ESET Threat Blog

A number of new papers have been added to the white papers page:

Cristian Borghello’s "Playing Dirty" is a translation of his original Spanish paper, available on the ESET Latin America web site, and describes in detail how criminals make money out of stealing online gaming credentials and assets. http://www.eset.com/download/whitepapers/EsetWP-PlayingDirty20090812.pdf
My paper "Social Security Numbers: Identification is … Read More…

This is part two of a recent email interview with a Turkish web site, with part one made available here for the benefit of those of us who don’t speak Turkish.
 I’ve done a little editing on parts one and two, primarily for cosmetic reasons.
Question (4): What the golden rules for using the Internet with peace … Read More…

This is a research blog, not a marketing blog. Not that there isn’t a place for marketing (that’s what pays our salaries, in a sense!) and marketing blogs, but my guess is that most of our readers here would get bored quite quickly if we spent too much time on press-release type material, our latest … Read More…

Regular readers will be aware that, unlike many people in the security industry, people in this research team tend to be enthusiastic supporters of security education for end users, both inside and outside business: not as The Answer To Everything, not in terms of turning everyone who uses the Internet into a security expert, but … Read More…

So, back in harness. I’ve been away for a couple of weeks: not on holiday as such, though I did take some days out, but concentrating on writing: it didn’t hurt that I didn’t have a full-strength internet connection to distract me, though.
Before I left, I was interviewed by a Turkish security site. It was … Read More…

Nowadays we see lots of malicious software that is designed to steal money and information. A new virus was recently discovered that seems to be all about proving a concept rather than blatant maliciousness.
The Win32/Induc.A virus does not infect like most viruses do. Delphi is a programming language. Induc infected the Delphi IDE so that … Read More…

You may have seen a headline about a huge identity theft ring being busted. http://www.reuters.com/article/topNews/idUSTRE57G4GC20090817
There are a lot of things people can do to be safer online, but in this case it wasn’t about your computer being hacked. Whenever you use a credit card or a debit card there is information that can potentially be … Read More…

Some people are speculating that the motivation for the Twitter attack was to try to silence one person. There are really good signs that the attack against an individual was what took down Twitter, but still we really don’t know. I speculated that it might be a show of force to try to sell botnet … Read More…

I was amused (and not the only one, either) to notice that the UK’s Cabinet Office has recently launched a "Template Twitter strategy for Government Departments": I wonder if they’re thinking of reconsidering in view of the proven fragility and security-shakiness of Twitter, but I suspect not.
I am tempted to make a cheap shot related to the … Read More…

In the AV industry, we’re not unaccustomed to security scare stories met with a debunking response. For example, Peter Norton was quoted in 1988 in Insight as saying that computer viruses were an urban myth, like the alligators supposed to inhabit the sewers of New York. (He did change his mind around 1990 when he gave … Read More…