Updates

A compilation of the latest information about viruses and worms, security issues and patches to rectify the same

Security Pro uses botnet malware

John Schiefer, a Los Angeles based security consultant has pleaded guilty to charges of spreading malware to thousands of computers and using them as botnets, ripping off users’ passwords and eavesdropping on commercial transactions in order to steal personal information. It is the first time that US prosecutors have used federal wiretapping laws to charge someone in relation to botnet crimes.

Court documents outline a series of schemes in which Schiefer and several associates developed and distributed a malicious computer code to vulnerable computers.

Schiefer and the others used the illegitimately installed code to assemble armies of up to 250,000 infected computers, which they used to engage in a variety of identity theft schemes. The victims, who were unaware of their computer’s infection continued to use their machines to engage in commercial activities.

Schiefer used the malware to intercept electronic communications being sent online from those computers to PayPal and other financial service Web sites.

Once in possession of the intercepted communications, he sifted through the data to mine usernames and passwords, which would allow him to access bank accounts to make purchases without the consent of the true owners. Schiefer also admitted that he transferred both the wiretapped communications and the stolen PayPal information to others.

In another scheme, Schiefer installed malware on infected computers running Microsoft operating systems, causing them to disgorge usernames and passwords from a secure storage area known as the PStore, and used such data to access victims’ bank accounts. Schiefer faces a maximum sentence of 60 years in federal prison and a $1.75 million fine.

Apple’s plethora of patches

Recently, Apple released fixes for at least 41 security issues, which includes vulnerabilities in the kernel, networking components and Safari Web browser.

The update closes holes in Mac OS X 10.3 Panther and Mac OS X 10.4 Tiger. According to Apple’s advisory, the vulnerabilities do not affect Apple’s latest operating system, 10.5 Leopard.

Among the most serious issues are remotely exploitable flaws in Mac OS X’s core Web services, the Safari Web browser, the operating system’s handling of IPv6 packets, and the Adobe Flash player installed by default. In addition, a number of kernel flaws could be exploited locally to escalate the privilege of the user.

Earlier this month, Apple released updates for its QuickTime media player and for its mobile phone, the iPhone. The updates followed a warning at the end of October by security firms that a malicious program had targeted the Mac OS X. While the Trojan horse program did not exploit any significant flaws and was considered a low threat, it did signal the possible beginning of professional cyber criminals targeting Mac users.

Apple also released an update to its beta version of Safari for the Windows operating system that fixes 10 flaws and a number of updates for its server software and applications.