We’ve just come across an IRC controlled backdoor that enables the infected machine to become a bot for Distributed Denial of Service attacks. The interesting part about it is that it’s a Mach-O binary – targeting Mac OS X. ESET’s research team compared this to samples in our malware collection and discovered that this code
ResearchExpert content, for researchers by researchers
Here's an example of search poisoning somewhat similar to that predicted by Stephen Cobb. It uses the death of Gaddafi as a hook, as noted by our colleague Raphael Labaca Castro.
Scam artists and cyber-criminals welcomed today's news of the demise of Libyan leader Muammar Muhammad Abu Minyar al-Gaddafi (often referred to as simply Gaddafi or Gadhafi). Why? Because few events fuel Internet search activity as much as the death of a famous–or infamous–person, although celebrity weddings and divorces are also a big search driver. It's a
According to a report from the New Zealand Herald, the US government is formally requesting China release more details on its censorship activities. The action, being pursued under World Trade Organization rules, is purportedly aimed at leveling the playing field of foreign websites trying to compete in China. The idea is that if the US
Facebook has recently updated their security settings. In this How-to we highlight some of the updates and the security nuances to help you stay on top of your account security settings. Paul Laudanski blogged about the subject awhile back, if you want to reference that security primer. When you login to your account, you may
ESET researchers have noticed a new phase in the evolution of the TDL4 botnet.
We see yet another breach hitting the headlines from a Massachusetts Healthcare Service provider, Spectrum Health Services. It seems during a break-in a hard drive was stolen, which contained names, addresses, phone numbers, dates of birth, Social Security numbers, diagnostic codes and medical insurance numbers. It is interesting because, unlike other states, Massachusetts law requires
Cybersecurity Awareness Month is rolling on and I wanted to share some updates, from a free cybersecurity webinar series to a one-day symposium and a YouTube video contest (with great prizes, of course). Now in its eighth year, Cybersecurity Awareness Month takes place every October in the U.S. and I think it's finally getting the
Recently I've been collecting examples of comment spam. Essentially, this is for a research project that is somewhere fairly low on my to-do list. However, it does have a more positive aspect: whenever I feel at a loss for words and losing faith in my own wordsmithing ability, I scroll down to see what nice
There I was last Friday morning, attending a cybersecurity conference hosted by the very venerable but also very high tech law firm of Foley and Lardner, awaiting my turn to speak, and the presenter said something about the cost of privacy breaches. At that moment, a news alert popped up on my iPhone: TRICARE Hit
A recent report from Commtouch finds about one third of Gmail, Yahoo, Hotmail and Facebook users even noticed when they were hacked, and more than half found out later after friends alerted them. This lag time provides a wide open window for scammers to use social engineering techniques to target more valuable targets, and harvest
Symantec's transient false positive detection of Facebook as a malicious site leads to serious thoughts about Facebook and privacy...
The slides from an AMTSO-oriented presentation by Larry Bridwell and myself at this year's Virus Bulletin conference, on "'Daze of whine and neuroses (but testing is FINE)" are now available on the Virus Bulletin site are now available here (along with some other excellent presentations). The paper on which the presentation is based is on the ESET white papers
Sadly, Dennis Ritchie passed away today; there is a nice tribute to him here For anyone who ever learnt C programming back in school, you will, like me, probably have started out with the seminal text "The C Programming Language" written by Ritchie and Brian Kernigan. Ritchie was the co-creator of the C language –
News that the FBI has arrested the Florida man they suspect of criminally hacking into devices belonging to celebrities such as Scarlett Johansson and Christina Aguilera is welcome, definitely a win for law enforcement and society at large. But the good news comes with a warning. The technique used by the alleged perpetrator was to
...I've been seeing quite a few scrawny, toothless piranha mailed from email addresses that are often spoofed but invariably dubious like google.phishing.team@a_latvian_mail_provider.com...
ESET had quite a strong representation at Virus Bulletin this year in Barcelona, as David Harley mentioned in his post prior to the conference. On the first day, Pierre-Marc Bureau presented his findings about the Kelihos botnet, David Harley and AVG’s Larry Bridwell discussed the usefulness and present state of AV testing, and to finish
...this isn't lawful interception, and it's not surprising that the AV industry has seen no reason to avoid detecting it...
On Saturday, another controversial report of a “government trojan” appeared. This time it is the German government that has been accused by the European hacker club Chaos Computer Club (CCC) of using “lawful interception” malware. Hence, “Bundestrojaner” (Federal Trojan), though that name is normally applied to the legal concept that allows German police to make
In Europe, a user can make a request to an online company for all personal data they may have stored about them. One user did just that, and found 880 PAGES of data stored about him by Facebook! Other users listed on the Europe vs. Facebook website had even more. They include the usual data