Skip to content

Posts tagged ‘trojan horse’


USB ‘Dead-drops’ in New York City

Alright, so this guy has been going around New York embedding USB devices, known as ‘dead drops’, into walls and other objects in public spaces. The idea behind it is to provide an offline place for people to exchange files. While in principle I find this to be an awesome idea, unfortunately we live in the digital age, and in real terms this is about as safe as trading needles with other addicts in the alleyway.

Initially people will use these legitimately and trade some interesting files, pictures and videos; then it’ll be warez and pr0n, and then the things will become malware-infested USB ‘needles’ sticking out of walls. The malware may or may not be intentional – many people don’t have an antivirus, or don’t update it – but I’m sure some kids will be happy to teach a lesson to those naive enough to plug themselves in.

Apart from malware-infected files that will inevitably end up on there, people will soon start joining in and create their own USB dead drops. Some of these could be USB switchblades, USBsploit, or custom devices intended to perform USB driver exploitation [pdf] (Hi Rafa).

As art installations like these become more technologically interactive, people will have to think twice about the risks that may be involved.

[Update] New dedicated site (About and FAQ).


Mac OS X Java Trojan Horse: OSX/Koobface.A

Antivirus companies have discovered a new Java trojan horse, labeled OSX/Koobface.A (aka. Boonana), which spreads via social networks including Facebook, MySpace and Twitter. The Java applet masquerades as a video or photo gallery plugin, and requests access to the user’s computer.

If Allow is clicked, then the applet will attempt to obtain additional files from remote servers and join the computer to the Koobface botnet. Koobface is also known to try and steal credit card, and other personal information, from the user’s system.

I’d like to stress that this is a fairly non-event, and this kind of malware poses a low level of risk (hence the peaceful-looking blue triangle). It’s pretty clear that you shouldn’t allow websites, plugins and applets that you don’t trust, to access your computer. Just click Deny and that’s the end of it in this case. Snow Leopard does have some built-in anti-malware functionality, although I don’t know if or when it may be updated to detect Koobface. Either way, I wouldn’t run out to buy antivirus software just yet.

Note this trojan is not Mac OS X-specific, and also affects Windows and Linux systems.

Intego have a Security Memo with some additional details.