A recent increase in iPhone worms hints at a future risk for mobile botnets.

The November release of IKee-B iPhone worm exploited jailbroken iPhone default passwords which potentially turned the device into a botnet client controlled by a Lithuanian server. The worm targeted dutch bank ING customers in the Netherlands.

Security researchers at SRI International published an analysis of the iPhone botnet that warns users of iPhones to expect more in future. Warnings about mobile malware have been voiced for many years. But it's only since the birth of iPhones and similar smartphones with decent internet access that the risks have become a real threat - Something the antivirus vendors have been warning about for years.

SRI's researchers state that although the Ikee-B worm is simpler than its PC cousins, it does have the potential to evolve in something much nastier.

The iKee-B bot is one of the most recent smartphone malwares to be discovered, in this case targeting jailbroken iPhones. While its implementation is simple compared to PC-based malware, its implications demonstrate the potentialof  exploitation to this new group of handheld consumer devices.

The full SRI analysis can be found here.

The sudden death of actress Brittany Murphy has rapidly been exploited by scammers and cyber criminals.

A rise in searches on the actress' death has been pounced on for Black Hat SEO campaigns, designed to push hacked sites to redirect users to bogus portals online.

Computer users who click the links to these black hat search results are exposed to a fake antivirus scanner, designed to frighten and trick users into buying the fake software.

F-Secure has a full report of this attack here. F-Secure detects the scareware as Fakevimes-T.


Brittany Murphy (32), who starred in 8 Mile and Spun died on Sunday, 20 December after collapsing at her LA home. The cause of death is not yet known but an autopsy has been scheduled.

We recently published an article talking about ESET Smart security and why heuristic proactive scanning is becoming more of a requirement in this day and age.

The article explains why:

• Proactive, heuristic scanning is becoming increasingly necessary to protect against unknown threats.
• The first line of defence for endpoints is heuristic scanning, but this should be complemented with traditional signature based functionality.
• The next generation of antivirus applications for endpoints must include an integrated and centralised management console.
• Security solutions must improve computer performance and must not disrupt the user experience.

We further explain how ESET Smart Security offers advanced heuristic analysis technology, which provides behaviour analysis and quarantining, along with traditional anti threat features to create a robust, reliable and comprehensive endpoint security solution with centralised management.

To read the full article about ESET Smart Security please click here.

Criminals developing scareware applications have created an application that tricks users into thinking it has been endorsed by Microsoft.

The fake application, called 'DefenceLab' redirects infected users to the Microsoft Support Portal but changes the content so that it looks like Microsoft is endorsing the fake software. The software is designed to trick users who have already become infected to pay for the full package, which is suppposed to be a clean-up utility.

Users who visit the site but are not infected will see a standard 404 message whilst infected users will see the fake endorsement.

Further information can be found in this blog post by Sunbelt Software who reported the threat first.

Cyber criminals have started using the christmas season as a new effort to spread the Koobface worm.

This Facebook attack starts with the usual fake post which this time points to video clips 'apparently'. Users who follow these links are taken to a fake YouTube page which asks you to install the latest Flash Player update so that you can view the videos.

When users start the download, instead of downloading the flash update, they instead download the Koobface component. This time round the fake video is disguised as a message from Santa.

Be on your toes Facebookers !

Trend Micro has further information here.

Free antivirus program AVAST began scanning and detecting clean, healthy files as infected last week and potentially caused problems for thousands of users around the world.

AVAST published an unsafe update which classified legitimate files and programs as harbouring a trojan known as 'Dell-MZG' or similar. The files were quarantined or at worse deleted, causing huge problems for users. AVAST have since released another update which corrects the problem.

AVAST publish an apology on it's blog site apologising for the mistake and offering advice on how to correct the problem via restoring systems! The mistake was blamed on 'Human Error'.

Read the apology on Avast's blog.

Russian Cyber Criminals have created a new piece of malware labelled as 'ransomware' that blocks access to the internet in an effort to make users pay money by  texting a message to a specified premium rate number. The poor infected users are literally being held to ransome by these russian criminals.

The dodgy application is bundled with a piece of software called uFast Download Manager. A popup message appears with a russian message which tells users that they must send a text message in order to obtain an activation code. The poor infected Victims are then told that internet access has been blocked until the activation code has been obtained due to 'apparently' violating a licensing agreement.

CA, an antivirus software company has developed an activation code generator which bypasses the problem. Further details regarding this threat and how to download the Keygen can be found on the CA Blog Site

During the past couple of years much has been written about fake antivirus programs which pretend to be something that they are not. These types of programs display messages saying that the computer is infected, when the computer is not infected at all. These types of fake antivirus neither scan, clean or protect. They are designed to trick users into thinking that their PCs are infected and scare them into buying the fake product. These types of programs are often called "scareware", "FraudTools" or "RiskWare".

Unfortunately, programs such as these which are designed to trick users out of their money are becoming increasingly common. Instead of the occasional fake software appearing, there is now a steady flow doing the rounds on the internet. Criminals or more accurately 'Cybercriminals' are developing these malicious programs and are making them even more sophisticated to avoid detection from 'real' antivirus programs.

The future development of these programs will more than likely focus on techniques to bypass detection from 'real' antivirus programs. The number of programs out there will likely continue to increase, and no doubt so will the number of users who are tricked into buying them.

The increasing popularity of fake antivirus programs among cybercriminals hint that this is an extremely profitable activity. The bullying and scare tactics only serve to increase the chances of success. Once again, we advise on installing a real antivirus solution. By doing so you can be safe in the knowledge that your computer is properly protected and you haven't just wasted your money on fake antivirus software.

Read Kaspersky Lab's in depth report on Rogue Antivirus.

Antivirus for Macs? Every Mac user will be jumping up and down screaming right about now because Mac users know that you don't get viruses on a mac.... or do you?

In all fairness, Kaspersky is marketing their new product as a tool to prevent and stop Macs from spreading viruses and other types of malware to Windows PCs. With a large proportion of Mac users also owning a Windows machine, this doesn't sound like such a bad idea!

Kaspersky Lab also says that the Mac platform isn't invincible to viruses and as Macs become more and more popular, they are likely to become more of a target for malicious hackers.

With this said, Anti-Virus for Mac will protect against Mac viruses and malware. Kaspersky says the software scans and disinfects files -in real-time. It also says that it uses just 1% of your CPU's resources when idle.