by Constantine von Hoffman

Cybersecurity News Roundup: MyAgent Trojan; Virus Infects Saudi Oil Giant; and Pro-Censorship Hackers

Aug 17, 20125 mins
CybercrimeData BreachMalware

This week's IT security news roundup features stories on the newly discovered MyAgent Trojan; malware that forced a Saudi Oil Giant to shut down its network; Adobe Reader security flaws; and more.

Email Trojan Targets Defense, Aerospace, Chemical Industries
: Researchers at FireEye found a Trojan, called MyAgent, that appears to target organizations in the defense, chemical, technology and aerospace industries. MyAgent is primarily spreading through email as a zipped .exe file or PDF attachment. After a user opens a PDF file titled Health Insurance and Welfare Policy, it drops a second executable file, ABODE32.exe, in the victim’s temp directory. That file then accesses Windows Protected Storage, which holds passwords for other applications including IE and Outlook. Once it has infected a machine the Trojan then passes the compromised information to its command and control (C&C) server. FireEye also says the malware loads different DLLs to communicate with its C&C. Despite a relatively high detection rate, FireEye is calling MyAgent advanced malware because of its dynamic intermediary stages.

Malware Forces Saudi Oil Company to Shut Down NetworkSaudi Aramco, the giant oil company, shut down its network Wednesday because of a serious virus infection. The company says the incident had no effect on oil production. Saudi Aramco posted a message on its Facebook page saying,  “On Wednesday, August 15, 2012, an official at Saudi Aramco confirmed that the company has isolated all its electronic systems from outside access as an early precautionary measure that was taken following a sudden disruption that affected some of the sectors of its electronic network. The disruption was suspected to be the result of a virus that had infected personal workstations without affecting the primary components of the network.” Note: There is nothing at all odd about that last sentence. Nothing. And speaking of something that is really, really not suspicious in anyway…

AntiLeaks Says It’s Behind WikiLeaks DDoS Attack: Have you ever heard of any independent hacker groups that are pro-censorship? Well, now you have. A group calling itself AntiLeaks claimed responsibility for a major DDoS attack against WikiLeaks earlier this week. The group’s alleged leader, who calls himself Diet Pepsi, said in a post, “We are young adults, citizens of the United States of America and are deeply concerned about the recent developments with Julian Assange and his attempt at asylum in Ecuador. Assange is the head of a new breed of terrorist. We are doing this as a protest against his attempt to escape justice into Ecuador. This would be a catalyst for many more like him to rise up in his place. We will not stop and they will not stop us.” Do the Young Republicans now have a hacker group? I am one of a lot of people who don’t like Assange for his personal behavior and really, really want him to stand trial for his alleged crimes. That said, I am a huge fan of WikiLeaks and what it does. It is difficult for me to believe that anyone not funded by the government or a corporation would make the above statement.

Serious Security Issues Remain in Adobe Reader Despite Huge Patch Release: Google researchers say there are still a number of serious vulnerabilities in Adobe Reader even after the release of a huge number of patches on Tuesday. Google’s security team began looking at Reader, one of the most widely deployed applications on the Web, earlier this year to search for possible security issues. They found more than 50 bugs after testing it against Chrome’s embedded PDF reader. The team reported the bugs to Adobe, which said it fixed all of the high and critical severity vulnerabilities in a patch released this week. In a second round of testing after the patches came out, Google researchers found more serious problems in the application running on Windows and OS X.

Wave Goodbye to Your 4th Amendment Rights: A federal appeals court ruled that the authorities do not need a warrant to track your every move via GPS signals from your mobile phone. The 6th U.S. Circuit Court of Appeals, ruling 2-1, upheld a 20-year sentence for a man nabbed with 1,100 pounds of marijuana in a motorhome camper. The authorities tracked him in the camper via his mobile phone as he traveled from Arizona to a Texas truck stop. The decision comes as prosecutors attempt to get around a Supreme Court ruling that limits the use of GPS vehicle trackers by using warrantless cell-tower location tracking. No checks, no balances.

And speaking of a farewell to rights…When the state of Pennsylvania went to court to defend its now legal voter-ID law the judge said it could not use voter fraud as an argument because the state could not find a single case of voter fraud. Instead its lawyers argued that there is no reason why people should not be required to have some form of ID. What kinds of governments require their citizens to carry ID at all times? Governments that are afraid of their citizens. It’s an ugly, ugly day when the nutjob militia folks start to look rational.