ESET Research | WeLiveSecurity

Bio

ESET Research

ESET Research

Articles by author

Firefox Add‑ons Infected

Perhaps you read the Mozilla blog at http://blog.mozilla.com/addons/2010/02/04/please-read-security-issue-on-amo/ where it was revealed that two add-ons for Firefox were infected with Trojans. In this case the distribution was very small, so not many users were infected, but this type of attack is likely to grow. A large part of the time I worked at Microsoft I

Who Is Doing It? Who? Who….?!

Every now and then, when I get a new batch of spam emails (which happens with monotonous regularity), I wonder who is clicking on those links to purchase products when they get spam emails offering great deals. Are there actually that many guys out there with erectile problems? Are there really that many people out

Can We Learn From Our Mistakes?

I've read with interest the recent developments regarding the "Aurora" exploit code. As you are probably aware this code exploits a vulnerability in Microsoft's Internet Explorer. Microsoft recently released an out-of-band patch to close off this vulnerability. Very soon after, we are seeing reports that the first widespread attacks that attempt to exploit this vulnerability

Anti‑Extortion 101

I read a story today called “Give me your money, or your computer gets it” at http://redtape.msnbc.com/2010/01/turning-hijacked-computers-into-cash-is-still-hard-work-for-most-computer-criminals-theyve-got-to-trick-the-infected-pc-into.html. While the story does offer some practical advice, it misses some critical points and gets one thing a bit wrong. The story actually talks about a couple of different “ransom” attacks. There is the case where your data

Not So Civic Minded

At least as of this writing if you paste the following line into a Google search you’ll find something interesting… "2004 Honda Accord EX-V6" $3000 site:craigslist.org An ad with the title and price shows up on almost every Craigslist site in the country and in virtually all cases the ad has been flagged for removal.

Attack Vector Recycling?

I received a fax today. Now, that may not be worthy of noting on here, apart from the fact that I hardly ever receive faxes these days. But the interesting fact is that it was sent to my US based fax number and offered me a great deal on a "New Health Plan" for only

Amazing WHAT???

An online friend of mine from China once told me they loved the song “Amazing Negro”.  It only took a moment to realize “Amazing Grace” http://www.sumo.tv/watch.php?video=3451832 was the song they were referring to. The song is best known as a “negro spiritual” and so I can understand the mental mix up, especially for one whose

Bleak News on the Password Front

In December 2009, due to miserable security practices, Rockyou.com suffered a data breach that exposed over 32 million user passwords which were then published on the internet. For a little background, if you use Face Book apps, like Superwall, Speedracing, Likeness, Hugme, or Birthday cards, MySpace apps like Glittertext, Slideshow, Photofx, and many others, as

Haiti Scammer Tries to Scam ESET Blog Readers

A little over a week ago we received a comment in response to David Harley’s blog post that read as follows: InterNations – the Network for Expatriates and Global Minds!   The Internations Management has decided to donate 10 Eurocents to Haiti for each text message!   Text "Haiti" to: +xxxxxxxxxxxx    Spread the Word!  

Operation Aurora – History Repeats

There’s been a lot in the news about “Operation Aurora”. In a nutshell, hackers used a zero day IE exploit to gain access to computers and accounts they should not have access to. There are lots of fingers being pointed at the Chinese and implications the government may have been involved. The targets included Google

Disinfecting Files

I received a couple of questions from a reader about cleaning files. I thought the topic might be of interest to more than the reader, so I decided to post and answer the questions here, as well as providing a bit more information. The first question is: When an AV cleans an infected file, why

R.I.P. IE 6

R.I.P. IE6 Targeted and sophisticated attacks against Google, Adobe, and Juniper used an unpatched vulnerability in Internet Explorer to breach computers. These incidents are receiving a lot of attention from the media much due to the size and notability of the companies affected. France, Germany and now Australia have issued guidelines and urged users to

Apple Patches Snow Leopard Security Vulnerabilities

Apple has released its first patches of 2010 and if you are running Snow Leopard I recommend you apply the patches. Apple users have the distinct advantage of Windows users of predominantly being ignored. Despite the fact that playing a malformed audio file can cause arbitrary code execution (which means your Mac is vulnerable to

Old MacDonald Bought the Farm IE IE 0‑day

There is a vulnerability in Internet Explorer that Microsoft will patch tomorrow. Normally Microsoft releases patches on the second Tuesday of each month, but in the case Microsoft is making the patch available much sooner. The most probable reason for the “out of band” patch is that this vulnerability received a ton of attention as

Mobile Malware

SC Magazine recently reported a malicious application in Google’s Android online market store http://www.scmagazineus.com/malicious-apps-found-in-googles-android-online-store/article/161001/. Due to the highly open nature of Android applications, this is going to probably be a huge problem. Here is the real irony. Many people will probably switch from Android to the iPhone because of the security concerns. Why is it

McAfee Teams Up With Facebook

You may have seen the news that Facebook is teaming up with McAfee to improve security. Frankly, providing users with McAfee’s product is not likely to do much in terms of improving security. Facebook users all over the world have access to free and paid solutions, so this isn’t likely to make a big difference.

Low Tech Theft

In this day of high tech international data theft, sometimes we forget that all of the old school attacks are still out there.  There was a stark reminder reported by Apple Insider. Apple purchasers may be at more risk because of the high dollar value of Apple computers compared to PCs. If I go to

ESET Beats Microsoft to the Punch

I recently got a new MacBook Pro and set up Windows 7 and ESET Smart Security on it. This morning when I started the computer ESET Smart Security notified me that my operating system wasn’t up to date. This was a bit of a surprise because I updated everything when I installed the operating system.

Malvertising

I recently received a couple of questions about malvertising in my askeset@eset.com. AskESET@eset.com is used only to field general security questions, I cannot and do not offer product support. Malvertising is a multi-compound word. Mal, in this case is short for malware, which means malicious software. “vertising” is the advertising portion of the word, so