ESET Research | WeLiveSecurity


ESET Research

ESET Research

Articles by author

The Sleazy, Sneaky, Facebook Marketing Brigade

My good friend David Harley just blogged about Facebook’s brand new way to misappropriate your data without your consent. Alas, in underestimating how far Facebook will go to attempt to avoid allowing you to control your privacy, David missed the second setting that is required if you do not want Facebook to decide what companies

Smart Phone, Bad App

As the number of apps for smartphones continues to grow, perhaps your paranoia about such apps should be growing as well. In an unusual statement, the former director of the CIA has warned that the government isn’t sharing enough information about cyber security. In an article at, retired four-star Gen. Michael Hayden is quoted

Sticky Criminals

CBS in San Francisco is reporting a rather novel cash machine attack. . It seems that crooks are applying superglue to the clear, enter, and cancel buttons on cash machines at banks. A customer goes to the cash machine, inserts their card and enters their PIN. Then the victim notices the enter key is not

Politicians Better at Security than Twitter, Yahoo, and Amazon

Recently Senator Schumer from New York wrote a letter ( to Twitter, Yahoo, and Amazon asking them to make SSL the default for internet connections. What this means is that instead of an http connection they should provide and https connection by default. This is important because with http connections you are exposed to risk Survives DDOS Attack is a popular blogging host. Recently, for unknown reasons miscreants launched a massive distributed denial of service attack (DDOS) against According to TechCrunch ( is responsible for 10% of the websites in the world. So far I have not seen anyone take responsibility for the attacks. With so many websites being hosted

The iPad 2 is Not Free

George Santayana was a really smart philosopher. He is best known for his quote “Those who cannot remember the past are condemned to repeat it”. If you want to learn a little something from the past so as not to repeat other people’s mistakes then you can read Aryeh’s blog from when the first iPad

Should You Install Windows 7 Service Pack 1?

Unlike Windows XP service pack 2, which included significant security updates, or Windows XP service pack 3 which is required for support from Microsoft, Windows 7 service pack 1 does not have any significantly compelling updates for most users. If you do not regularly use automatic updates to keep your operating system up to date,

Get a Free iPad on Facebook!

Really, all you have to do is talk someone into giving you their iPad, but you’re not going to get one if you fall for the spam that has been going around on Facebook recently. There have been many of the spam scams over the years. Usually the spam is sent from a hijacked account,

RSA 2011 Security Conference and Trade Show

Today kicks off the RSA conference in San Francisco. This is the 20 anniversary for the RSA conference. RSA stands for Rivest, Shamir and Adleman, who invented RSA encryption. The RSA conference and trade show has grown from an encryption focused conference to one which includes virtually every aspect of digital security. As has been

Cloud Computing – A Bit of Education

On Thursday I will be participating in a cloud computing security discussion. The virtual event is free and you can register for it at The entire agenda for the event can be found at Do note that the times listed are EST. I will be participating between 2:45 and 3:30 PM EST. Even

Change your Facebook account settings for better privacy and security

Update 6/1/2011: Paul Laudanski has published an extensive guide to Facebook privacy, which is quite a remarkable feat since there is precious little privacy on Facebook :) Little privacy, but a whole lot of settings! Check it out at Facebook comes up a lot in this blog. Recently I wrote about the Hidden Face

When Technology Fails: Mobile Death Trap

People place way too much trust in technology. We see that time and time again as phishing attacks and rogue security programs  proliferate. Identity theft can be one of the more extreme results of believing a computer that told you the email came from a friend, but another technology can cause death if you trust

Internet Kill Switch – Armageddon Will Have To Wait

In recent months there has been a lot of discussion in the US about an Internet kill switch. The real idea behind the kill switch is not to protect the infrastructure as claimed, but rather for political control such as has been recently observed in Egypt and other countries. Proponents of the Internet kill switch

You Have the Right to Remain Silent, but You Won’t

Did you know that what you post on Facebook can be used as evidence in a court of law? At least that is the case in the US. Ironically I found the story on an Australian web site :) The story at,facebook-posts-mined-for-court-case-evidence.aspx is well worth reading. It is not only your public messages than

Microsoft Security Advisory (2501696)

There is a new vulnerability that affects all supported versions of Windows and some unsupported versions. For you techies the “Vulnerability in MHTML Could Allow Information Disclosure” advisory is at If you are not a techie you might want to take a look and see how much you can understand. By reading the security

The Hidden Face of Facebook Security

Facebook actually does have some exceptionally talented security professionals. They have almost no depth in privacy, but they have real security talent. A part of the problem is that the Facebook culture is anti-security and that is a very tough obstacle for their security professionals. Facebook security is by marketing design. Take a look at

The Sound of a Credit Card

A recent article at describes how an attack against Android based phones might be able to capture your credit card information even when you speak it into the phone. The interesting thing about this proof of concept is not that the application can capture voice details, but rather that it uses a second application

X Rated

No, this is not about porn, but rather about Adobe. The newest version of Adobe’s PDF reader is called Adobe X. If you are like me, your copy of Adobe Reader (or Adobe Acrobat) did not automatically upgrade to the newest version. Adobe X incorporates a sandboxing technology to try to help mitigate the numerous

MPack, the great hype generator

There has been a lot of hype around MPack. As a result consumers are asking anti-virus vendors if they detect it. For the average consumer detecting MPack is of no value. MPack was reportedly found on over 10,000 web servers, however not a single visitor to those sites was infected with MPack. MPack is only

