Beware Careto

A new, extremely sophisticated malware of totally unknown origin has hit the web. It poses as your favorite news site and attempts you to click on intriguing links, then subsequently steals all of your sensitive information.

Recently malware tends to focus on one thing: it attempts to gain control of your personal information. Sadly, the days of 1995′s cyberpunk classic Hackers – where the whole point of malware was to be a nuisance and could be thwarted by typing the word “cookie” into a prompt — are over. For better or worse malware is no longer disguised as Cookie Monster’s face munching around a computer monitor, but are now disguised as your favorite sources of news.

Kaspersky Labs released an extensive report (PDF) regarding this new kind of malware. Dubbed Careto, the malware begins life as a phishing attempt, posing as an email from popular news websites. Once you click on the link, you’re brought to a website that scans your rig for vulnerabilities, then attempts to inject an infection through one of the newly discovered holes.

This time around, Mac users can’t deploy their infamous line regarding Macs not getting viruses, because there is a tailored Careto version for each major operating system — OS X, Windows, and Linux. Kaspersky also suspects that there are iOS and Android versions of Careto on the loose.

As I have said many time to protect yourself from these cyber attacks try sticking to these simple rules:

  • Only go to reputable websites.
  • Do not click on links on websites or email without making sure it is legitimate.
  • As far as email goes, only click on links or open attachments that you specifically asked for. If you are in doubt contact the sender directly and “ask before clicking”.
  • When you receive message prompts on your computer take the time to read what it is “saying it will do” before clicking “OK” or “next”.

Leave a Reply

Your email address will not be published. Required fields are marked *