Rogueware on the roll
Quite recently a new rogueware called Advanced Security Tool 2010 entered the scene. This file is being detected as Adware/SecurityTool2010. Besides having a more modern look and a slick interface, it also loads an exploit known as the help center vulnerability. Microsoft has issued a Security Bulletin in July. Preventive measures can be taken by [...]
HCP Vulnerability Exploited in the Wild
On June 10th, a researcher working for Google publically released details about a flaw in Microsoft’s Help and Support Center. The flaw exists due to improper sanitization of URI’s in the HCP protocol handler. If exploited, an attacker would be able to execute arbitrary commands on a victim’s machine. This vulnerability disclosure has fueled an [...]
Infecting the iPad }:-)
Last year we witnessed the first infection that affected devices based on the iPhone operating system, it was the worm iPhone/Eeki. We wrote a blog post explaining how the worm worked, and prepared a video where you could see how it was infected and how it was distributed from an iPhone to an ipod Touch. [...]
Spam using Twitter and Youtube
Spam is something that we see on a daily basis. Everyday thousands of unwanted e-mails arrive to our mailboxes. We have seen them in all kind of flavours. Plain text, html, instant messaging, images, pdf, even in MP3. Users are able to learn, so usually when we know that a message is spam, we don’t [...]
Rogueware with new Ransomware Technologyâ„¢
The criminals behind Rogueware attacks are becoming increasingly aggressive in their approach to make money. We recently stumbled across a sample (Adware/TotalSecurity2009) which uses a ransomware technique to improve its sales. Once the computer becomes infected, Total Security forces the victim to purchase it before it will allow any files from being accessed on the [...]
- Comments Off
Live Demo: Banking Trojans
Banking Trojans are one of the most prevalent Malware species in the threat landscape today. Malware authors aim to keep infections live and undetected long enough so that they can get what they are really after: money. Financial motivations lead malware developers to craft the stealthiest banking Trojans to steal personal and financial data for [...]
- Comments Off
Zero day in MSVIDCTL.DLL
A couple of days ago we started spotting a new vulnerability affecting Microsoft Video ActiveX Control. Even though it's been said there are thousands of web sites affected, they are only a few dozens and most of them are in China: Anyway, it is a matter of time to see this attack expanding worldwide. We've seen [...]
- Comments Off
New Blackhat SEO attack exploits vulnerabilities in WordPress to distribute rogue antivirus software
Over the past week we have seen a new Blackhat SEO technique emerge to exploit vulnerabilities in the popular WordPress blog software. Two of the sites we identified were TheWorkBuzz.com, a website owned and operated by Career Builder (CareerBuilder.com), and The Center for International Media Assistance, an initiative of the National Endowment for Democracy (NED.org). [...]
- Comments Off
