All Tags » Malware   (RSS)

Zero day in MSVIDCTL.DLL

Posted by Luis Corrons at  08 July 09 09:21     A couple of days ago we started spotting a new vulnerability affecting Microsoft Video ActiveX Control. Even though it's been said there are thousands of web sites affected, they are only a few dozens and most of them are in China: Anyway, it is a

Read More...
Category: , ,


New Storm Worm: Waledacs

Posted by Asier Martínez at  06 July 09 09:53     After several months of calm, a new Waledac campaign has just started. This time a significant date has been used as social engineering: the Independence Day celebrated on 4th of July. Nearly 30 domains are being used to spread this malware using the

Read More...
Category:


HAMLET. "Something is rotten in the state of Malware"

Posted by Luis Corrons at  23 April 09 07:54     Written on behalf of José Julio Ruiz de Loizaga. Today being the birthday of William Shakespeare, I felt the urge to write this post. When reversing files, one is prepared to find anything - well, almost anything. I was analyzing a dll and was

Read More...
Category:


New waledac's campaign

Posted by Asier Martínez at  16 April 09 10:00     Waledac family activity has increased during the last months. The malware creators have been using several social engineering techniques to spread these samples: important dates like Christmas and Valentine’s Day, important events such as the appointment

Read More...
Category: , ,


Chapter 2. The Conficker countdown melodrama.

Posted by Luis Corrons at  31 March 09 05:27     The melodramatic Conficker countdown is starting to resemble one of those never-ending TV soap operas; everyone is talking about it, but it never draws to an end. Well, at last the countdown is in the final straight, because if not we could end up with

Read More...
Category:


Facebook Malware Refocusing on Bank of America

Posted by Sean-Paul Correll at  14 March 09 01:32     The perpetrators behind the recent Classmates and Facebook Malware incident are now refocusing their attack on Bank of America customers. The new website is designed to look like a Bank of America Help page and reads: “You have not been permitted

Read More...
Category: , ,


ID Theft Malware is Infecting Computers at Alarming Rates

Posted by Sean-Paul Correll at  09 March 09 10:54     Today we're announcing results of a study that analyzed 67 million computers in 2008 and revealed that 1.1 percent of the worldwide population of Internet users have been actively exposed to identity theft malware. We predict that the infection rate

Read More...
Category: ,


Malware in Social Media

Posted by Sean-Paul Correll at  26 February 09 06:17     A few weeks ago we talked about cyber-criminals using Digg.com to spread malware . Today we see that the very same group responsible for the Digg.com incident was using the same tactic on YouTube through the use of YouTube's Annotations feature. Video

Read More...
Category: , , , ,


Good (?) old times

Posted by Luis Corrons at  17 February 09 06:28     Right now we are dealing with about 25,000 new malware samples per day. From time to time we remember the old days, when we were almost fighting each other in order to disassemble the latest virus we had received in the lab. Well, what were you expecting?

Read More...
Category:


Rogue ScanVirus site impersonates SaaS Anti-Virus

Posted by Sean-Paul Correll at  03 February 09 02:23     Today we discovered a new site using an interesting tactic to trick users into infecting themselves with malware. This time the cyber-criminals opted to pretend to be a Software as a Service (SaaS) Anti-Virus solution. The "Scan Virus" website

Read More...
Category: , , ,