ESET Threat Blog

[Update: There's been quite a lot of discussion and extra information coming in on this. It seems to me that there is at least one unnamed app around as well as the Boxes issue, and while I've no reason to assume that it's malicious, I'd hardly advise that you rush into installing an application when ... Read More…

Last Thursday, Microsoft released an out-of-band update to fix the latest vulnerability in Internet Explorer.  Since then, malware operators have been exploiting this vulnerability to install malware on thousands of PCs.  So far, we have detected more than 650 different versions of the exploit code which is detected as Trojan.JS/Exploit.CVE-2010-0249 by ESET antivirus.  We have … Read More…

We have just come across a Buyer’s Guide published in the March 2010 issue of PC Pro Magazine, authored by Darien Graham-Smith, PC Pro’s Technical Editor. The author aims to give advice on which anti-malware product is the best for consumer users, and we  acknowledge that the article includes some good thoughts and advice, but … Read More…

[Part 5 of an occasional series, updating a blog series I ran in early 2009 to reflect changes in the threat landscape. This series will also be available shortly as a white paper.]
Trust People, Not Addresses
Don’t trust unsolicited files or embedded links, even from friends.
It’s easy to spoof email addresses, for instance, so that email … Read More…

In December 2009, due to miserable security practices, Rockyou.com suffered a data breach that exposed over 32 million user passwords which were then published on the internet.
For a little background, if you use Face Book apps, like Superwall, Speedracing, Likeness, Hugme, or Birthday cards, MySpace apps like Glittertext, Slideshow, Photofx, and many others, as well … Read More…

My colleague Juraj Malcho, head of lab in Bratislava, has clarified a point: what Zimuse actually does is fill the first 50Kb of a targeted disk with zeroes (actually the 0×00 character): This does indeed overwrite the MBR, but also overwrites anything else that occupies that area of the disk.
The malware came to ESET's attention because we … Read More…

Now here's a curiosity.
Win32/Zimuse is a worm that exists in two variants, innovatively entitled Win32/Zimuse.A and Win32/Zimuse.B. In some ways it's a throwback to an earlier age, since it overwrites the Master Boot Record on drives attached to an infected system with its own data, so that data on the system becomes inaccessible without the use … Read More…

A little over a week ago we received a comment in response to David Harley’s blog post that read as follows:

InterNations – the Network for Expatriates and Global Minds!
 
The Internations Management has decided to donate 10 Eurocents to Haiti for each text message!
 
Text "Haiti" to: +xxxxxxxxxxxx    Spread the Word!
 
Regular messaging costs to cellphones apply InterNations … Read More…

There’s been a lot in the news about “Operation Aurora”. In a nutshell, hackers used a zero day IE exploit to gain access to computers and accounts they should not have access to. There are lots of fingers being pointed at the Chinese and implications the government may have been involved. The targets included Google … Read More…

OK, I'll save the novel for another time.
However, there's a rather less ambitious snippet of my recent writing at http://www.eurograduate.com/article.asp?id=3015&pid=1, an article called "Fact, Fiction and the Internet," and, further to some of my recent posts here, touches on the dangers of social networking.
Though you might think that someone with as many twitter accounts as … Read More…