Live updates

15,500 computers in UK infected with new malware

More than 15,500 computers in the UK are currently infected by a new powerful malware, with many more potentially at risk, the National Crime Agency said.

GOZeuS is thought to be behind fraudulent transfers of hundreds of millions of pounds globally.

"Our message is simple: update your operating system and make this a regular occurrence, update your security software and use it and, think twice before clicking on links or attachments in unsolicited emails," Andy Archibald, Deputy Director of the NCA's National Cyber Crime Unit, said.

Malicious software 'gives hackers access' to data

The National Crime Agency is warning people they have two weeks to save their computers from a powerful malicious software as part of a massive consumer education programme to help clean up infected computers.

NCA is warning people about a malicious software. Credit: REUTERS

"The plan is to attack the parasite hard for two weeks while removing as many viable hosts as possible at the same time so that propagation targets will be limited after the attacks subside," Lamar Bailey, director of security research and development at software company Tripwire, said.

The move comes after the FBI in the US was successful in disrupting a hacking network, making security updates by users particularly effective in the short term.

NCA: Two weeks to save UK computers from hackers

Advertisement

NCA: Two weeks to save UK computers from hackers

The National Crime Agency is warning people they have two weeks to save their computers from a powerful malicious software attack. The malware called GOZeuS is hiding within attachments in emails and, once downloaded, enables hackers to access computers and scan them for valuable information.

If no data is found, a second malware, known as CryptoLocker, locks the computer, displays a window with a countdown, and demands a ransom to grant access again.

According to the NCA, people are asked to pay 1 Bitcoin (£200 - £300) to regain access to their files.

The NCA is advising people to make sure security software is installed and updated, by running scans and checking that computer operating systems and applications are up to date.

Public urged to 'change every password' amid bug worry

Several technology companies have urged the public to reset their passwords amid fears of a major security problem with a product used to protect people's personal data.

The Heartbleed bug affects OpenSSL, which many companies use to protect sensitive information, including people's password.

A small padlock icon appears on websites using OpenSSL to reassure users, but the loophole in the programme could have left it open to exploitation by hackers.

The log-in page for an online bank shows the OpenSSL padlock icon Credit: Tim Goode/EMPICS Entertainment

Blogging platform Tumblr posted a public notice about the bug, advising users to "take some time to change your passwords everywhere - especially your high-security services like email, file storage, and banking".

Finnish security company Codenomicon also said it would be "a good idea" to change potentially vulnerable passwords.

Apple to issue software update to deal with hack

Apple is trying to identify the source of vicious malware attacks on a "limited number" of its Mac systems, a statement from the corporation said.

The corporation is to release new updated software to protect users and its systems.

Apple has identified malware which infected a limited number of Mac systems through a vulnerability in the Java plug-in for browsers.

The malware was employed in an attack against Apple and other companies, and was spread through a website for software developers.

We identified a small number of systems within Apple that were infected and isolated them from our network.

There is no evidence that any data left Apple.

We are working closely with law enforcement to find the source of the malware.

Since OS X Lion, Macs have shipped without Java installed, and as an added security measure OS X automatically disables Java if it has been unused for 35 days.

To protect Mac users that have installed Java, today we are releasing an updated Java malware removal tool that will check Mac systems and remove this malware if found.

– Apple

Read: More on computer hackers who have targeted sensitive Apple information.

Advertisement

Last.fm is latest social network to investigate password 'leak'

Last FM posted a security update on its website today. Credit: Last.fm/passwordsecurity

Last.fm has become the latest social network to reveal it is investigating the leak of some of its users' passwords.

A message posted on its website today has urged account holders to log in and change password as a precautionary measure.

The music streaming and statistics service had 30 million active users in March 2009.

'Phishing' scammers target LinkedIn users following password hack

'Phishing' scammers often claim to be official sources to trick people into revealing personal details. Credit: Clive Gee/PA Wire

Internet scammers have targeted LinkedIn users likely to be concerned about their account security following yesterday's claims that as many as six million passwords had been stolen by hackers.

Emails, such as this one seen by the BBC, claiming to be from "The LinkedIn Team" were sent to users asking them to confirm their email address by clicking a link.

But the BBC says the link only took recipients to a website selling 'counterfeit drugs'.

Security firm: LinkedIn users should change passwords 'as a precautionary step'

Millions of users of the social networking site LinkedIn have been told to reset their passwords after security information was stolen.

IT security and data protection firm Sophos said the leaked encrypted data does not include associated email addresses but warned that hackers will be working to crack the "unsalted" password hashes and "it is reasonable to assume that such information may be in the hands of the criminals".

It would seem sensible to suggest to all LinkedIn users that they change their passwords as soon as possible as a precautionary step.

"Of course, make sure that the password you use is unique - in other words, not used on any other websites - and that it is hard to crack.

"If you were using the same passwords on other websites, make sure to change them too. And never again use the same password on multiple websites."

– Graham Cluley, senior technology consultant at Sophos

LinkedIn security tips

Social networking website LinkedIn has provided these security tips following the reported theft of almost 6.5 million passwords. See the full statement here.

  • Never change your password by following a link in an email
  • Change your account passwords every few months
  • Don’t use the same password on all the sites you visit
  • Don’t use a word from the dictionary
  • Never give your password to others or write it down
Load more updates

Advertisement

Today's top stories