My Russian colleague Aleksandr Matrosov reports that this week he received an interesting sample from forensic investigation specialists Group-IB. The threat in question is detected by ESET products as Win32/Sheldor.NAD, and coverage by other vendors is reasonable: see http://www.virustotal.com/file-scan/report.html?id=9f3ff234d5481da1c00a2466bc83f7bda5fb9a36ebc0b0db821a6dc3669fe4e6-1294926672. The interesting feature of this sample is that it uses the TeamViewer 5.0 standalone component to effect remote control of the
Tony Dyhouse writes in SC Magazine about the political implications for the security community of the Stuxnet and Wikileaks incidents. The link has also been added to the Stuxnet resources post at /2011/01/03/stuxnet-information-and-resources/5731 on 14th January 2011.. David Harley CITP FBCS CISSP
Added to the resources blog at http://blog.eset.com/2011/01/03/stuxnet-information-and-resources: Report of a Stuxnet-unrelated vulnerability in SCADA software A speculative cyberwar link Some links on Iranian post-Stuxnet "cybermilitia" recruitment. http://www.itworld.com/security/133469/iran-responds-stuxnet-expanding-cyberwar-militia http://blogs.forbes.com/jeffreycarr/2011/01/12/irans-paramilitary-militia-is-recruiting-hackers/?boxes=financechannelforbes David Harley CITP FBCS CISSP
This isn't really Threatblog fodder, but I'd like to take the opportunity to congratulate Richard Marko and Andrew Lee on their accession to ESET CEO superstardom. Richard has been appointed as global CEO of the ESET group, while Andrew has returned to ESET LLC as its CEO. It's good to know, though, that Miroslav Trnka
Picture from https://secure.wikimedia.org/wikipedia/en/wiki/File:Casino_slots.jpg This is a really bizarre computer crimes case. A man knows of a bug in a gambling machine at casinos. He goes into the casinos, uses the machines with complete authorization, at least in some cases, if not all, asks casino staff to modify the machines and they willingly do so. The
The folks at Trusteer got their hands on the logs from some phishing sites and found that people using iPhones are more likely to fall for phishing attacks than users of other devices, including PCs. Some of the findings included: Mobile users get to the phishing site sooner than PC users. Mobile users are 3
The Stuxnet analysis “Stuxnet Under the Microscope” … has, unlike most ESET white papers, been subject to a number of revisions as we’ve come to know more about the malware itself, and as the purposes of its perpetrators have become clearer. However, since all the known vulnerabilities exploited by Stuxnet have now been patched, version 1.3x of the document is likely to be the last substantial revision.