1000 days of Conficker
Nearly three years old, the Conficker worm continues to pose a threat to PCs. Aryeh Goretsky wants to know why this is, and what can be done about it.
Win32/Waledac
New Botnet: Storm Signal?
Pierre-Marc tells me that he has received two malware samples that grabbed his attention due to their resemblance to Storm/Waledac.
Guest Blog: How Much Spam Does Waledac Send?
Sebastián Bortnik, at ESET Latin America, kindly translated a blog they put up today here and allowed us to reproduce it for our blog. I think you’ll find it interesting. Thanks, Sebastián! The revival of the spread of the Waledac trojan is already a fact. As the ESET team announced on Thursday, on Friday spam emails
Waledac, VirusTotal and some AV fallacies
[Since the owner of the blog described below interpreted this blog as a personal attack and marketing BS, I’ve removed information that identifies his blog. Which is a pity, because his blogs on the topic actually include useful information. I’m not withdrawing the whole blog, because it isn’t marketing and it isn’t about our product:
Waledac: after the fireworks
I’d like to thank the City of San Diego for welcoming me with a firework display last night. It was just what I needed after 22 hours in planes and airports. :-) Maybe just a little quieter next time? (London did much the same thing to me with its Millennium celebration.) It did look pretty
That Wasn’t Your Sweetheart
Pierre Marc just posted about “Win32/Waledac for Valentine’s Day”. The fake greeting cards are an ongoing scam. As Pierre Marc indicated, this one is using polymorphism, which is a fancy way to say the malicious software disguises itself to look different each time someone encounters it. This is done to break signature based detection, which
Win32/Waledac for Valentine’s Day
As Valentine’s Day is approaching the criminals behind Win32/Waledac have increased their activity. The Valentine campaign started some time ago but the interesting part is only starting for us. The Waledac botnet has been using fast flux for some time now. This means that the IP addresses of the websites used to distribute this malware
Fake Holiday eCards: Are You Surprised?
Yesterday, we started to receive reports of emails pretending to carry links to holiday cards. These emails contain a link that points to a file named ecard.exe. Of course, this executable is not a seasonal holiday card but malware. The reason this wave of malware has attracted our attention is that it is very similar