An interesting comment turned up today to my "Malware du Jour" blog entry at Securiteam (http://blogs.securiteam.com/index.php/archives/1121). The poster asked a couple of questions, based on content from the ESET mid-year Global Threat Report, one of which was ‘How do you define "possibly unwanted applications [PUAs]?"’ My first thought was to refer him to the definition
Introduction It might not have escaped your notice that I write quite a lot about support scams, an issue in which most commentators in the security industry take only sporadic interest and tend to regard as of only niche interest. (As when a scammer is damaging their brand or product in some way, for instance
In various blog-posts, users have been encouraged by ESET experts to download applications from the official website for that application, as you never know what might have happened to the software when you download it from a mirror site or a download site.
Fraudsters continue to innovate their scam propagation methods. Again using Facebook and a pretense of a shocking video, they also utilize browser plugins to execute malicious scripts. We also see how the malware scene is intertwined, when the user is directed to a dubious Potentially Unwanted Application. Facebook auto-like scams have been commonplace on the
Our white paper on Potentially Unwanted Applications (PUAs) has been revised with additional information, including information about how legitimate software can become classified as a PUA due to its misuse, a discussion of a type of downloader called a software wrapper and updated screen shots. It can be found in the White Papers section Problematic,
ESET had quite a strong representation at Virus Bulletin this year in Barcelona, as David Harley mentioned in his post prior to the conference. On the first day, Pierre-Marc Bureau presented his findings about the Kelihos botnet, David Harley and AVG’s Larry Bridwell discussed the usefulness and present state of AV testing, and to finish
Orbit Downloader by Innoshock is a popular browser add-on often used to download embedded videos from sites such as YouTube. But the popular add-on has disturbing hidden functions.
Among the many different trojans that spread on Facebook, something popped up recently that caught our particular attention. The threat, detected by ESET as Win32/Delf.QCZ, is interesting for several reasons. Distribution First, let’s look at the distribution vector. Win32/Delf.QCZ relies on the old “fake codec/media player trick” and links to the malware-laden site are