Security Simplified ! - A Kaapagam Technologies IT Security Blog

1 Million Android Malicious Apps & Malwares in the wild

2. October 2013 19:50 by CA in Malware, Trojan

In a blog post, Trend Micro's Gelo Abendan says that in 2012, over 700,000 malware and high-risk apps were found online. Due to Google's Android operating system expansion and popularity, the firm predicted that this number would reach the one million mark in 2013 as hackers sought to cash-in on Android and mobile devices.


The security firm's researchers say that this prediction has now come to pass. According to Trend Micro Mobile App Reputation Service feedback, there are now over one million malware and high-risk applications in the wild. While mobile malware includes premium service abusers and risky apps may push advertisements that lead to dubious sites or replicate popular, legitimate apps in order to steal data or financial information, 75 percent of the examples found performed "outright malicious routines," while 25 percent "exhibit dubious routines," which include adware.


Ramnit Malware

30. September 2013 10:55 by CA in Malware

The Ramnit worm appeared in 2010. Within a year more than eight million PCs were infected worldwide. Initially the malware was just file infector spread by removable drives. Later it became better known for stealing user data via browser injection, targeting banking or game users.


Ramnit is still prevalent and old domains are regularly updated. Some of the domains have already been “sinkholed” (redirected to communicate only with a controlled server and not with its malicious developers) by other security researchers.


KINS – A New bank-account-raiding Trojan Toolkit

26. July 2013 15:34 by CA in Hack, Malware, Trojan

KINS, a new professional-grade Trojan toolkit is certain to pose plenty of problems for banks and their customers in the months and years ahead.


KINS infects Windows PCs at a very low level and snoops on victims' online banking to drain their accounts. KINS promises the ease of use of nasty ZeuS combined with the technical support offered by the team behind Citadel.


KINS is designed to spread using popular exploit packs such as Neutrino. KINS is capable of easily infecting machines running Windows 8 and other x64 operating systems, and features technology to embed itself in computers so that it's activated almost as soon as the machines are powered on - this makes infections both more stealthy and harder to eradicate.


Hackers inject Malware backdoor in Apache webservers

1. May 2013 16:02 by CA in Malware

According to researchers at security firms ESET and Sucuri, A new threat is targeting Apache webservers. (Apache is the most widely-used webserver in the world). The threat is a highly advanced and stealthy backdoor being used to drive traffic to malicious websites carrying Blackhole exploit packs. Researchers have named the backdoor Linux/Cdorked.A, and have described it as the most sophisticated Apache backdoor to date.


“The Linux/Cdorked.A backdoor does not leave traces on the hard-disk other than a modified httpd file, the daemon (or service) used by Apache. All information related to the backdoor is stored in shared memory on the server, making detection difficult and hampering analysis” said Pierre-Marc Bureau, ESET security intelligence program manager.