Trojan

Trends for 2013: astounding growth of mobile malware

In 2012 the number of unique detections of malware for Android increased globally by a factor of 17X (yes, that is 1,700%), and we expect the increase in 2013 to be even greater. This is one of the main predictions in the white paper we are releasing today: "Trends for 2013: astounding growth of mobile

Rovnix Reloaded: new step of evolution

ESET is seeing a new step of evolution for the Rovnix bootkit family.

Valentine's Day Scams: For the love of money

Scam artists and cybercriminals are looking to turn romance into profit now that Valentine's Day approaches, possibly taking over your computer in the process. According to ESET researchers in Latin America, we can expect the quest for love to be leveraged as an effective social engineering ploy to enable the bad guys to infect unsuspecting

Malware exploits death of North Korea's Kim Jong-il

As expected, malware developers and scam artists have greeted the death of North Korea's dictatorial leader, Kim Jong-il, with Black Hat SEO and Social Engineering attacks. The Supreme Leader of the Democratic People's Republic of Korea suffered a heart attack on a train journey last month and a steady stream of schemes to exploit the

Malware Drive-by Infection Video: From fake FDIC message to infection

The FDIC is probably one of the most misunderstood quasi-governmental entities in America, which may account for its enduring popularity as part of malware and phishing scams. I'm not the most dedicated follower of banking news, but I did work for a bank once and I do try to keep up, yet I have never

You’ve Got Malware: Deceptive package delivery email for the holidays

Taking delivery of an unexpected package containing gifts is one of the joys of the holiday season. Missing a package delivery is one of the frustrations of the season. So, an email headed "Failed Package Delivery" is a good way for scam artists and malware distributors to get your attention. In this post I examine

Much Ado About Facebook

The Reuters news agency reported earlier today a sudden increase in violent and pornographic images and videos on Facebook.  A quick review of my personal account and a check-in with my other Facebook-wielding colleagues revealed a couple of nothing more than a couple of suggestive pictures, complete with snarky comments embedded in them, from the

Android vulnerability patch time lag causes malware opportunity

One of the blessings of Open Source initiatives is the rapidity with which coders can release quality collaborative code. This is one of the ways the Android managed to claw its way into the smartphone mainstream, after arriving late to the game. But as the app ecosystem matures, vulnerability/patch management becomes more of an issue,

Kids’ computer game malware – Scammers stoop to new lows

There’s a new batch of malware making the rounds, this time directed at spreading banking malware through childrens’ games. Though it’s hard to imagine, the scammers are taking advantage of the naivete of kids, who may not be as skilled at detecting scams as their more seasoned parents. According to an article in Softpedia, the

Digital Certificate Security: Time to check protection of these valuable assets

An emerging information security threat highlighted this week by Róbert Lipovský, namely theft and abuse of digital certificates by malware creators, serves as a timely reminder that these certificates are highly valuable digital assets that should be accorded the highest levels of protection. If your company uses certs purchased from root authorities such as Verisign,

New Apple OS X Malware: Fake Adobe Flash Installer

A new attack against Apple Mac OS X Lion (10.7) has been detected by Intego. The threat is a Trojan, dubbed Flashback, installed via a fake Adobe Flash installer downloaded from a third party site. As with the MacDefender and Revir malware, the Flashback attack uses social engineering to entice the user to download then

Towering Qbot Certificates

New stolen digital certificates are used by the multi-purpose backdoor Qbot. The criminals behind the Qbot trojan are certainly not inactive. As I mentioned in a blog post earlier this month, after a quiet summer we have seen a batch of new Qbot variants. An interesting fact is that the malicious binaries were digitally signed.

Comment Spam: what’s in a name?

…I realize that it looks a little self-obsessed to keep writing about comment spam relating to your own blog…

MacDefender undergoes a name change, MacShield

The MacDefender malware has morphed again, now taking the guise of "MacShield."   As in the case of its oldest sibling MacDefender, the MacShield variant has taken the name of a legitimate Mac OSX software product with small distribution, doubtless causing the real developer significant heartache. The UI is essentially unchanged, but as usual all

MacDefender: The sky is not falling…

In the last few days, I have been asked by a journalist (or four) what MacDefender means for the future of Apple security, and if I thought there was excess hype around it.   I'll address the second question first.   I think its safe to say the current malware would not be newsworthy if

MacDefender (now MacGuard) Can Install Without Credentials

The recent MacDefender Trojan has been receiving “rebranding” facelifts since it came out. It has now been deployed as MacProtector, MacDetector, MacSecurity, Apple Security Center, and there are no doubt more iterations to come. The malware has been updated, and now sports an improved UI that looks like a native Mac OSX application, unlike the

Yesterday’s Virus Hoax is Today’s Fake Utility

One of the (few) blessings of having been so long in this industry is that I remember a time when most malware was viral and Trojans were rare: so rare, in fact, that there was at one time a notorious "dirty dozen" set of Trojans.  At around the same time, there were innumerable hoaxes describing malware with

Coreflood dries up

The US Department of Justice's announcement yesterday of the takedown of the command and  control (C&C) servers for the Coreflood bots (detected by ESET as Win32/AFCore) and seizure of their domains marks another step in the growing awareness that crime, whether it is committed with bullets or with botnets, is still crime.  This particular botnet,

Hacking by Proxy

The BBC program Panorama last night investigated claims that the News of the World hired a hacker to break into a subject's PC to steal emails. In fact, it appears that the unnamed hacker installed a Trojan on the victim's PC. Which sounds like a fairly unequivocal breach of the Computer Misuse Act, which outlaws

Trojan in Microsoft Update Catalog – A Bunny Bites Back

  UPDATE #1 Randy Abrams has posted a follow-up article, Anatomy of a Biting Bunny – The Infected Microsoft Catalog Update with additional information about how update services work, why they might distribute third-party code and what might be done to prevent malware from being distributed on services like Microsoft's Windows Update in the future.  7-FEB-2011.   Last

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

2 articles related to:
Hot Topic
11 Dec 2012
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.