ESET Threat Blog

Some of you may have noticed that I’ve been uncharacteristically quiet the past few days. That’s because I really needed to do catch up with other things. Sad though I am to have missed the opportunity to jeer at Mikeyy the Worm and his new employer (though I may come back to them shortly, just … Read More…

I’m guessing that you’ve probably heard about the worm attacks on Twitter over the Easter weekend. Even I did, and I was doing my best to take some time out from work, with rather more success than usual.
According to one Michael – sorry, Mikeyy – Mooney, a bored 17-year-old, he was responsible for the StalkDaily … Read More…

Larry Seltzer, one of the better commentators on malware issues, has picked up on the disparity between ESET’s naming of the latest variant and Symantec’s – they call it W32.Downadup.E. Richard Adhikari (who also seems to pretty clueful) also picked up on the naming issue when we exchanged emails a few days ago.
This issue kind … Read More…

So now for a little more tech detail on Win32/Conficker.AQ (kindly supplied by Juraj Malcho at our labs in Europe – however, if I get anything wrong, that will almost  certainly be down to my faulty interpretation!)
The new variant has two main components. The server component is an .EXE that infects vulnerable PC’s in the … Read More…

Every so often, someone on Twitter finds one of my accounts and tries to follow it. However, that particular account is for a very specific work-related purpose, and I only approve people I work closely with as followers.
Sorry! I certainly don’t want to be unfriendly: in fact, I created the @ESETblog account specifically for anyone … Read More…

If you just got here looking for my blog on Conficker and "blended hoaxes", I’m afraid I just pulled it (temporarily at least) in the light of new data that’s come in since last night: I don’t want to mislead anyone, as it seems that the new Conficker stuff is a lot more active and … Read More…

Well, hopefully my power sockets are not leaking computer viruses and keyloggers, but who knows?
Quite a few news outlets have picked up on a story in the Wall Street Journal claiming that spies from China and Russia have "penetrated the U.S. electrical grid". Scary… A little too scary and not enough detail to convince some commentators, … Read More…

Talking of the C-worm ("Will no-one rid me of this troublesome malware?") I mentioned in a blog from a couple of days ago that Jose Nazario supplied some useful information on an issue I was checking into.
The issue concerned reports from a Russian news site of Distributed Denial of Service attacks on Russian sites: the … Read More…

If it was the intention of the Conficker gang to create a huge splash, they succeeded. (In fact, it’s quite possible that they’ve attracted more attention than they really wanted.)
In any case, it seems that lots of people are looking nervously over their shoulders for any indication that something unpleasant and Conficker-related is about to … Read More…

The Register’s John Leyden has harsh words to say today about problems with security software: "Once, running Windows anti-virus was like driving down a dual carriageway. These days, it’s more like an unpaved road."
Well, I can understand his viewpoint, though given the sheer volume of security products these days, I’m not sure a small cluster … Read More…