I have only observed two KoobFace URLs in the past few months and was beginning to wonder if they had disappeared. If somebody knows the new KoobFace URLs I am all ears. For the longest time I was able to block the KoobFace web-site infestations with just one rule in the PAC filter. Because I make filters including the PAC filter I don’t have Java on the machines / operating systems I use to create the filters with. Also using NoScript in Firefox may help solve your problems. For those that must use Java at work, perhaps using one browser for your internal Java stuff and some other browser that doesn’t have Java for the Internet may work. But in any case, if Java is installed make sure Java is disabled in all browsers that have Java plugged into them until you need Java: Firefox – Preferences, Content, et al. Now that all of the best developers have left OpenOffice and are working on LibreOffice I will have to bite the bullet and uninstall both OpenOffice and Java and install LibreOffice. WARNING ONE: I got Java with OpenOffice when I installed it on Windows. Just make sure you remove them AFTER you have removed all of the installed Java programs in Add/Remove Programs in the Control Panel. Remove the “Java” and “JRE” folders inside the %ProgramFiles% folder if they exist. However if you want to be complete, after you have removed all versions of Java in Add/Remove Programs start up Windows Explorer (My Computer may work as well – I don’t like or use it), and type the following in for the file location: Heron, as with everything else, that it is probably sufficient. This entry was posted on Wednesday 27th of October 2010 05:58 PM ET: Researchers at Paretologic have published an interesting blog post showing that this attack also can infect Linux installations with Java installed. As The Register and a number of other tech publications reported last week, Apple has “deprecated” Java on Mac OS X, meaning it will pay even less attention to upkeep of the platform, and it may kill the platform entirely on a future version of its operating system. Malware that attacks Mac users may not have Java to kick around for much longer. Updates are available through Apple Software Update or Apple Downloads. Last week, Apple shipped a new version of Java for OS X that fixes at least four security holes in the program. Mac OS X machines ship with their own versions of Java, which Apple updates from time to time. Firefox users can disable Java in the browser via the “Plugins” tab of the Add-ons menu. Mac users can turn off Java in Safari by unchecking the box next to “Enable Java” in the “Security” panel of the Safari preferences panel. It makes sense for attackers to consider Java as a platform-agnostic vehicle for delivering platform-specific malicious software. Also, Java was designed to be a cross-platform technology that would allow applications to run seamlessly regardless of the operating system relied upon by the user. My research shows that Java is now the leading vector of attacks against Windows systems, findings that recently were buttressed by oodles of attack data released by Microsoft. It is not surprising that attackers would begin leveraging Java to attack Mac users with threats that have traditionally only menaced Windows users. SecureMac says that “there have been reports of similar behavior in recent trojan horses targeting Microsoft Windows, but they have not included cross-platform capabilities until now.” SecureMac also has a writeup on what appears to be the same threat, which it calls. It spreads by posting messages on Facebook, MySpace and Twitter, usually trying to get people to click a link to view some sort of video.” Intego notes that if the download is allowed, “it runs a local web server and an IRC server, acts as part of a botnet, acts as a DNS changer, and can activate a number of other functions, either through files initially installed or other files downloaded subsequently. According to Intego, the applet includes a prompt to install the malicious software: Security software maker Intego says this Mac OS X version of the Koobface worm is being served as part of a multi-platform attack that uses a malicious Java applet to attack users. A new version of the infamous Koobface worm designed to attack Mac OS X computers is spreading through Facebook and other social networking sites, security experts warn.
0 Comments
Leave a Reply. |