Kaspersky Labs has recently identified a botnet that has infected over 600 000 computers. Of these, more than 98% were Apple Macs.
Kaspersky Lab’s experts recently analysed Flashfake, a massive botnet that infected more than 600,000 computers worldwide, and concluded that more than 98% of the infected computers were most likely running a version of Mac OS X. To infect victims’ computers, the cyber criminals behind the Flashfake botnet were installing a Flashfake Trojan that gained entry into users’ computers without their knowledge by exploiting vulnerabilities in Java. To analyse the botnet, Kaspersky Lab’s experts reverse-engineered the Flashfake malware and registered several domain names which could be used by criminals as a C&C server for managing the botnet. This method enabled them to intercept and analyse the communications between infected computers and the other C&Cs.
The analysis showed that there were more than 600,000 infected machines, with the largest regions being the United States (300,917 infected computers), followed by Canada (94,625), the United Kingdom (47,109) and Australia (41,600). Using a heuristic ‚OS fingerprinting‚ method, Kaspersky Lab’s researchers were able to gauge which operating systems the infected computers were running, and found that 98% were most likely running Mac OS X. It is anticipated that the other 2% of machines running the Flashfake bot are very likely to be Macs as well.
Flashfake is a family of OS X malware that first appeared in September 2011. Previous variants of the malware relied on cyber criminals using social engineering techniques to trick users into downloading the malicious program and installing it in their systems. However, this latest version of Flashfake does not require any user-interaction and is installed via a ‚drive-by download,‚ which occurs when victims unwittingly visit infected websites, allowing the Trojan to be downloaded directly onto their computers through the Java vulnerabilities. After infection the Trojan uploads additional payload which hijacks victims’ search results inside their web browsers to conduct a ‚click-fraud‚ scam.
Although no other malicious activities have currently been detected by the Trojan, the risk is still significant as the malware functions as a downloader on users’ computers, which means the cyber criminals behind Flashfake can easily issue new, updated malware – capable of stealing confidential information such as passwords or credit card details – and install it onto infected machines.
Although Oracle issued a patch for this vulnerability three months ago, Apple delayed in sending a security update to its customer base until 2nd of April. Users who have not updated their systems with the latest security should install and update immediately to avoid infection.
‚The three month delay in sending a security update was a bad decision on Apple’s part,‚ said Kaspersky Lab’s Chief Security Expert, Alexander Gostev. ‚There are a few reasons for this. First, Apple doesn’t allow Oracle to patch Java for Mac. They do it themselves, usually several months later. This means the window of exposure for Mac users is much longer than PC users. This is especially bad news since Apple’s standard AV update is a rudimentary affair which only adds new signatures when a threat is deemed large enough. Apple knew about this Java vulnerability for three months, and yet neglected to push through an update in all that time! The problem is exacerbated because ‚ up to now ‚ Apple has enjoyed a mythical reputation for being ‚malware free’. Too many users are unaware that their computers have been infected, or that there is a real threat to Mac security.‚
Mac OS X users are advised to install the latest security updates from Apple.
Telcos want one face
The investments that telecommunications service providers are making in reshaping their online properties into customer-centric portals reflects the growing maturity of self-service and Internet uptake in the industry, says KEVIN MELTZER of Consology.
Many telcos around the world are overhauling their websites to offer customers more holistic portals that give them a single point of entry into the organisation.
They are doing so because they recognise that service will be a key point of differentiation for their businesses in a market that is becoming increasingly competitive. They have also realised that they have a major opportunity to shift customers away from expensive contact centres towards low-cost electronic channels.
In the past, most telecommunications operators ran multiple sites across multiple domains and subdomains. These web-based properties were built around the way that telcos structured their own businesses rather than around the needs of the customer. But we are now seeing the leading operators take a more user-centric approach to the way that they design their web and mobile sites.
This coincides with a change in the industry from slicing customers into numerous segments and then serving them across a range of functional and product areas. For example, many operators split customers into prepaid and postpaid segments or voice and data users, distinctions that are becoming less meaningful in a world of technology convergence. They now want to present a single face to the customer rather than servicing the subscriber through silos.
These changes are starting to percolate through to operators’ customer service and sales strategies. Telcos are starting to pull together disparate products and services that once resided across multiple sites into customer service portals.
These sites put a wide range of information at the subscriber’s fingertips, he adds. Increasingly, for example, subscribers can log directly into their accounts from the operator’s homepage and then access a wealth of services and information. This marks an evolution from the fractured and inconsistent customer experience of the past.
Leading operators are even thinking about how their Self-Service platforms should be integrated with social media strategies to allow customers to pay their electronic bills or top up airtime with a single click from within a social network.
Whereas Self-Service portals on telco sites were once purely about account management functions, they increasingly offer far richer functionality. In addition to allowing subscribers to pay their bills and check their account information, they are also increasingly becoming the first stop for service and commerce.
Operators have started to recognise that splintering their e-commerce, service and account management functions simply makes no sense. Customers want to be able to do everything through one interface rather than needing to visit two or three Web sites, or eventually possibly needing to phone a call centre or visit a store for certain transactions.
Integrated and easy to use online customer service channels will be central for telco operators who want to be competitive in the markets of tomorrow. They form an advantage in an industry where it will be customer relationships rather than cost or service that drive loyalty and purchasing decisions.
Talk for less with MWEB Talk
Today, MWEB announced its consumer VoIP package called MWEB Talk, which allows users to make free network calls and get discounted rates made to landlines and mobile phones.
MWEB, today launched its new Voice over IP (VoIP) offering to South African consumers. The service, MWEB Talk, will offer users’ free on network calls to fellow MWEB Talk users’ and cheap calls to landline and mobile phone numbers. This follows the success and demand of the ISP’s existing VoIP products in recent months.
‚”We have seen a noticeable transformation in users’ Internet behaviour with consumers wanting services that complement their ADSL connectivity solution. We have seen phenomenal growth and by the end of the year will deliver over 100 million minutes on our VoIP platform,‚” says Carolyn Holgate, General Manager of MWEB Connect, the ISP’s Consumer and Small Office/ Home Office Division.
MWEB has made significant investments in its infrastructure and VoIP has been prioritised on its network to ensure performance and stability of the MWEB Talk service for both businesses and consumers.
‚”In addition to the high quality of the service, MWEB Talk is also simple to set-up and users’ should experience a significant reduction in their telephone bills. By implementing a VoIP service consumers and small businesses can cut their monthly telecommunication bills by up to 55% to landline and mobile numbers,‚” says Holgate.
With no subscription fee, existing MWEB customers can log into their MWEB account, register for the service and download the application for PC and Mac as well as mobile applications that turn an iPhone, Android, and Nokia smartphone into a VoIP phone. Customers will also be able to purchase a Desktop VoIP Handset for R99 which will be HD voice ready and will support multi-extensions.
‚”We believe that VoIP is the future of telephony in South Africa and we are extremely excited to see the consumer market shift into the VoIP space,‚” concludes Holgate.