RSS Alerts

Share

More services

Related Links

Related Stories

  • Polymorphic ransomware tops malware charts
    Ransomware variant TotalSecurity is topping the malware charts, according to the latest threat report from security firm Fortinet.
  • Malware volume increases as Sasfis botnet proliferates
    Data from Fortinet shows malware volumes returning to previous levels over the last few months, with the Sasfis botnet leading the pack.
  • Obfuscated Javascript malware making a comeback
    The latest monthly threat landscape report from IT security vendor Fortinet asserts that obfuscated Javascript attacks are starting to hit internet users again.
  • Fortinet: Scammers shifting to ransomware
    Ransomware and scareware continue to be huge threats, according to the March 2010 edition of the Fortinet Threatscape report.
  • Malware threat reports fail to add up
    The December malware threat reports are trickling in from vendors — and they all appear to be different. Fortinet, Sunbelt Software, and Kaspersky all published their lists of the most prevalent malware strains for the last month of 2009, but they didn't match up, leading to an admission that users will inevitably be confused by the results.

Top 5 Stories

News

Jailbroken iPhones create malware vulnerability

01 October 2010

Jailbroken Apple iPhones are more vulnerable to malware, according to the Septemter 2010 Threat Landscape report by Fortinet.

Jailbreaking, Infosecurity notes, is done to circumvent digital rights management in order to open the  iPhone up to a larger number of applications.

Last year, the Ikee worm was able to exploit an iPhone vulnerability to gain unauthorized entry via the secure socket shell (SSH), Fortinet said in a statement.

“Once an iPhone, or any device, has been ‘broken', the door is open. The device may then execute code or function in a way it was not designed to do”, said Derek Manky, project manager of cyber security and threat research at Fortinet.

In addition, FortiGuard Labs detected a surge in Sasfis activity that was linked to the Asprox spambot, which had been silent for more than a year. The spambot was intended to be used for an email seeding campaign. The emails contained zipped executable attachments, disguised as fax copies. The attachment was a copy of Sasfis, which downloaded Asprox in order to send more spam from the infected machine.

In addition to an increase in Sasfis activity, FortiGuard Labs downloaded a sniffer module that scans traffic on TCP ports 21, 25, and 110 (FTP, SMTP and POP3).

“Traffic on these ports would be processed by the module into encrypted data sets and sent via HTTP POST to a command and control server located in Europe,” Manky said. “Stolen FTP credentials can be quite valuable and are often used to hijack Web servers. The variant was also observed downloading the TotalSecurity ransomware suite, which has been high on our malware radar for a number of weeks.”

Other vulnerabilities noted in the report include the following:

  • Two vulnerabilities were patched for Apple QuickTime on September 15, one of which was discovered by FortiGuard Labs. The other vulnerability was a critical issue that bypassed data execution prevention and address space layout randomization protection technologies using QuickTime. Fortinet research has determined that there are in-the-wild flash samples actively trying to exploit this vulnerability.
  • Microsoft has issued security advisories for the Outlook Web Access Privilege Elevation Vulnerability and ASP.NET, which could enable information disclosure.
  • Adobe has issued two zero-day security advisories for Adobe Reader/Acrobat and its Flash player.

The full report is available at Fortinet’s website.

This article is featured in:
Application Security • Malware and Hardware Security • Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012