Research | WeLiveSecurity

Research

Expert content, for researchers by researchers

Research

AVAR Hong Kong security conference 2011 – in 30 seconds

Well, okay, if you happen to be an extremely fast reader. The Association of Anti Virus Asia Researcher’s (AVAR) 14th AVAR Conference just wrapped up in Hong Kong on Friday. This year, the focus was on security issues in and around the emerging Asian security market, and how to rise to the challenge. As one

Anonymous – is hacktivism here to stay?

Months back a rather vocal series of micro-hacktivist groups formed a somewhat larger, more vocal pseudo-organized non-organization ruled essentially democratically via IRC (among other things), attempting to cast light on perceived misdeeds by the large corporation (or government organization) du-jour they thought had behaved badly. The idea was to hack an organization, parade them around

Facebook video scam: 15 seconds? Don’t watch it at all

[Update: For more articles about Facebook security click here. To help you protect yourself on Facebook and Twitter, ESET provides a free social media scanner.] One of my Facebook friends drew my attention today to a fast-spreading link. I’m pleased to say that he knew better than to look at it, but I figured it was

Facebook Facing FTC Mandated Privacy Changes

At the beginning of the month we discussed the scrutiny that Facebook privacy practices have been receiving from government agencies in North America and beyond, including the U.S. Federal Trade Commission. Now there are reports that "Facebook is nearing a settlement with federal regulators that would require the world's most popular online hangout to obtain

DNSChanger and PROTECT IP: FBI hit and legislative miss

Today the world woke up to DNS changing and something called DNSChanger. First we had the excellent news of a major FBI bust, taking down a cyber-ring that had infected about four million computers in 100 countries. The operators of this fraud had used malware called DNSChanger to redirect infected computers to rogue websites. For

Made in the Czech Republic: a PHP Autorun worm

Recently, a new data-stealing worm caught our attention. The reason why it stands out from many similar amateur creations is that its author is most probably Czech, as the text strings, variable and function names used by the malware suggest. The Czech text above is displayed by the worm inside a console window and translates

Scary Halloween cyber pranks

I just looked in my junk box to find an “Amazing” sale on pirated software, but I have to act fast, as it’s only good until Halloween. My colleague Stephen Cobb points out the rate of effectiveness of scams would soar if the Nigerian scammers could afford a proof reader who spoke fluent English. David

Updates on OSX/Tsunami.A, a Mac OS X Trojan

Yesterday, ESET announced the discovery of a new threat against the Apple Mac OS X platform. Today, we have found a new version of the same threat. The new version is similar to the previous version with two important differences. The first addition to this threat is that it now implements persistence on an infected

Win32/Duqu: It’s A Date

For the last few days, much malware research time has been devoted to the brand-new malware that ESET calls Win32/Duqu. One of the features that makes this kind of malware particularly interesting is that it very closely resembles Stuxnet, one of the most sophisticated worms of recent years. Last year we performed in-depth analysis of

Linux Tsunami hits OS X

We’ve just come across an IRC controlled backdoor that enables the infected machine to become a bot for Distributed Denial of Service attacks. The interesting part about it is that it’s a Mach-O binary – targeting Mac OS X. ESET’s research team compared this to samples in our malware collection and discovered that this code

Gaddafi and Search Poisoning: Think before clicking on search results

Scam artists and cyber-criminals welcomed today's news of the demise of Libyan leader Muammar Muhammad Abu Minyar al-Gaddafi (often referred to as simply Gaddafi or Gadhafi). Why? Because few events fuel Internet search activity as much as the death of a famous–or infamous–person, although celebrity weddings and divorces are also a big search driver. It's a