PandaLabs Annual Report – 2011
Today we are publishing the PandaLabs report, where you can enjoy an overview of the main figures and security news that have happened in the last 12 months, as well as some figures. You will see how malware creation hit a new record high in 2011 with 26 million samples, that Trojans continue to be [...]
Hong Kong, AVAR 2011
Greetings from Hong Kong! This week we are enjoying the security conference AVAR, which is taking place in Hong Kong. Some interesting topics are being covered, such as the talk “Malware in EFI”, where Intel’s Igor Muttik showed us how malware could take advantage of the the EFI (Extensible Firmware Interface) and the challenges we [...]
Deobfuscating malicious code layer by layer
Article written by David Sánchez Lavado This post explains how to analyze the malicious code used in current Exploit Kits. There are many ways to analyze this type of code, and you can find tools that do most of the job automatically. However, as researchers who like to understand how things work, we are going [...]
My take on the IMF hack
This weekend, while the Anonymous people were DDoSing the Spanish Police web site in what they call “peaceful protests” (are they ignorant or just cynical?) another news came out: the International Money Found was hacked, and had been compromised for months. Shocking news As soon as it was made public all media start talking about [...]
Bin Laden’s Death and the Royal Wedding: Curiosity killed the cat
It could not be any other way. The two most relevant events over the last few days are being used as bait to trick users and infect their PCs. These events are Osama Bin Laden’s death and the Royal Wedding. The malicious file is the same in both cases, a banking Trojan seemingly originating from [...]
Kawaii Security: Japan is different
I started writing this blog post 10 days ago, but then the terrible earthquake happened in Japan, so I decided to postpone it. Now things have calmed down; however the disaster has been huge, and thousands of people have lost their life due to the tsunami that came after the earthquake. But one thing that [...]
Cybercriminals taking advantage of the Japanese earthquake
Yesterday we saw a message that promised to show you a video about the disaster after the earthquake and the tsunami. It included a link, that was an executable file: http://<>/consulado/japones/urgente/desespero-da-equipe-de-resgate-ao-encontrar-milhares-de-corpos-816283hDGJDj36378.youtube.com-AVI.exe This is just a downloader, that downloads and installs more malware in your computer. It also downloads a HOSTS file and overwrites in your [...]
I Love.exe You – Happy Saint Valentine’s day
In a few days, the 14th of February, it will be Saint Valentine’s day. Be ready as we will see malware and spam spreading using this topic to click on links and install Trojans in our computers, as usual. In fact cybercriminals have already started; some days ago I came across a file called “Love.exe”, [...]
“Here you have” worm attack could have been lauched from Spain
Last Friday, Sean-Paul published a blog post talking about a worm that was been distributed over a brief 24 hour period. The worm known as “Here you have” was the 2nd variant of a worm, which appeared more than a month ago, and one of its characteristics was that the from address in the message [...]
Broken links
A few days ago, on July 16th, Microsoft published a security advisory: “The vulnerability exists because Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the icon of a specially crafted shortcut is displayed.” Translation: any folder you open with a .lnk file (you know, that nice shortcuts we [...]
