There are always people who want to piggy-back on the achievements of others. After ESET warned the public against ACAD/Medre.A in two blogs here and here and issued a free standalone cleaner for remediation, there was always the possibility that drawing attention to the issue would result in the topic being misused for other purposes.
ESET had quite a strong representation at Virus Bulletin this year in Barcelona, as David Harley mentioned in his post prior to the conference. On the first day, Pierre-Marc Bureau presented his findings about the Kelihos botnet, David Harley and AVG’s Larry Bridwell discussed the usefulness and present state of AV testing, and to finish
So who's to blame? First and foremost, the victimizers. Well, persistent victims, yes. And anyone in the security industry who pushes the TOAST principle, the idea that all you have to do is buy Brand X and you never have to take responsibility for your own security. Though, of course, "who's to blame?" is the wrong question: what matters is "how do we fix it?"
One of the most common ways to propagate malware through social engineering is to piggyback it on some attention-catching news event. This can be carried out using a variety of techniques and is certainly nothing new. One infamous example from 2007 was Win32/Nuwar (a/k/a the Storm Worm), which distributed through spam emails with current and/or
You may not be aware that ESET writers have been supplying blogs to SC Magazine for a while now. Recently, Randy Abrams and I were drafted in after the original contributors moved on, and we started contributing this week: Poachers and Gamekeepers considers whether there is a conflict of interest when AV companies work with
[Update: more information from ESET on this malware here.] Last October, my colleague Tasneem Patanwala blogged about rogue antivirus masquerading as an ESET product. In that instance it was a product calling itself Smart Security, and Tasneem's blog includes lots of useful information about that particular malware, and fake AV in general. Looking through my
Since its release in 2007, ESET Smart Security has received many accolades for its antimalware, antispam and firewall functions. However, we have recently been the recipient of a very dubious honor; a rogue antivirus program which masquerades as our own software. The Rogues Gallery Rogue antivirus is a loose family of programs that claim to
Kurt Wismer posted a much-to-the-point blog a few days ago about the way that purveyors of scareware (fake/rogue anti-virus/security products) mimic the marketing practices of legitimate security providers. You may remember that a while ago, I commented here about a post by Rob Rosenberger that made some related points. If you’re a regular reader of
Our research colleagues in South America have found that there is considerable effort by the bad guys to try to infect your computer when you search for information about the 2010 world cup games. Specifically, if you are searching for free tickets. The bad guys know that people searching for free tickets to the World
Earlier this month, we reported on the massive new Koobface campaign making the rounds through Facebook and how it tricked users into downloading and running it through that tenet of social engineering, the fake codec. We now have a video showing how the Koobface worm tricks users into running it: NOTE: The audio is not
[Interim updates removed: later information on Twitter profile attacks and Blackhat SEO attacks using keywords related to this topic to spread malware, has been made public in a later blog at http://www.eset.com/blog/2010/03/30/here-come-more-of-the-ghouls.] Following this morning's bombings in the Moscow Metro (subway system), Aryeh Goretsky suggests the likelihood of criminals using "blackhat SEO" (search engine optimization
I read a story today called “Give me your money, or your computer gets it” at http://redtape.msnbc.com/2010/01/turning-hijacked-computers-into-cash-is-still-hard-work-for-most-computer-criminals-theyve-got-to-trick-the-infected-pc-into.html. While the story does offer some practical advice, it misses some critical points and gets one thing a bit wrong. The story actually talks about a couple of different “ransom” attacks. There is the case where your data
[Update: There's been quite a lot of discussion and extra information coming in on this. It seems to me that there is at least one unnamed app around as well as the Boxes issue, and while I've no reason to assume that it's malicious, I'd hardly advise that you rush into installing an application when