author
Alexis Dorais-Joncas
adorais-1
Alexis Dorais-Joncas
Security Intelligence Team Lead

Malware

Win32/Kelihos botnet keeps on phishing, now exploiting Boston bombing

By posted 17 Apr 2013 at 03:04PM

The botnet known as Win32/Kelihos keeps on infecting, now touting a YouTube video of the Boston Marathon bombing that comes with a malicious iframe pointing to a Redkit exploit page that infects viewers.

Malware

Malware evolving to defeat anti-DDoS services like CloudFlare?

By posted 13 Feb 2013 at 08:55PM

Could distributed denial of service (DDoS) malware be evolving to defeat anti-DDoS security measures like CloudFlare? We do not usually see a lot of innovative denial-of-service malware in our day-to-day work. What we do see usually boils down to the basic flooding techniques: TCP Syn, UDP and ping floods, and sometimes HTTP-oriented floods. Of course,

Threats

Walking through Win32/Jabberbot.A instant messaging C&C

By posted 30 Jan 2013 at 08:15PM

Malware authors have a solid track record in regards to creative Command and Control protocols. We’ve seen peer-to-peer protocols, some custom (Sality), some standard (Win32/Storm uses the eDonkey P2P protocol).

Botnet

Walking through Win32/Jabberbot.A

By posted 23 Jan 2013 at 01:51PM

Malware authors have a solid track record in regards to creative Command and Control protocols. We’ve seen peer-to-peer protocols, some custom (Sality), some standard (Win32/Storm uses the eDonkey P2P protocol). We’ve seen binary protocols (Win32/Peerfrag, aka Palevo). We’ve seen other custom protocols that leverage other standard protocols such as HTTP (Win32/Georbot), DNS (Morto)and IRC (Win32/AutoRun.IRCBot.AK),

Botnet

OS X Lamadai: Flashback isn't the only Mac malware threat

By posted 25 Apr 2012 at 06:27AM

The Flashback trojan has been all over the news lately, but it is not the only Mac malware threat out there at the moment. A few weeks ago, we published a technical analysis of OSX/Lamadai.A, the Mac OS X payload of a multi-platform attack exploiting the Java vulnerability CVE-2011-3544 to infect its victims. OSX/Lamadai.A has

Apple

OSX/Lamadai.A: The Mac Payload

By posted 28 Mar 2012 at 07:18AM

Earlier this month, researchers from AlienVault and Intego reported a new malware attack targeting Tibetan NGOs (Non-Governmental Organizations). The attack consisted of luring the victim into visiting a malicious website, which then would drop a malicious payload on the target’s computer using Java vulnerability CVE-2011-3544 and execute it. The webserver would serve a platform-specific JAR

Apple

OSX/Imuler updated: still a threat on Mac OS X

By posted 16 Mar 2012 at 10:02AM

A new variant of Mac information-stealer OSX/Imuler hides itself inside a ZIP archive, right in the middle of an array of erotic pictures.

Follow Us

FacebookYoutubeTwitterLinkedInGoogle+RSS

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
Copyright © 2013 ESET, All Rights Reserved.