Malware | WeLiveSecurity

Malware

You are the weakest link…

Greetings, friends and fiends. It's been a while since I've been able to blog: I've been trying out one of these vacation thingies that I keep reading about in travel magazines. (Well, my wife does, and she tells me when I need a holiday, presumably as my conversations get grouchier.) But I see that my

Get Your Motor Running

Ford Motor Company has recently announced that later this year it will be producing cars with built-in WiFi capabilities. Since 2008, the first generation of this system enabled owners of certain Ford, Lincoln & Mercury vehicles to connect media players & bluetooth devices to their entertainment systems. This second generation of its so called Sync

Malvertising

I recently received a couple of questions about malvertising in my askeset@eset.com. AskESET@eset.com is used only to field general security questions, I cannot and do not offer product support. Malvertising is a multi-compound word. Mal, in this case is short for malware, which means malicious software. “vertising” is the advertising portion of the word, so

(Fake) Videos of Berlusconi attack

It is public knowledge that the Italian Prime Minister Silvio Berlusconi was hit in the face which left him with facial injuries, a broken nose and several broken teeth. The video of the attack is circulating on the Internet but at this time, if you search for them on any search engine it is possible

The Blame Game

I recently learned a new acronym: SODDI (Some Other Dude Did It). What this refers to is the defense that criminals routinely use (plausible deniability) – and even more so when it comes to illicit activities on the Internet. On Sunday, November 8th 2009 the Associated Press published an article regarding an individual that was

Fake Windows Update

[Update: I notice that at about the same time that I posted this, Sophos also flagged a blog reporting a somewhat similar fake update for Microsoft Outlook/Outlook Express (KB910721). The message is a lot different and links to a different site pretending to be Microsoft’s update site, but is clearly not to be trusted. So the

September’s Global Threat Report

ESET released its Global Threat Report for the month of September, 2009, identifying the top ten threats seen during the month by ESET’s ThreatSense.Net™ cloud.  You can view the report here and, as always, the complete collection is available here in the Threat Trends section of our web site.  While the report identifies a number

Do You Wear a Seatbelt?

Modern cars are designed with crumple zones. These crumple zones help to decrease the risk of death in a severe car accident. Modern cars also have airbags. The airbags reduce your risk of death or injury in the case of an accident. If you don’t use a seatbelt your airbag and crumple zone are unlikely

CFET paper added to White Papers Page

We’ve just added my paper “The Game of the Name: Malware Naming, Shape Shifters and Sympathetic Magic” to the White Papers page. This paper follows up on “A Dose By Any Other Name“, which Pierre-Marc and I presented at Virus Bulletin last year and goes some way towards explaining (I hope…) why sample glut and proactive

Is Apple’s Snow Leopard Immune to Malware?

There is an interesting and humorous work of fiction at http://www.appleinsider.com/articles/09/09/07/inside_mac_os_x_snow_leopard_malware_protection.html. Humorous as long as you don’t believe it! The article starts out saying “Safari, like other modern browsers, already flags certain websites that are known to be used to distribute malicious software”. That’s a nice layer of defense, but there are sites many sites

M(b)ac(k) to the future

Mac security firm Intego blogged about Apple’s decision to include an antimalware component in Mac OS X 10.6 "Snow Leopard" and we agree that it is a good step, security-wise, to provide some basic protection against malware.  Apple has long mocked Microsoft, up to and including this 2006 advertisement which implied there were no viruses

Slideshare Responses

We’ve had reassuring responses from Slideshare about the recent problem with a malicious slide deck and the company’s timely removal of the malicious account. You can find these in the comments to the previous blogs on the subject, but as many people who saw the original blog won’t necessarily go back to check on comments,

Looking for Trouble?

You probably aren’t looking for trouble, but there’s a good chance you’ll find it when you search the internet. An article in Information Week http://www.informationweek.com/news/security/vulnerabilities/showArticle.jhtml?articleID=218700239&cid=RSSfeed_IWK_All it was reported that the bad guys are trying to make sure their bad web pages come up when you search common terms on the internet. In this case the

Research and the Art of the Obvious

We know that spam works: well, it works well enough for spammers to keep devoting time and money into pumping sewage into the arteries of the internet. The interesting question is why does it work? The Messaging Anti-Abuse Working Group (MAAWG), a global coalition of network operators and messaging providers who do some vital work

Watch Out for “Michael Jackson” Hoaxes

The news broke a short time ago that pop star Michael Jackson died of a heart attack. It is all too predictable that the bad guys will use this news event to spam out fake videos or links to alleged pictures in order to trick users into installing their malicious software. If you receive an

Win32/Waledac for Valentine’s Day

As Valentine’s Day is approaching the criminals behind Win32/Waledac have increased their activity. The Valentine campaign started some time ago but the interesting part is only starting for us.  The Waledac botnet has been using fast flux for some time now.  This means that the IP addresses of the websites used to distribute this malware

Global Threat Report 2008, other papers, and AMTSO

You may have noticed that I’ve been making a lot of references to this over the past few weeks. You can now download it here. Quite a few people have worked pretty hard to make this project happen, and I’d like to thank them now. I hope some of you will find it interesting and

Top Ten 2008 Threats

The top ten (twenty, twenty-five…) season doesn’t seem to have finished yet: the latest to cross my radar was something like seven ways of surviving the recession, which I’m sure is of interest to all of us, but not really in scope for this blog. So here’s a snippet from our 2008 Global Threat Report,

Conficker: can’t stand up for falling downadup

You might have noticed that Conficker (Downadup) is actually standing up rather well to all the attention it’s receiving at the moment. Heise UK reported that 2.5 million PCs are already infected (links removed, as Heise no longer seems to have a UK site and the articles have disappeared). In The Register, Dan Goodin reports that the

Confused about Conficker?

CNN reported that there a new sleeper virus out there. http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html There is nothing sleepy about the Conficker worm, it is wide awake and looking for people who are asleep at the security wheel. CNN reports that Conficker could allow hackers to steal personal and financial data, and they also report that it “it is