by Constantine von Hoffman

Cybersecurity Roundup: Support for CISPA, Instagram Malware and More

Apr 19, 20123 mins

This week's cybersecurity roundup features stories on the Cyber Intelligence Sharing and Protection Act (CISPA); a new Android Trojan that hides inside the popular Instagram photo-sharing app; Javascript-related malware that could have infected as many as 20,000 websites, according to Google; and more security news.

White House Criticism Isn’t Slowing CISPA Bandwagon: Support from the White House hasn’t helped opponents of the Cyber Intelligence Sharing and Protection Act (CISPA). This week Internet and civil-liberty advocates launched a determined effort to stop CISPA. That effort received a boost from the White House, which said the bill sacrifices privacy without improving protections for the nation’s cyber infrastructure. Despite these actions, the bill, which is scheduled to be voted on by the House next week, has gained six more co-sponsors, bringing the total to 112.

Malware Rides Instagram Wave to Infect Android Devices: It’s not surprising that hackers are attempting to take advantage of the buzz around Facebook’s $1 billion purchase of Instagram. A faux-Instagram program is currently being used to distribute malware that can send background SMS texts from Android devices, according to reports from Sophos and Trend Micro. The malware reportedly comes from a page that mimics Instagram’s homepage in Russian.

Google: 20,000 Websites Could be Infected with Malware: Google sent a message to 20,000 websites to warn that the sites may have been infected with JavaScript redirect malware. The company also said servers could be compromised. “Specifically, we think that JavaScript has been injected into your site by a third party and may be used to redirect users to malicious sites,” the Google Search Quality team said. Files could be infected with unfamiliar JavaScript, and Google suggests that site owners search for files containing “eval(function(p,a,c,k,e,r).” The code could be in HTML, JavaScript or PHP files. The company also said server configuration files may have been compromised. “As a result of this, your site may be cloaking and showing the malicious content only in certain situations.”

U.K. Bill Would Pre-Censor Pornography on the Internet: It’s not just us. Britain’s House of Lords is currently considering The Online Safety Bill (TOSB? Don’t they know the power of pronounceable acronyms?). The bill would require ISPs and mobile phone companies to provide a pornography-free internet connection by default. Adults would prove they are adults and opt in. The bill, put forth by Baroness Howe of Idlicote, says the ISPs should block pornographic images–nasty text or audio is presumably okay. The British actually have a legal definition of smut, and it is in section 63 of the Criminal Justice and Immigration Act 2008. The act says you can’t possess “extreme” images which are “grossly offensive, disgusting or otherwise of an obscene character.” Don’t pictures of war, murder, poverty and/or the Chicago Cubs fall into those categories?