I just received the message below via email. This is nobody I’ve been into contact with before and I did not download the linked file. Services like Wetransfer is getting popular and now unfortunately the hackers has caught on and is using this as a vehicle to get their trojans and viruses installed so be warned.
The message is a valid Wetransfer email, so the hackers has simply used their service and entered in me as a recipient of their no doubt virus file.
Security researchers have identified multiple samples of the recently discovered “KitM” spyware for Mac OS X, including one dating back to December 2012 and targeting German-speaking users.
KitM (Kumar in the Mac), also known as HackBack, is a backdoor-type program that takes unauthorized screen shots and uploads them to a remote C&C (command-and-control) server. It also opens a reverse shell that allows attackers to execute commands on the infected computers.
The malware was initially discovered last week on the Mac laptop of an Angolan activist at the Oslo Freedom Forum, a human rights conference in Norway, by security researcher and privacy activist Jacob Appelbaum.
The most interesting aspect of KitM is that it was signed with a valid Apple Developer ID, a code-signing certificate, issued by Apple to someone named “Rajinder Kumar.” Applications signed with a valid Apple Developer ID bypass the Gatekeeper security feature in Mac OS X Mountain Lion, which verifies the origin of files to determine whether they pose any risks to the system.
FBI agents arrested West New York (NJ) Mayor Felix Roque and his son Joseph, 22, for illegally canceling the domain name registration of Recallroque.com.
An insurgent political campaign in West New York, N.J., suddenly realized in February that its Web site had been disabled. The campaign was being run by opponents of the mayor, Dr. Felix Roque, and the Web site, recallroque.com, had been intended to rally support to recall him and collect information about what his critics described as his rampant mismanagement.
Mayor Roque, 55, who was elected last year, was encouraged by his 22-year-old son, Joseph Roque, to successfully gain access to the GoDaddy-hosted website and had successfully took it offline. The father and son duo then learned the identities of the site’s creators—several local public official and media personalities—whom he threatened to “punish” by way of Roque’s political power.
Father and son appeared, shackled at the hands and feet, in federal court in Newark on Thursday, where a judge told them that they face up to 11 years in prison and $600,000 in fines. They were released on $100,000 bond each, officials said.
Source: The New York Times
- Trojan.Win32.Generic!BT: Trojan
- Trojan.JS.Redirector.cd (v): Trojan
- Trojan.Win32.Generic!SB.0: Trojan
- Trojan-Spy.Win32.Zbot.gen: Trojan
- Zugo Ltd (v): Adware (General)
- Trojan.Win32.Generic.pak!cobra: Trojan
- Trojan.Win32.FakeAv.awrp (v): Trojan
- FraudTool.Win32.FakeRean.b (v): Rogue Security Program
- Trojan.JS.Obfuscator.m (v): Trojan
- INF.Autorun (v): Trojan
List sponsored by Vipre Antivirus AntiSpyware