Tax returns: Slovakian spyware campaign

ESET’s Security Research Lab details a malware-spreading campaign leveraging the deadline for tax returns in Slovakia and examines a case of infection where a bank’s two-factor authentication prevented financial loss.

Computer viruses “are making a comeback”, says Microsoft

Computer viruses are making a comeback, according to Microsoft’s Director of Trustworthy Computing – with numbers rising globally in 2012. Tim Rains says that for several years, viruses have been “out of favour with attackers”, but points to statistics showing that they have made a comeback in 2012, at least in certain territories.

ESET Mobile Security scores full marks in banking Trojan test

ESET Mobile Security has scored full marks for detecting mobile banking threats in a group test conducted by Germany’s AV-TEST magazine, focused on detecting dangerous new banking Trojans.

Don’t save that date – bogus wedding invitations are latest spam trend but also deja vu

Emailed wedding invitations have popped back up as a way to distribute malware Will this tactic join other malware-email staples like malicious tax season messages.

Pirated software use triples – leaving PC users at risk of infection

Use of pirated and counterfeit Windows software has tripled since 2006, according to analysts IDC – creating a fertile breeding ground for malware. For the report, entitled ‘The Dangerous World of Pirated and Counterfeit Software’, IDC analysts conducted 533 tests on counterfeit software from P2P and web sources.

From flicks to clicks: Mac OS X Trojan Adware.Yontoo infects via fake codec

Protection and remediation tips for Mac OS X users targeted by a Trojan adware plugin called Yontoo hidden behind movie trailer and other media playing links, generating money for criminals exploiting online ad schemes.

Win32/Cridex: Java pushes Cyprus into a Blackhole

Banking crisis in Cyprus is now being used in a spam campaign promoting the Blackhole exploit kit and the Win32/Cridex Trojan.

Sinkholing of Trojan Downloader Zortob.B reveals fast growing malware threat

Malware infecting 25,000 computers, mostly in the United States, pumping out 80 million spam messages per hour? ESET researchers sinkhole to investigate Win32/TrojanDownloader.Zortob.B

Caphaw attacking major European banks using webinject plugin

Analysis of malicious code dubbed Win32/Caphaw (a.k.a. Shylock) attacking major European banks, with ability to automatically steal money when the user is actively accessing his banking account.

NBC.com infected with malware for more than 24 hours?

NBC.com may have sent visitors to infected URLs serving up Trojan software (RedKit) for 24 hours. At the time of this blog post ESET researchers still see some related sites similarly compromised.

Code certificate laissez-faire leads to banking Trojans

Technical analysis of malware that abuses code signing certificates normally used to positively identify a software publisher and to guarantee code is unchanged.

What do Win32/Redyms and TDL4 have in common?

At the beginning of January 2013, we started tracking the interesting Win32/Redyms trojan family. Redyms is notable for changing search results from popular search engines on infected machines.

Online Shopping and a Phishing Pheeding Phrenzy [3]

A shortened and updated version of the advice that David Harley and Andrew Lee gave to potential phish victims in an earlier paper. Part 3 of a three-part article on phishing scams old and new, and some of the ways to recognize the baited hook.

New Apple OS X Malware: Fake Adobe Flash Installer

A new attack against Apple Mac OS X Lion (10.7) has been detected by Intego. The threat is a Trojan, dubbed Flashback, installed via a fake Adobe Flash installer downloaded from a third party site. As with the MacDefender and Revir malware, the Flashback attack uses social engineering to entice the user to download then

Comment Spam: what’s in a name?

…I realize that it looks a little self-obsessed to keep writing about comment spam relating to your own blog…

MacDefender (now MacGuard) Can Install Without Credentials

The recent MacDefender Trojan has been receiving “rebranding” facelifts since it came out. It has now been deployed as MacProtector, MacDetector, MacSecurity, Apple Security Center, and there are no doubt more iterations to come. The malware has been updated, and now sports an improved UI that looks like a native Mac OSX application, unlike the

Yesterday’s Virus Hoax is Today’s Fake Utility

One of the (few) blessings of having been so long in this industry is that I remember a time when most malware was viral and Trojans were rare: so rare, in fact, that there was at one time a notorious "dirty dozen" set of Trojans.  At around the same time, there were innumerable hoaxes describing malware with

Hacking by Proxy

The BBC program Panorama last night investigated claims that the News of the World hired a hacker to break into a subject's PC to steal emails. In fact, it appears that the unnamed hacker installed a Trojan on the victim's PC. Which sounds like a fairly unequivocal breach of the Computer Misuse Act, which outlaws

Supertrojan Supersighs Me

Zeus-associated malware (and that includes SpyEye and “SpyZeuS”) isn’t supernaturally difficult to detect. It is, however, pretty adaptive and has introduced, from time to time, some innovative counter-detection techniques.

Follow us

Copyright © 2016 ESET, All Rights Reserved.