Android Smartphones are under attack again by rogue applications that once installed are reading information from the phone and sending it back to a pre-assigned location. According to mobile security firm as many as 120,000 users may have been infected from a cafeteria selection of at least two dozen applications from the Android Market. “Once

One of the (few) blessings of having been so long in this industry is that I remember a time when most malware was viral and Trojans were rare: so rare, in fact, that there was at one time a notorious "dirty dozen" set of Trojans.  At around the same time, there were innumerable hoaxes describing malware with

The US Department of Justice's announcement yesterday of the takedown of the command and  control (C&C) servers for the Coreflood bots (detected by ESET as Win32/AFCore) and seizure of their domains marks another step in the growing awareness that crime, whether it is committed with bullets or with botnets, is still crime.  This particular botnet,

Here’s a little information from ESET’s point of view about the Coreflood botnet, whose C&C (Command and Control) servers were taken down yesterday by the Department of Justice. The Coreflood bot is detected by ESET products as Win32/Afcore and has been active since the early years of the last decade (certainly since 2001), though our

The BBC program Panorama last night investigated claims that the News of the World hired a hacker to break into a subject's PC to steal emails. In fact, it appears that the unnamed hacker installed a Trojan on the victim's PC. Which sounds like a fairly unequivocal breach of the Computer Misuse Act, which outlaws

Pierre-Marc tells me that he has received two malware samples that grabbed his attention due to their resemblance to Storm/Waledac.

The Lookout Mobile Security company is reporting a new trojan horse program that runs on Android based phones. The novel thing about this trojan is that it has enough functionality to allow the criminals to assemble an Android based botnet. This really should come as no surprise. The Android is not a phone with web

…This paper, presented at the Annual Computer Security Applications Conference (2010) … discusses alternative approaches to understanding botnet mechanisms, using “in the lab” experiments involving at-scale emulated botnets…

The paper presents an alternative approach to botnet research, employing “in the lab” experiments involving at-scale emulated botnets.

…behaviour like this has been observed in other versions of Zeus. The really interesting discovery in this case is associated with the way in which these samples search for logical devices attached to an infected computer….