ESET Research | WeLiveSecurity

Bio

ESET Research

ESET Research

Articles by author

Privacy is not in the Cards

I decided to download the card game Solitaire (by ZenTech Labs) on my Android based phone. Being a free app it is paid for by advertising. When you play the game there is always a banner ad at the bottom of the screen. One of the ads caught my eye. It said “Leslie2088 is .7

How Do You Find 200,000 Unique Samples a Day?

I recently received a couple of questions about signatures from a reader. 1- You said that ESET receives around 200000 unique malware samples daily, so does ESET detect most of them or detect only the malwares that their signatures are listed here: http://www.eset.com/threat-center/threatsense-updates ? 2- Nowadays why signatures are written? Are they written to detect

MotoSpeak and Sing and Run Random Apps?

In addition to recently getting a Droid 2, I purchased a Motorola H17txt Bluetooth headset. When used with a Blackberry or an Android based phone you can download and install an application called MotoSpeak that will read text messages and emails through the H17TXT. Before you go looking for such a headset be warned, there

You Have to be a Real Cool Cat!!!

You have to be a real cool cat to get into the Cambridge Who’s Who registry. A few months ago I received a spam message from whoswhopublication@gmail.com.  A legitimate Who’s Who organization is very unlikely to be using a Gmail address and they wouldn’t have sent the email to AskESET. Here’s the email: You were

Open Source Malware Fingerprinting – Free Tool

In my ever-widening circle of anti-cybercrime methodology this particular approach to attribution of the criminals looting the free world makes me particularly gleeful and I can’t wait to spread the good news: Security company HBGary today released an open source tool to digitally fingerprint malicious code and help identify the source of the malware. The

Share Your Password, Spam Your Friends

Time and time again security experts warn you not to share your password with anyone, yet sites like Facebook are always encouraging you to give them the password of an account that is not a Facebook account… your email account. You’ve probably seen the screen shot below on your Facebook friends page. It is asking

The Strange Case of the Droid 2 Password Lock

When I first got my Droid I went to set up my security. The first thing I do with a new mobile phone is set it up to require a password to unlock the device. I also set a timeout so that after a few minutes of inactivity the phone will automatically lock itself. If

Android Application Security

Installing an application on an iPhone is a bit different than installing an application on an Android based system. With the iPhone you go to the App Store, select your application (and pay if required) then download and install it. For the Android based phones you go to the Android Market, select your application, download

I’m Picking Up Good Vibrations

As I previously blogged, there is a serious security flaw in the way that the Android 2.2 OS is implemented, at least on the Motorola Droid 2. If you want to require a password to unlock the phone, and you hit the lock key, it takes at least two minutes before unlocking the phone will

Facebook Friending Gets A Guy Some Jail Time

Believe it or not, this cybercrime has some twists reminding all of us to beware the estranged techie ex who decides to hack email or instant messaging accounts and then escalate to Facebook friending. Enter Harry W Bruder. This handsome devil is in his mid fifties, proving that not every Facebook user is a college

Will France Spy on You?

Apparently France has some new legislation surrounding pirated software. I applaud reasonable approaches to combating piracy, but it appears that France may be ready to make public the answer to the question “Will Anti-virus ignore government Trojan horse programs?” I first saw the story at http://yro.slashdot.org/story/10/08/05/152255/Tech-Specs-Leaked-For-French-Spyware and the story was picked up from http://www.techdirt.com/articles/20100804/04205910492.shtml. If

Inter‑Species Marriage

This old dog is learning some new tricks, and no, I am not talking about animal husbandry or bestiality. In the past few months I got a MacBook Pro, switched from Windows XP to Windows 7 and now I have a Droid 2 attached to my hip, so technically I am not married to an

When Hell Freezes Over!

I received an email today that was funny to me, but not to someone who is unsuspecting. I’ll let you read it. —–Original Message—– From: Ann Price [mailto:ann.price@topspot-promotions.net] Sent: Thursday, August 12, 2010 7:14 AM To: AskESET Subject: Placing advertisements on blog.eset.com Greetings, Topspot-Promotions, an established advertising company, would like to pay you for placing

How to Screw Up and Skew a Test

Even as AMTSO attempts to bring some qualified and competent guidance to testing methodologies, and individuals with an agenda or paranoia invent stories about why it is not good, we see more completely incompetent testing. I refer this time to the test that Steve Ragan wrote about at http://www.thetechherald.com/article.php/201031/5979/Anti-Virus-industry-lacking-when-it-comes-to-detection-says-report. The test performed by Cyveillance, who

How Much Security Do You Need?

Recently I received the following question from a reader: Hello Randy, I use Verizon Wireless  Broadband on my Vista OS laptop . For security I use NOD32 Anti Virus and Windows Firewall. Are these adequate or do I need any other security tools? The short answer is “I don’t know”. Why don’t I know? Because

One Billion Blocked – Malware and IE 8

Every layer of protection you add will harden the target against cybercrime. SmartScreen technology found in Internet Explorer 8 has recently clocked over 1 billion blocked potential malware downloads from malicious sites. By way of Terry Zink’s blog: 1 billion malware blocks is an amazing milestone and an example of two things. First socially engineered

Multi‑level Cybercrime

I just blogged about a potential new Facebook worm. It may turn out that it is not a worm, but another type of attack that involves multiple levels of criminal organizations, which to some degree are being aided by the privacy laws in the Holland. To begin with there are stolen credential attacks. The two

Is Facebook Making a Funny Face?

There may be a new worm on Facebook today. Unfortunately I don’t yet have enough data to be conclusive. A friend received an IM from a friend on Facebook that said “Hey i just made myself a cartoon omg lol ill show you but you gotta do urs too” The IM also included a link

Assessing Intent

There have been recent articles with fantastic titles such as “New threat: Hackers look to take over power plants” and “Hackers Target Power Plants and Physical Systems” in the wake of the Stuxnet worm that targeted certain industrial control systems (ICS). The reality is that hackers targeting ICS is nothing new. I am not clear