Tag: antivirus

Scientists develop malware tool

Posted on September 9, 2014 by - News

Malware, Wikimedia CommonsA team of researchers at the Universidad Carlos III de Madrid (UC3M) claims to have developed a tool to analyse numbers of apps to trace the origin and family of malware.

Guillermo Suarez de Tangil, a researcher at the computer science department at the university, said malware can be in smartphones and even in washing machines.

“The amount of malware is constantly increasing and it is becoming more intelligent for that reason,” he said.  “Security analysts and market administrators are overwhelmed and cannot afford exhaustive checking for each app.”

The tool is called Dendroid and will track down the family and nature of the malware.  “Developers generally reuse components of other malwares, and that precisely is what allows us to construct this genetic map,” he said.

He said antivirus software used in smartphones use detection engines based on signatures and its effectiveness is questionable, largely because smartphone resources are limited compared to a PC.

Microsoft allowed to execute Bladabindi and Jenxcus

Posted on July 1, 2014 by - News

GuillotineSoftware giant Microsoft has been given permission to disrupt malware by known as Bladabindi and Jenxcus, writes Nick Farrell.

Although Vole has worked with the FBI and others to disrupt communications channels between hackers and infected PCs, it is rare to act on its own. This is also the first high-profile case involving malware written by developers outside of Eastern Europe.

The operation, which began on Monday under an order issued by a federal court in Nevada, Microsoft said the two malwares operated in similar ways and were written and distributed by developers in Kuwait and Algeria.

Microsoft said that it would take days to determine how many machines were infected. Voles’ own, anti-virus software alone has detected some 7.4 million infections over the past year and is installed on less than 30 percent of the world’s PCs.

The developers marketed their malware over social media, including videos on YouTube and a Facebook page. They posted videos with techniques for infecting PCs.

The court order allowed Microsoft to disrupt communications between infected machines and Reno, Nevada-based Vitalwerks Internet Solutions.

Boscovich said about 94 percent of all machines infected with the two viruses communicate with hackers through Vitalwerks servers.

Registries will direct suspected malicious traffic to Microsoft servers in Redmond, Washington, instead of to Vitalwerks.

Vole will then filter out communications from PCs infected with another 194 types of malware also being filtered through Vitalwerks.

Vitalwerks and its operational subsidiary No-IP claim to have a very strict abuse policy. To be fair Microsoft has not accused Vitalwerks of involvement in any cybercrime, though it alleges the company failed to take proper steps to prevent its system from being abused.