Who is the April Fool?

I kept telling everyone to worry about being secure, not about Conficker. Some people listen, some don’t. So what happened over about the past 24 hours? According to ESET’s ThreatSense.Net, by about 2 PM GMT on April 1st, of the top 20 threats encountered by our users in the past 24 hours, four out of

Conficker Launches Cyber Attack Against Big Ben

In an apparent effort to cause British commuters to miss their trains, Chinese hackers have ordered the Conficker.C botnet to randomly change the time on the venerable and vulnerable Big Ben. This has caused millions of Londoners to be late for work this morning. Hey, this is no more ridiculous than trying to protect against

Watch out for the Honda Accords

Why watch out for the Honda Accords?  Well, automobile accidents are one of the leading causes of injury and death and Accords are very common cars. This sounds pretty silly, doesn’t it? I mean, wouldn’t it make sense to drive like any car is a potential threat and drive as best as you can to

Conficker Removal (Update)

[Update: it seems that people who missed the whole MS-DOS/having fun with the C> prompt and batchfiles thing are still struggling with the fact that vendors are releasing cleaning tools that are really command-line tools, so some step-by-step notes are added below.] I’m sure you’re almost as bored with this issue as I am with the

Conficker: Before the Flood (April Showers)

I don’t, of course, know for sure what’s going to happen on April 1st, when Conficker is timed, potentially, to go to its next stage of evolution. We do know, from inspecting code in the variants and subvariants that have come our way, that infected machines will be looking for instructions and updates on that date. At the very least,

Conficker Clarified

I just happened upon a blog that made an interesting point about the information that’s been made about Conficker. Essentially, the writer was fulsome in her praise of an article by Gary Hinson here, which gave some simple advice on dealing with Conficker/Downadup. As it happens, I’m familiar with the name Gary Hinson: he also contributes

Confounding Conficker

[Update: Spiegl Online reports (in German!) that the total may be as high as 50 million infected machines: however, this figure seems to be extrapolated from the number of infections picked up Panda’s online scanner. Statistically, I’m not sure it makes any sense at all to try to correlate this self-selecting sample to the total population of

Confused about Conficker?

CNN reported that there a new sleeper virus out there. http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html There is nothing sleepy about the Conficker worm, it is wide awake and looking for people who are asleep at the security wheel. CNN reports that Conficker could allow hackers to steal personal and financial data, and they also report that it “it is

Conficker a través de Autorun

Conficker (o Downadup) se ha transformado en una verdadera epidemia tal y como lo indica nuestro Reporte de amenazas de Diciembre y, en los últimos días, sus creadores han puesto énfasis en multiplicar sus técnicas de infección, ampliándolas a través de recursos compartidos, explotación de claves débiles y a dispositivos de almacenamiento removibles. Este último

Virus indetectable

Es muy común escuchar la frase “Ningún antivirus detecta este virus”. Sin embargo y tal como expliqué en troyanos indetectables, esto es una situación pasajera. Tomemos por ejemplo el siguiente gusano, no detectado en ese momento por ningún antivirus: Esto sucede porque es muy común que los desarrolladores de malware prueben sus creaciones una y

Prevenir la ejecución automática de malware a través de USB

Actualización 31/08/2009: Microsoft ha liberado un parche para realizar esta tarea automáticamente. Ver Eliminar el AutoRun para dispositivos USB. En gran porcentaje de códigos maliciosos logran infectar equipos explotando una funcionalidad incorporada en plataformas Microsoft Windows que permite la ejecución de cualquier dispositivo que sea insertado en el puerto USB. Esta funcionalidad se encuentra habilitada

Sobre INF/Autorun

Hace un tiempo nuestro laboratorio viene notando una clara confusión en torno a lo que realmente constituyen los archivos Autorun.inf, donde la confusión radica básicamente en si este archivo es o no un código malicioso. La realidad es que existen muchas aplicaciones que si bien no son desarrolladas precisamente con ánimo malicioso son aprovechadas a

Follow us

Copyright © 2016 ESET, All Rights Reserved.