tag
Bratislava

Painful Facebook Malware? Only When I Laugh.

Juraj Malcho, Head of Lab at Bratislava, reports: We've just encountered what appears to be a new Facebook scam in the wild. As of this moment we haven't seen any malicious content being served, but the content is changing even as I’m writing this post and it’s likely to serve malware soon. It spreads by adding

Twitter Botnet Update

[Update: Alex Matrosov has posted screenshots of the Twebot update at http://twitpic.com/1ousmx and http://twitpic.com/1ouse5.] Juraj Malcho, the Head of our Lab in Bratislava, reports that there have been further developments regarding the tool for creating Twitter-controlled bots described by Jorge Mieres and Sebastián Bortnik, Security Analysts at ESET Latin America, in an earlier blog at http://www.eset.com/blog/2010/05/14/botnet-for-twits-applications-for-dummies.

McAfee FP news misused for more SEO poisoning

We're now seeing a fiercely concentrated Blackhat SEO campaigns exploiting the McAfee False Positive (FP) problem. Juraj Malcho, our Head of Lab in Bratislava, reports that in a Google search like the one I've screendumped above, he got three malicious hits in the top ten (the same ones captured here: of course, the malicious domain

McAfee and SEO poisoning: there but for the grace…

ESET is not going to try to capitalize on McAfee's unfortunate false positive problem (and nor, I'm sure, is any other reputable vendor). Such problems can arise for any AV vendor: it's an inevitable risk when you're trying to walk the line between the best possible detection of threats and avoidance of false detections (someone please

We are not Zimused – a few updates

My colleague Juraj Malcho, head of lab in Bratislava, has clarified a point: what Zimuse actually does is fill the first 50Kb of a targeted disk with zeroes (actually the 0×00 character): This does indeed overwrite the MBR, but also overwrites anything else that occupies that area of the disk. The malware came to ESET's attention because

Bemused by Zimuse? (Dis is not one half)

Now here's a curiosity. Win32/Zimuse is a worm that exists in two variants, innovatively entitled Win32/Zimuse.A and Win32/Zimuse.B. In some ways it's a throwback to an earlier age, since it overwrites the Master Boot Record on drives attached to an infected system with its own data, so that data on the system becomes inaccessible without the

…and Talking of Bratislava

This is a research blog, not a marketing blog. Not that there isn’t a place for marketing (that’s what pays our salaries, in a sense!) and marketing blogs, but my guess is that most of our readers here would get bored quite quickly if we spent too much time on press-release type material, our latest

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

4 articles related to:
Hot Topic
21 May 2010
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.