to take a wait and see approach (Source: InfoSecurity Magazine)
  • If you’re attempting to sell your car on Craigslist you may want to keep an eye out for signs of a very organised scam currently in circulation, which has so far affected around 100 people already – there’s surely more to come. (Source: CNN – Money)

Safe surfing, everyone!

The Malwarebytes Labs Team