password stealer Archives -

password stealer

Made in the Czech Republic: a PHP Autorun worm

Recently, a new data-stealing worm caught our attention. The reason why it stands out from many similar amateur creations is that its author is most probably Czech, as the text strings, variable and function names used by the malware suggest. The Czech text above is displayed by the worm inside a console window and translates

Where there’s smoke, there’s FireWire

Forensic software developer PassWare announced a new version of its eponymous software forensics kit on Tuesday. Already several news sources are writing about how the program can automatically obtain the login password from a locked or sleeping Mac simply by plugging in a USB flash drive containing their software and connecting it to another computer

Coreflood dries up

The US Department of Justice's announcement yesterday of the takedown of the command and  control (C&C) servers for the Coreflood bots (detected by ESET as Win32/AFCore) and seizure of their domains marks another step in the growing awareness that crime, whether it is committed with bullets or with botnets, is still crime.  This particular botnet,

Coreflood Reduced to a Backwater

Here’s a little information from ESET’s point of view about the Coreflood botnet, whose C&C (Command and Control) servers were taken down yesterday by the Department of Justice. The Coreflood bot is detected by ESET products as Win32/Afcore and has been active since the early years of the last decade (certainly since 2001), though our

Unencrypted Wireless: In Like a Lion, Out Like a Lamb

[C. Nicholas Burnett, the manager for ESET LLC's tier three technical support, contributed the following guest blog article on the FireSheep plugin for Firefox.  Thank you very much, Carl!  Aryeh Goretsky] The past several days have seen the security community abuzz about a program presented in San Diego at ToorCon 12 this last weekend called

New White Papers

A number of new papers have been added to the white papers page: Cristian Borghello’s “Playing Dirty” is a translation of his original Spanish paper, available on the ESET Latin America web site, and describes in detail how criminals make money out of stealing online gaming credentials and assets. My paper Social Security Numbers: Identification is

Threat Trends In January

Here at ESET we have just released our Global ThreatTrends report for January 2009. Not surprisingly, at the top of the list is a family of programs that exploit Microsoft’s longest unpatched vulnerability. That’s right, Autorun.inf, is an evil “feature” that should have been patched out of existence a long time ago. Since it is

Top Ten 2008 Threats

The top ten (twenty, twenty-five…) season doesn’t seem to have finished yet: the latest to cross my radar was something like seven ways of surviving the recession, which I’m sure is of interest to all of us, but not really in scope for this blog. So here’s a snippet from our 2008 Global Threat Report,