The Android banking trojan that we first informed about in the beginning of this year has found its way to Google Play again and contains new tricks designed to get access to the private banking information of the user.
This article sheds light on the current ecosystem of the Sathurbot backdoor trojan, in particular exposing its use of torrents as a delivery medium and its distributed brute-forcing of weak WordPress administrator accounts.
Malicious scripts are gaining prevalence in Brazil, reports ESET's Matías Porolli.
A dangerous new strain of malware has been discovered, able to steal banking credentials without alerting users to the interception.
In 2012 the number of unique detections of malware for Android increased globally by a factor of 17X (yes, that is 1,700%), and we expect the increase in 2013 to be even greater. This is one of the main predictions in the white paper we are releasing today: "Trends for 2013: astounding growth of mobile
ESET is seeing a new step of evolution for the Rovnix bootkit family.
Scam artists and cybercriminals are looking to turn romance into profit now that Valentine's Day approaches, possibly taking over your computer in the process. According to ESET researchers in Latin America, we can expect the quest for love to be leveraged as an effective social engineering ploy to enable the bad guys to infect unsuspecting
As expected, malware developers and scam artists have greeted the death of North Korea's dictatorial leader, Kim Jong-il, with Black Hat SEO and Social Engineering attacks. The Supreme Leader of the Democratic People's Republic of Korea suffered a heart attack on a train journey last month and a steady stream of schemes to exploit the
The FDIC is probably one of the most misunderstood quasi-governmental entities in America, which may account for its enduring popularity as part of malware and phishing scams. I'm not the most dedicated follower of banking news, but I did work for a bank once and I do try to keep up, yet I have never
Taking delivery of an unexpected package containing gifts is one of the joys of the holiday season. Missing a package delivery is one of the frustrations of the season. So, an email headed "Failed Package Delivery" is a good way for scam artists and malware distributors to get your attention. In this post I examine
The Reuters news agency reported earlier today a sudden increase in violent and pornographic images and videos on Facebook. A quick review of my personal account and a check-in with my other Facebook-wielding colleagues revealed a couple of nothing more than a couple of suggestive pictures, complete with snarky comments embedded in them, from the
One of the blessings of Open Source initiatives is the rapidity with which coders can release quality collaborative code. This is one of the ways the Android managed to claw its way into the smartphone mainstream, after arriving late to the game. But as the app ecosystem matures, vulnerability/patch management becomes more of an issue,
There’s a new batch of malware making the rounds, this time directed at spreading banking malware through childrens’ games. Though it’s hard to imagine, the scammers are taking advantage of the naivete of kids, who may not be as skilled at detecting scams as their more seasoned parents. According to an article in Softpedia, the
An emerging information security threat highlighted this week by Róbert Lipovský, namely theft and abuse of digital certificates by malware creators, serves as a timely reminder that these certificates are highly valuable digital assets that should be accorded the highest levels of protection. If your company uses certs purchased from root authorities such as Verisign,
A new attack against Apple Mac OS X Lion (10.7) has been detected by Intego. The threat is a Trojan, dubbed Flashback, installed via a fake Adobe Flash installer downloaded from a third party site. As with the MacDefender and Revir malware, the Flashback attack uses social engineering to entice the user to download then
New stolen digital certificates are used by the multi-purpose backdoor Qbot. The criminals behind the Qbot trojan are certainly not inactive. As I mentioned in a blog post earlier this month, after a quiet summer we have seen a batch of new Qbot variants. An interesting fact is that the malicious binaries were digitally signed.
...I realize that it looks a little self-obsessed to keep writing about comment spam relating to your own blog...
The MacDefender malware has morphed again, now taking the guise of "MacShield." As in the case of its oldest sibling MacDefender, the MacShield variant has taken the name of a legitimate Mac OSX software product with small distribution, doubtless causing the real developer significant heartache. The UI is essentially unchanged, but as usual all
In the last few days, I have been asked by a journalist (or four) what MacDefender means for the future of Apple security, and if I thought there was excess hype around it. I'll address the second question first. I think its safe to say the current malware would not be newsworthy if
The recent MacDefender Trojan has been receiving “rebranding” facelifts since it came out. It has now been deployed as MacProtector, MacDetector, MacSecurity, Apple Security Center, and there are no doubt more iterations to come. The malware has been updated, and now sports an improved UI that looks like a native Mac OSX application, unlike the