PRODUCTS > Computer Virus Alerts - Maintenance

Latest virus for macs and PC's

Contact Us for a free antivirus trial to the end of this month.

Free trial antivirus

Windows computers and Mac computers running OS X have been infected with new variants of both the Flashback Trojan Horse and the Imuler Trojan Horse.

There is also a virus infecting computers running Mac OS X. This malware / virus exploits a vulnerability in computers running older, unpatched versions of Java.

After visiting a site containing the malicious Java applet, the malware exploits older versions of Java as per this Vulnerability Summary for CVE-2011-3544. The virus then downloads and runs code to create a backdoor and set it to run at startup. The backdoor then communicates with a C&C server. This malware requires no user interaction for installation aside from visiting a malicious site when running an unpatched version of Java. The site serving the malware is currently online and active at the time of this report.

The initial backdoor is installed as file.tmp, which quickly sets up a copy of the backdoor at /Library/Audio/Plug-Ins/AudioServer and sets up a LaunchAgent at /Library/LaunchAgents/com.apple.DockActions.plist to ensure the backdoor runs on startup.

The backdoor then communicates with the main C&C server.

To protect your system against this attack, make sure you are running the latest updates and security patches for OS X by selecting "Software Update" under the Apple menu in OS X. Apple released an updated version of Java that patches this vulnerability back in November. Additionally, Java can be disabled in the Safari web browser by opening the Safari Preferences, and making sure "Enable Java" is unchecked under the Security tab.

This malware is still under active investigation. For protection we recommend Eset NOD 32 Smart Security.

Computer Virus Smartphone apps Viral websites

Smartphone apps can access some pretty personal and intimate information. This ranges from phone numbers and email addresses to GPS coordinates, to name a few. Viral websites can also infect your computer. More info.

Windows Security

Criminals can gain access to your computer through email, attackers' websites, instant messaging & file sharing.
All of these are safe, when you have the best antivirus software & your Windows or Mac updates.

ESET NOD32 Anti-Virus even alerts you to update Windows.

Contact Us for a free antivirus trial to the end of this month.
Free trial antivirus

You may download, install & scan your computer using the best antivirus avaiable. (Data from independant tests at www.av-comparatives.org shows ESET NOD32 Anti-Virus is the best of 16 tested. AVG free is bottom of the list & Nortons comes in the lower half of results.)

What is a virus or trojan or malware?

We have a comparison of NOD32 Eset to other antivirus products.

Confused? What is a virus or trojan or malware? Click here for the definition.

What is a virus or trojan or malware?

Malware is software designed to infiltrate or damage a computer system, without the owner's consent. The term is a combination of "mal-" (or perhaps "malicious") and "software", and describes the intent of the creator, rather than any particular features. Malware is commonly taken to include computer viruses, worms, Trojan horses, spyware and adware. In law, malware is sometimes known as a computer contaminant.

Malware should not be confused with defective software, that is, software which has a legitimate purpose but contains errors or bugs.

Recommendations

We encourage all users and administrators to adhere to the following basic security "best practices":

* Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical, such as an FTP server, telnet, and a Web server. These services are avenues of attack. If they are removed, blended threats have less avenues of attack and you have fewer services to maintain through patch updates.
* If a blended threat exploits one or more network services, disable, or block access to, those services until a patch is applied.
* Always keep your patch levels up-to-date, especially on computers that host public services and are accessible through the firewall, such as HTTP, FTP, mail, and DNS services (for example, all Windows-based computers should have the Current Service Pack installed.). Additionally, please apply any security updates that are mentioned in this writeup, in trusted Security Bulletins, or on vendor Web sites.
* Enforce a password policy. Complex passwords make it difficult to crack password files on compromised computers. This helps to prevent or limit damage when a computer is compromised.
* Configure your email server to block or remove email that contains file attachments that are commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.
* Isolate infected computers quickly to prevent further compromising your organization. Perform a forensic analysis and restore the computers using trusted media.
* Train employees not to open attachments unless they are expecting them. Also, do not execute software that is downloaded from the Internet unless it has been scanned for viruses. Simply visiting a compromised Web site can cause infection if certain browser vulnerabilities are not patched.

Contact Us for a free antivirus trial to the end of this month.
Free trial antivirus