ESET Threat Blog

From time to time we get comments in response to blog postings. Sometimes we get questions. One such question received today not only requires a reply, but I feel deserves a blog entry as it is the kind of question that when answered can help a lot of people understand more. The question, posted as … Read More…

In the antivirus industry one of the terms we use is “heuristics”. This is a fancy word for “how we detect bad programs that we have never seen before”. The ability to detect bad programs before we have ever seen them is proactive detection. We write the detection before the threat exists. How we can … Read More…

How can you tell if you are infected with a vulnerability? It is easy, you are not, and you do not get infected by vulnerabilities. So what are vulnerabilities then and why do they matter?
 
The presence of a vulnerability simply means that you may be able to be attacked. Cars are vulnerable to being run … Read More…

DirectRevenue, possibly former adware/spyware purveyor, settled Federal Trade Commission (FTC) charges of unfair and deceptive trade practices of installing unwanted and unsolicited spyware unto consumers’ computers. http://www.internetnews.com/bus-news/article.php/3660481 
 
FTC Commissioner Jon Leibowitz voted against the deal because he alleges that DirectRevenue was still keeping about 20 million dollars in ill-gotten gains.
 
What is interesting is the mind … Read More…

The case of Julie Amero has drawn national attention and deserved outrage. I have wracked by brain to try to come up with some tips for teachers to help protect themselves from situations like this where an incompetent administration completely fails the teachers, students, and parents. 
Every teacher in America, especially those in Connecticut, should request … Read More…

 
When you go into a court of law in the United States there is one person who has taken an oath to pursue justice. The judge, jury, defense, and witnesses all participate in the legal system without an oath to pursue justice. The prosecutor is the one person who has taken an oath to pursue … Read More…

Anna Nicole Smith died today and that means the scum of the internet will be out in force. History has taught us to expect a barrage of attacks coming in the form of email with attachments and/or links.
 
The likely attack scenarios will be email messages claiming to have pictures of Smith’s dead body, or nude … Read More…

I’ve checked back as far as May 2006 and we were  detecting this Trojan heuristically.
Randy 
 
jQuery(document).ready(function($) { window.setTimeout(‘loadLinkedin_40()’,1000);window.setTimeout(‘loadFBLike_40()’,1000);window.setTimeout(‘loadGoogle1_40()’,1000);window.setTimeout(‘loadGBuzz_40()’,1000);window.setTimeout(‘loadTwitter_40()’,1000); }); function loadLinkedin_40(){ jQuery(document).ready(function($) { $(‘.dd-linkedin-40′).remove();$.getScript(‘http://platform.linkedin.com/in.js’); }); } function loadFBLike_40(){ jQuery(document).ready(function($) { $(‘.dd-fblike-40′).remove();$(‘.DD_FBLIKE_AJAX_40′).attr(‘width’,’92′);$(‘.DD_FBLIKE_AJAX_40′).attr(‘height’,’20′);$(‘.DD_FBLIKE_AJAX_40′).attr(‘src’,'http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fblog.eset.com%2F2007%2F02%2F02%2Fthe-super-bowl-trojan&locale=en_US&layout=button_count&action=like&width=92&height=20&colorscheme=light’); }); } function loadGoogle1_40(){ jQuery(document).ready(function($) { $(‘.dd-google1-40′).remove();$.getScript(‘https://apis.google.com/js/plusone.js’); }); } function loadGBuzz_40(){ jQuery(document).ready(function($) { $(‘.dd-gbuzz-40′).remove();$.getScript(‘http://www.google.com/buzz/api/button.js’); }); } function loadTwitter_40(){ jQuery(document).ready(function($) { $(‘.dd-twitter-40′).remove();$.getScript(‘http://platform.twitter.com/widgets.js’); }); }

 
A Trojan was recently planted on the web page of the Miami Dolphin’s Super Bowl web site. The Trojan was a script that would download a malicious file onto the user’s computer – if the user was not current on their security patches or not using NOD32.
 
Websense first identified the compromised website through the use … Read More…

Some of you may notice that the blog entry “I See Antivirus Software in the Vistaâ€? has been changed. I made a mistake in referring to Vista Kernel Patch Protection (KPP) in Windows Vista 32-bit. There is no KPP in Windows Vista 32-bit edition. Rather than leaving inaccurate information up on the blog I have … Read More…