Malware infecting 25,000 computers, mostly in the United States, pumping out 80 million spam messages per hour? ESET researchers sinkhole to investigate Win32/TrojanDownloader.Zortob.B
Analysis of malicious code dubbed Win32/Caphaw (a.k.a. Shylock) attacking major European banks, with ability to automatically steal money when the user is actively accessing his banking account.
NBC.com may have sent visitors to infected URLs serving up Trojan software (RedKit) for 24 hours. At the time of this blog post ESET researchers still see some related sites similarly compromised.
Technical analysis of malware that abuses code signing certificates normally used to positively identify a software publisher and to guarantee code is unchanged.
A shortened and updated version of the advice that David Harley and Andrew Lee gave to potential phish victims in an earlier paper. Part 3 of a three-part article on phishing scams old and new, and some of the ways to recognize the baited hook.
A new attack against Apple Mac OS X Lion (10.7) has been detected by Intego. The threat is a Trojan, dubbed Flashback, installed via a fake Adobe Flash installer downloaded from a third party site. As with the MacDefender and Revir malware, the Flashback attack uses social engineering to entice the user to download then
The recent MacDefender Trojan has been receiving “rebranding” facelifts since it came out. It has now been deployed as MacProtector, MacDetector, MacSecurity, Apple Security Center, and there are no doubt more iterations to come. The malware has been updated, and now sports an improved UI that looks like a native Mac OSX application, unlike the
One of the (few) blessings of having been so long in this industry is that I remember a time when most malware was viral and Trojans were rare: so rare, in fact, that there was at one time a notorious "dirty dozen" set of Trojans. At around the same time, there were innumerable hoaxes describing malware with
The BBC program Panorama last night investigated claims that the News of the World hired a hacker to break into a subject's PC to steal emails. In fact, it appears that the unnamed hacker installed a Trojan on the victim's PC. Which sounds like a fairly unequivocal breach of the Computer Misuse Act, which outlaws
UPDATE #1 Randy Abrams has posted a follow-up article, Anatomy of a Biting Bunny – The Infected Microsoft Catalog Update with additional information about how update services work, why they might distribute third-party code and what might be done to prevent malware from being distributed on services like Microsoft's Windows Update in the future. 7-FEB-2011. Last
There’s been a lot in the news about “Operation Aurora”. In a nutshell, hackers used a zero day IE exploit to gain access to computers and accounts they should not have access to. There are lots of fingers being pointed at the Chinese and implications the government may have been involved. The targets included Google
Will No-One Rid Me Of This Turbulent Hacker Tool? (http://en.wikipedia.org/wiki/Thomas_Becket) I was kind of hoping to have moved on from the iPhone data stealing hacker tool by now. While I do think it's a significant development (see http://www.eset.com/threat-center/blog/2009/11/12/iphone-hack-tool-a-postscript), there comes a point where the sheer volume of discussion of the subject gives it more importance
Our guys in Bratislava have issued a press release about one of the latest examples of the current wave of Excel exploits, which we detect as X97M/TrojanDropper.Agent.NAI. When the malicious Excel document is opened, it drops the backdoor Trojan we call Win32/Agent.NVV, which allows a remote attacker to get access to and some control over the
A few days ago, I promised (threatened) to make some general points about biasing test results, but travel and other obligations have been getting in the way. I’ll get back to that very shortly, but in the meantime, I want to look at an issue with the latest round of Microsoft patches that I was