Complaint from the Better Business Bureau

Over the weekend, one of ESET’s executives had an interesting surprise in their mailbox: A complaint from the Better Business Bureau (BBB). ESET is a BBB member, so we periodically receive e-mail from them. In this case, though, the email was not a newsletter or membership renewal notification. The e-mail stated that a consumer had

Sometimes Justice Prevails

Back in February I blogged about the Julie Amero trial. On June 6th her defense team’s motion for a new trial was granted by the judge in the case. This means that the conviction has been set aside (overturned) and it is up to the state to try the case again or dismiss charges. The

ESET Gains 43rd Virus Bulletin VB100 Award

Some of you witnessed the unexpected – ESET missed a VB100 in the April VB Linux comparative due to a false positive in the clean set. We are pleased to announce that following discussions with the staff of Virus Bulletin they have reversed that decision and granted ESET our 43rd VB100 award. The Virus Bulletin web

Spambot Games – so far

Did the spambots guess the answers to my questions? I think not. I tried the following two questions: 7/0= Got Milk In both cases the answer I specified as correct was “quue792mcow9up4esbbrkjldjb,dzrrkjrenjl407niuvdopinejnvf DHOIVNN;LN;ND” I’m pretty certain that the spambots did not have time to crack the question, so now it is time to find out

Spambot Games

Blog spambots are programs that automatically post comments to blogs. They are basically stupid programs written by people whose own mothers would rather not acknowledge their existence. At any rate, they are a hassle for bloggers who allow comments. There are a variety of techniques to automatically delete the spam posts, but they have advantages

If You Swim in the Sewer…

Tragedy brings out the both the best and the worst in people. In the wake of the tragedy at Virginia Tech sewer-dwelling vermin are registering and selling domain names related to Virginia Tech, but they aren’t the threats. The floaters these sewer-dwelling vermin are swimming with are the jerks trying to use social engineering to

Will You Install a Bot for Money?

SETI@home ( and Folding@home ( are interesting, if not cool uses of technology, but they do bear a striking resemblance to a nefarious threat called a botnet. Now with Sony contemplating a commercial “PS3 Grid”  ( one wonders where the lines will blur. There are similarities between a botnets, SETI, Folding@home. The term botnet is

Microsoft Reports The Worst Virus Ever

I received a question about the validity of a warning a friend received and thought it might be useful to share some information about spotting hoaxes. The text of the email is quoted in bold red below. Key hoax indicators. “PLEASE FORWARD THIS WARNING AMONG FRIENDS, FAMILY AND CONTACTS:” The above sentence already puts this

Tick Tock Computer or Clock?

The “oh so scary” iPod virus is less proficient at spreading than the news around it. George Santayana was quite smart man. George was the guy who said “”Those who cannot remember the past are condemned to repeat it” and the media has been repeating (as in retelling) history in reporting the “iPod virus”. Modern

The Masquerade Party

 Kurt Wismer is “a long time member of the anti-virus community”, a very knowledgeable computer scientist, and all around good guy. Bad guys don’t post things like links to movies of infrared pictures of farts now, do they? I posted a link to a web site, noticed that there was a typo, fixed the

VD (Vulnerability Disease)

Microsoft Security Advisory (935423) – Vulnerability in Windows Animated Cursor Handling This is a very serious vulnerability that is almost certainly to be exploited on a wide scale basis. If the vulnerability were limited to animated cursors alone it would not be as serious, but there are reports of jpg files, which are very commonly

AskESET, have you heard of this virus?

I received the following on from James G. I have been hit by the following virus: (not on this PC) vxaudio.exe Have you ever heard of this? Hi James, I am not familiar with a virus named vxauio.exe, but that looks a whole lot like a file name. File names are almost never reliable

Identity Theft and Security

A friend was recently the unfortunate victim of credit card theft. I haven’t yet found a fortunate victim, but ultimately there is bound to be a criminal stupid enough to deposit money into a stolen account J In today’s online world, unless you can determine how the credit card theft occurred you really must assume

Good Directions? Priceless!

Fatigues – $28 Army boots -$129 GPS – $249 Good directions? Priceless It seems the Swiss accidentally invaded Liechtenstein ( Now this is funny first and foremost because nobody got hurt. There were lots of other reasons it was funny too. For example, a neutral nation invading an unarmed nation is a rather comedic situation.

3 years later and you still don’t have a name?

From time to time we get comments in response to blog postings. Sometimes we get questions. One such question received today not only requires a reply, but I feel deserves a blog entry as it is the kind of question that when answered can help a lot of people understand more. The question, posted as

What is Proactive Detection and Why Do You Need it?

In the antivirus industry one of the terms we use is “heuristics”. This is a fancy word for “how we detect bad programs that we have never seen before”. The ability to detect bad programs before we have ever seen them is proactive detection. We write the detection before the threat exists. How we can

Vulnerabilities, Exploits, and Infections

How can you tell if you are infected with a vulnerability? It is easy, you are not, and you do not get infected by vulnerabilities. So what are vulnerabilities then and why do they matter? The presence of a vulnerability simply means that you may be able to be attacked. Cars are vulnerable to being

The Moral Composition of a Spyware Purveyor

DirectRevenue, possibly former adware/spyware purveyor, settled Federal Trade Commission (FTC) charges of unfair and deceptive trade practices of installing unwanted and unsolicited spyware unto consumers’ computers. FTC Commissioner Jon Leibowitz voted against the deal because he alleges that DirectRevenue was still keeping about 20 million dollars in ill-gotten gains. What is interesting is the