We clarify that the Linux/Cdorked backdoor malware leaves no traces on the hard drive “other than its modified httpd binary” which can be scanned for detection in several ways.

Analysis of a malicious backdoor serving Blackhole exploit pack found on Linux Apache webserver compromised by malware dubbed Linux/Cdorked.A, together with remediation tool and techniques.

We’ve just come across an IRC controlled backdoor that enables the infected machine to become a bot for Distributed Denial of Service attacks. The interesting part about it is that it’s a Mach-O binary – targeting Mac OS X. ESET’s research team compared this to samples in our malware collection and discovered that this code

New stolen digital certificates are used by the multi-purpose backdoor Qbot. The criminals behind the Qbot trojan are certainly not inactive. As I mentioned in a blog post earlier this month, after a quiet summer we have seen a batch of new Qbot variants. An interesting fact is that the malicious binaries were digitally signed.

Sebastián Bortnik, Security Analyst at ESET Latin America, has shared with me his translation of an FAQ written with Cristian Borghello, ESET Latin America'sTechnical and Educational Manager, about the malware ESET NOD32 detects as Win32/Induc.A. I've done a little cosmetic editing on the original and added quite a lot of material (so any mistakes and