ESET Research | WeLiveSecurity


ESET Research

ESET Research

Articles by author

Spambot Games – so far

Did the spambots guess the answers to my questions? I think not. I tried the following two questions: 7/0= Got Milk In both cases the answer I specified as correct was “quue792mcow9up4esbbrkjldjb,dzrrkjrenjl407niuvdopinejnvf DHOIVNN;LN;ND” I’m pretty certain that the spambots did not have time to crack the question, so now it is time to find out

Spambot Games

Blog spambots are programs that automatically post comments to blogs. They are basically stupid programs written by people whose own mothers would rather not acknowledge their existence. At any rate, they are a hassle for bloggers who allow comments. There are a variety of techniques to automatically delete the spam posts, but they have advantages

If You Swim in the Sewer…

Tragedy brings out the both the best and the worst in people. In the wake of the tragedy at Virginia Tech sewer-dwelling vermin are registering and selling domain names related to Virginia Tech, but they aren’t the threats. The floaters these sewer-dwelling vermin are swimming with are the jerks trying to use social engineering to

Will You Install a Bot for Money?

SETI@home ( and Folding@home ( are interesting, if not cool uses of technology, but they do bear a striking resemblance to a nefarious threat called a botnet. Now with Sony contemplating a commercial “PS3 Grid”  ( one wonders where the lines will blur. There are similarities between a botnets, SETI, Folding@home. The term botnet is

Microsoft Reports The Worst Virus Ever

I received a question about the validity of a warning a friend received and thought it might be useful to share some information about spotting hoaxes. The text of the email is quoted in bold red below. Key hoax indicators. “PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS:” The above sentence already puts this

Tick Tock Computer or Clock?

The “oh so scary” iPod virus is less proficient at spreading than the news around it. George Santayana was quite smart man. George was the guy who said “”Those who cannot remember the past are condemned to repeat it” and the media has been repeating (as in retelling) history in reporting the “iPod virus”. Modern

The Masquerade Party

 Kurt Wismer is “a long time member of the anti-virus community”, a very knowledgeable computer scientist, and all around good guy. Bad guys don’t post things like links to movies of infrared pictures of farts now, do they? I posted a link to a web site, noticed that there was a typo, fixed the

VD (Vulnerability Disease)

Microsoft Security Advisory (935423) – Vulnerability in Windows Animated Cursor Handling This is a very serious vulnerability that is almost certainly to be exploited on a wide scale basis. If the vulnerability were limited to animated cursors alone it would not be as serious, but there are reports of jpg files, which are very commonly

AskESET, have you heard of this virus?

I received the following on from James G. I have been hit by the following virus: (not on this PC) vxaudio.exe Have you ever heard of this? Hi James, I am not familiar with a virus named vxauio.exe, but that looks a whole lot like a file name. File names are almost never reliable

Identity Theft and Security

A friend was recently the unfortunate victim of credit card theft. I haven’t yet found a fortunate victim, but ultimately there is bound to be a criminal stupid enough to deposit money into a stolen account J In today’s online world, unless you can determine how the credit card theft occurred you really must assume

Good Directions? Priceless!

Fatigues – $28 Army boots -$129 GPS – $249 Good directions? Priceless It seems the Swiss accidentally invaded Liechtenstein ( Now this is funny first and foremost because nobody got hurt. There were lots of other reasons it was funny too. For example, a neutral nation invading an unarmed nation is a rather comedic situation.

3 years later and you still don’t have a name?

From time to time we get comments in response to blog postings. Sometimes we get questions. One such question received today not only requires a reply, but I feel deserves a blog entry as it is the kind of question that when answered can help a lot of people understand more. The question, posted as

What is Proactive Detection and Why Do You Need it?

In the antivirus industry one of the terms we use is “heuristics”. This is a fancy word for “how we detect bad programs that we have never seen before”. The ability to detect bad programs before we have ever seen them is proactive detection. We write the detection before the threat exists. How we can

Vulnerabilities, Exploits, and Infections

How can you tell if you are infected with a vulnerability? It is easy, you are not, and you do not get infected by vulnerabilities. So what are vulnerabilities then and why do they matter? The presence of a vulnerability simply means that you may be able to be attacked. Cars are vulnerable to being

The Moral Composition of a Spyware Purveyor

DirectRevenue, possibly former adware/spyware purveyor, settled Federal Trade Commission (FTC) charges of unfair and deceptive trade practices of installing unwanted and unsolicited spyware unto consumers’ computers. FTC Commissioner Jon Leibowitz voted against the deal because he alleges that DirectRevenue was still keeping about 20 million dollars in ill-gotten gains. What is interesting is the

More on the Norwich Witch Hunt

The case of Julie Amero has drawn national attention and deserved outrage. I have wracked by brain to try to come up with some tips for teachers to help protect themselves from situations like this where an incompetent administration completely fails the teachers, students, and parents.  Every teacher in America, especially those in Connecticut, should

Beware of Anna Nicole Smith Malware

Anna Nicole Smith died today and that means the scum of the internet will be out in force. History has taught us to expect a barrage of attacks coming in the form of email with attachments and/or links. The likely attack scenarios will be email messages claiming to have pictures of Smith’s dead body, or

Super Bowl Dolphin Stadium Website Trojan

A Trojan was recently planted on the web page of the Miami Dolphin’s Super Bowl web site. The Trojan was a script that would download a malicious file onto the user’s computer – if the user was not current on their security patches or not using NOD32. Websense first identified the compromised website through the