Dorifel/Quervar: the support scammer's secret weapon

The threat of the Dorifel/Quervar malware spreading in the Netherlands is being used by telephone scammers to trick local PC users into paying for ‘protection’.

Massive Spike In The Amount Of Small Business Attacks: Why Are Small Businesses The Target?

Audio: /us/resources/podcasts/081012_ESET_SmallBusiness.mp3

Blizzard Entertainment hacked this time for real (lessons learned)

In May we read that game maker Blizzard, developer of a series of popular games including World of Warcraft, Diablo III and Starcraft, was hacked, but that turned out to just be individual compromised accounts from some of its users. Now we read, from Blizzard itself rather than a third party, that they have been

Authentication attacks: Apple, Amazon, iCloud, Google, anything with a password

Sharing details of the hack that “wiped his life” has earned Mat Honan a place in the annals of information system security; the specific inter-dependence of flawed authentication systems that cost him so dearly–encompassing Apple, iCloud, Amazon.com, Gmail and more–would probably still exist if Mat had not gone public. Wired has the full story here

Support Scammer Anna’s CLSID confusion

Scammer Anna claims to be from Global PC Helpline, and certainly that site seems to be confused about what it is and where it operates from.

Foxxy Software Outfoxed?

Part of my daily routine here at ESET is to inspect URLs for new trends and malware campaigns identified by our systems. A couple of weeks ago I noticed a group of URLs with a similar pattern. When I investigated further, I found out that the URLs pointed to copies of legitimate web sites with

Misusing VERIFY (and other support scam tricks)

After Event Viewer, ASSOC, INF, PREFETCH and Task Manager, it seems that VERIFY is the latest system utility to be misused by PC tech support scammers.

Mac OSX/iOS hacks at Blackhat – are scammers setting their sights?

For years scammers and hackers  focused largely on Windows x86-based platforms, in many ways because that’s where the bulk of the users were. But times change, and new targets emerge. At Blackhat and Defcon last week we saw a flurry of talks on Mac OSX/iOS security,  trying to illuminate possible chinks in the armor. From

Black Hat Security Conference: Part 2

Audio: /us/resources/podcasts/080312_ESET_BlackHatP2.mp3

Flamer Analysis: Framework Reconstruction

Aleksandr Matrosov looks at the internal architecture of Win32/Flamer’s mssecmgr.ocx module.

Rakshasa hardware backdooring: the demon that can't be exorcized?

Jonathan Brossard describes an ‘undetectable, unremovable’ attack on firmware through gimmicked hardware or a subsequent malware attack. David Harley isn’t convinced.

Defcon focus on the Fed comes with conflicting emotions

After my colleague Stephen Cobb stood in a huge line at Defcon waiting to get into the Friday keynote by NSA chief General Alexander, plus a swarm of interest shown at the two-part Meet the Fed panel presentation the next day, it’s becoming clear that multiple agencies of the federal government are focused on hackers,

Apache/PHP web access holes – are your .htaccess controls really safe

If your organization’s website runs on Apache, and many do, you might wonder if the webserver’s .htaccess controls are securely configured. If you believe the demo we saw yesterday at Blackhat by Matias Katz and Maximiliano Soler, the answer is a resounding ‘NO!’ What Katz and Soler described in their session is not some rare

Rovnix.D: the code injection story

Detailed analysis of Rovnix.D reveal updates to the code injection technique employed, allowing multiple injections with a variety of payloads.

Black Hat Security Conference: Part 1

Audio: /us/resources/podcasts/072712_ESET_BlackHatP1.mp3

Offensive / Proactive tactics, will they really work? Blackhat day 1

Blackhat keynote speaker Shawn Henry, the former executive assistant director of the FBI’s Criminal, Cyber, Response and Service Branch, started off the day after opening remarks from Jeff Moss, founder of Blackhat. Moss wondered if now was the time for the cyber-security sector to take a more aggressive/offensive approach. Jeff mentioned working for a former

.ASIA domain name scams still going strong

Today I received the following message in my inbox, claiming to be from the Asian Domain Registration Service and warning me that the eset brand was in danger of being registered by a third-party.   Here is the message I received, which I’ve included in its entirety, except for a few bits: Received: from mail.umail168.cn4e.com

Free YouTube .mp3 converters – with a free malware bonus

Want to access the music tracks of YouTube.com videos on your iPod but don’t want to pay? You’re not alone. Recently, a crop of websites have popped up offering to convert the audio from videos to .mp3 files that you can then download at no charge. Sounds great, right? The catch: scammers are trying to

Gamigo game site hack lessons learned (and what should you do)

Gamigo learned a few months ago about a breach and alerted its users that they had been attacked. But now, we see an estimated 8+ million records just went public, no small amount for the attackers. What is interesting is that by one account, hash cracking was able to decrypt over 90% of the passwords,

The Tech Support Scammer's Revenge

Giving a support scammer access to your PC can give you more problems than any imaginary virus, especially if you refuse to pay for his ‘service’.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

ESET Virus Radar

Archives

Select month
our experts

Rob Waugh

Aryeh Goretsky

Graham Cluley

Robert Lipovsky

Stephen Cobb

Lysa Myers

David Harley

Bruce Burrell

Sébastien Duquette

Oh Sieng Chye

Copyright © 2014 ESET, All Rights Reserved.