Lucian Constantin

Rogue copies of Green Simurgh, an Internet proxy software application used in Iran and Syria, have been found to contain malware that records users' activities and keystrokes.

Green Simurgh is an anti-censorship application that routes a computer's outbound connections to a server located in the U.S. This allows the software's users to bypass network filters and access Internet resources that would normally be banned by their ISP.

Twelve individuals were detained by Romanian authorities on Tuesday, suspected of being members of a cybercriminal group that hacked into the websites of various Romanian and foreign public institutions and government agencies.

Prosecutors from the Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) have dismantled a criminal group consisting of 14 members, who engaged in cybercriminal activities that included accessing computer systems without authorization, copying confidential data stored on them and publishing the captured information online, DIICOT said on Tuesday.

A new, highly sophisticated malware threat that was predominantly used in cyber espionage attacks against targets in the Middle East has been identified and analyzed by researchers from several security companies and organizations.

According to the Iranian Computer Emergency Response Team (MAHER), the new piece of malware is called Flamer and might be responsible for recent data loss incidents in Iran. There are also reasons to believe that the malware is related to the Stuxnet and Duqu cyberespionage threats, the organization said on Monday.

The mayor of West New York, New Jersey, was arrested together with his son on Thursday, for allegedly hacking into a website that criticized him and his administration.

Felix Roque, 55, of Hudson County, and Joseph Roque, 22, of Passaic County, were charged with gaining unauthorized access to computer systems, causing damage to protected computers and conspiracy to commit those crimes, the U.S. Attorney's Office for the District of New Jersey said on Thursday.

A pair of security researchers have proposed an extension to the Transport Layer Security (TLS) protocol that would allow browsers to detect and block fraudulently-issued SSL certificates.

Called TACK, which is short for Trust Assertions for Certificate Keys, the extension was developed by security researchers Trevor Perrin and Moxie Marlinspike and was submitted for consideration to the Internet Engineering Task Force (IETF), the body in charge of TLS, on Wednesday.

Yahoo was forced to release a new version of its Axis extension for Google Chrome after the original one contained a private key that allowed anyone to digitally sign extensions in Yahoo's name.

Axis is a new search and browsing tool from Yahoo that was released on Wednesday. It is available for desktop computers, as an extension for Google Chrome, Mozilla Firefox, Internet Explorer and Safari, as well as for iOS devices, as a stand-alone app.

The creator of the Bredolab malware received a four-year prison sentence in Armenia on Monday for using his botnet to launch DDoS (distributed denial-of-service) attacks that damaged multiple computer systems owned by private individuals and organizations.

G. Avanesov was sentenced by the Court of First Instance of Armenia's Arabkir and Kanaker-Zeytun administrative districts for offenses under Part 3 of the Article 253 of the country's Criminal Code -- intentionally causing damage to a computer system with severe consequences, the Office of Armenia's Prosecutor General said.

A new variant of SpyEye malware allows cybercriminals to monitor potential bank fraud victims by hijacking their webcams and microphones, according to security researchers from antivirus vendor Kaspersky Lab.

SpyEye is a computer Trojan horse that specifically targets online banking users. Like its older cousin, Zeus, SpyEye is no longer being developed by its original author, but is still widely used by cybercriminals in their operations.

Malware writers have used Crossrider, a cross-browser extension development framework, to build a click-fraud worm that spreads on Facebook, security researchers from antivirus firm Kaspersky Lab said on Monday.

Crossrider is a legitimate Javascript framework that implements a unified API (application programming interface) for building Mozilla Firefox, Google Chrome and Internet Explorer extensions.

A new variant of the Zeus trojan tricks users into exposing their debit card details by displaying rogue offers when they visit Facebook, Gmail, Yahoo and Hotmail, according to researchers from security firm Trusteer.

"We've recently discovered a series of attacks being carried out by a P2P [peer-to-peer] variant of the Zeus platform against some of the Internet's leading online services and websites," Trusteer CTO Amit Klein said in a blog post Tuesday. "The attacks are targeting users of Facebook, Google Mail, Hotmail and Yahoo -- offering rebates and new security measures."

Visitors to Wikipedia who see advertisements on the site have most likely fallen victim to a browser-based malware infection, Wikimedia Foundation, the organization operating the website, said on Monday.

"We never run ads on Wikipedia," said Philippe Beaudette, director of community advocacy for the Wikimedia Foundation, in a blog post. "If you're seeing advertisements for a for-profit industry ... or anything but our fundraiser, then your web browser has likely been infected with malware."

Bitcoin exchange site Bitcoinica suspended its operations on Friday after hackers managed to steal 18,547 bitcoins -- valued at about US$90,000 -- from its online wallet.

The user database probably was compromised as well, Bitcoinica's administrators said in an announcement posted on the site's home page. The information stored in the database included usernames, email addresses and account histories.