by Constantine von Hoffman

Cybersecurity Roundup: Tech Firms Waver on CISPA; Android Malware; and More

May 04, 20122 mins

This week's cybersecurity roundup has Mozilla becoming the first major Internet company to publicly oppose the Cyber Intelligence Sharing and Protection Act (CISPA); new Android malware; and a trojan that uses the U.S. DoJ name to extort cash from infected PC users.

Tech Companies’ Support for CISPA Wavers: Mozilla this week became the first major Internet company to publicly oppose the Cyber Intelligence Sharing and Protection Act (CISPA), and Microsoft has also started to withdraw its previous support for the bill. A Mozilla spokesperson told Forbes’ Andy Greenberg, “CISPA has a broad and alarming reach that goes far beyond Internet security. The bill infringes on our privacy, includes vague definitions of cybersecurity, and grants immunities to companies and government that are too broad around information misuse.”  

Meanwhile Microsoft, which has more business clout than Mozilla, expressed concern over the bill’s impact on personal privacy. The company said in a statement, “Microsoft believes that any proposed legislation should facilitate the voluntary sharing of cyber threat information in a manner that allows us to honor the privacy and security promises we make to our customers.” The bill passed the House, and the fight has now moved to the Senate. President Obama said he may veto the bill if it passes in its current form.

Android Malware Comes in the Form of a Security Update: New Android malware that uses website injection to infect mobile devices has been identified. “Multiple sites have now emerged with a URL-redirect injected into the HTML body of an infected page,” according to Symantec. Infected devices may be used as proxies that allow attackers to route traffic through them. Mobile device trojans have been used in the past for financial gain or to steal personal data.

Fake Justice Department Letter Used in Ransomware: Hackers have combined ransom Trojans with banking malware to produce a hybrid that demands money before attempting to steal user logins. The new variant of the Citadel Malware is called Reveton. The infection happens after users are lured to a drive-by download site that employs a dropper to install the Citadel malware. The program then locks down its host computer and shows a message saying the machine has been identified by the Computer Crime and Intellectual Property Section of the U.S. Department of Justice for visiting websites that contain child pornography or other illegal content, thus violating U.S. federal law. Infected users are then prompted to pay a $100 fine to the DoJ to unlock their machines.