ESET Research | WeLiveSecurity

Bio

ESET Research

ESET Research

Articles by author

Will You Install a Bot for Money?

SETI@home (http://setiathome.berkeley.edu/) and Folding@home (http://folding.stanford.edu/) are interesting, if not cool uses of technology, but they do bear a striking resemblance to a nefarious threat called a botnet. Now with Sony contemplating a commercial “PS3 Grid”  (http://blogs.pcworld.com/digitalworld/archives/2007/04/sony_looking_to.html) one wonders where the lines will blur. There are similarities between a botnets, SETI, Folding@home. The term botnet is

Microsoft Reports The Worst Virus Ever

I received a question about the validity of a warning a friend received and thought it might be useful to share some information about spotting hoaxes. The text of the email is quoted in bold red below. Key hoax indicators. “PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS:” The above sentence already puts this

Tick Tock Computer or Clock?

The “oh so scary” iPod virus is less proficient at spreading than the news around it. George Santayana was quite smart man. George was the guy who said “”Those who cannot remember the past are condemned to repeat it” and the media has been repeating (as in retelling) history in reporting the “iPod virus”. Modern

The Masquerade Party

 Kurt Wismer is “a long time member of the anti-virus community”, a very knowledgeable computer scientist, and all around good guy. Bad guys don’t post things like links to movies of infrared pictures of farts now, do they? http://place-guid-here.blogspot.com/2007/01/have-you-ever-wondered.html. I posted a link to a web site, noticed that there was a typo, fixed the

VD (Vulnerability Disease)

Microsoft Security Advisory (935423) – Vulnerability in Windows Animated Cursor Handling This is a very serious vulnerability that is almost certainly to be exploited on a wide scale basis. If the vulnerability were limited to animated cursors alone it would not be as serious, but there are reports of jpg files, which are very commonly

AskESET, have you heard of this virus?

I received the following on askeset@eset.com from James G. I have been hit by the following virus: (not on this PC) vxaudio.exe Have you ever heard of this? Hi James, I am not familiar with a virus named vxauio.exe, but that looks a whole lot like a file name. File names are almost never reliable

Identity Theft and Security

A friend was recently the unfortunate victim of credit card theft. I haven’t yet found a fortunate victim, but ultimately there is bound to be a criminal stupid enough to deposit money into a stolen account J In today’s online world, unless you can determine how the credit card theft occurred you really must assume

Good Directions? Priceless!

Fatigues – $28 Army boots -$129 GPS – $249 Good directions? Priceless It seems the Swiss accidentally invaded Liechtenstein (http://www.cbsnews.com/stories/2007/03/02/world/main2530066.shtml). Now this is funny first and foremost because nobody got hurt. There were lots of other reasons it was funny too. For example, a neutral nation invading an unarmed nation is a rather comedic situation.

3 years later and you still don’t have a name?

From time to time we get comments in response to blog postings. Sometimes we get questions. One such question received today not only requires a reply, but I feel deserves a blog entry as it is the kind of question that when answered can help a lot of people understand more. The question, posted as

What is Proactive Detection and Why Do You Need it?

In the antivirus industry one of the terms we use is “heuristics”. This is a fancy word for “how we detect bad programs that we have never seen before”. The ability to detect bad programs before we have ever seen them is proactive detection. We write the detection before the threat exists. How we can

Vulnerabilities, Exploits, and Infections

How can you tell if you are infected with a vulnerability? It is easy, you are not, and you do not get infected by vulnerabilities. So what are vulnerabilities then and why do they matter? The presence of a vulnerability simply means that you may be able to be attacked. Cars are vulnerable to being

The Moral Composition of a Spyware Purveyor

DirectRevenue, possibly former adware/spyware purveyor, settled Federal Trade Commission (FTC) charges of unfair and deceptive trade practices of installing unwanted and unsolicited spyware unto consumers’ computers. http://www.internetnews.com/bus-news/article.php/3660481 FTC Commissioner Jon Leibowitz voted against the deal because he alleges that DirectRevenue was still keeping about 20 million dollars in ill-gotten gains. What is interesting is the

More on the Norwich Witch Hunt

The case of Julie Amero has drawn national attention and deserved outrage. I have wracked by brain to try to come up with some tips for teachers to help protect themselves from situations like this where an incompetent administration completely fails the teachers, students, and parents.  Every teacher in America, especially those in Connecticut, should

Beware of Anna Nicole Smith Malware

Anna Nicole Smith died today and that means the scum of the internet will be out in force. History has taught us to expect a barrage of attacks coming in the form of email with attachments and/or links. The likely attack scenarios will be email messages claiming to have pictures of Smith’s dead body, or

Super Bowl Dolphin Stadium Website Trojan

A Trojan was recently planted on the web page of the Miami Dolphin’s Super Bowl web site. The Trojan was a script that would download a malicious file onto the user’s computer – if the user was not current on their security patches or not using NOD32. Websense first identified the compromised website through the

Mea Culpa

Some of you may notice that the blog entry “I See Antivirus Software in the Vista” has been changed. I made a mistake in referring to Vista Kernel Patch Protection (KPP) in Windows Vista 32-bit. There is no KPP in Windows Vista 32-bit edition. Rather than leaving inaccurate information up on the blog I have

Shhh – it’s a Secret!

There was recently a private meeting of security professionals hosted by Microsoft. This private meeting, complete with a public website has been called a “secret” meeting by some. Hmmm, secret meeting with a published agenda (http://isotf.org/isoi2.html) complete with date, time, location, and speakers. Some secret huh? Who was there and why did they meet? That

So You Have An Undetected Virus?

From time to time all anti-virus companies run into the situation where a user tells them that their product is not detecting some virus. Typically the user also wants to know why it isn’t detected when another product catches it. These inquiries rarely provide enough information to result in a meaningful answer. There can be