ESET Threat Blog

…not to mention exasperated, at the flurry of bad press that AMTSO (the Anti-Malware Testing Standards Organization) is suddenly receiving.
A few days ago, following an interesting blog by Kevin Townsend here to which I contributed some thoughts, I thought the time might be right for some healthy discussion about how the organization might engage better with the general … Read More…

Marketing hate it when I refer to competitor blogs, but Sophos' Vanja Svajcer, while discussing Adobe's accelerated security update (good move, guys!), makes a point that's worth three hearty cheers and a quote.
If nothing else, JavaScript should be disabled by default in Adobe Reader.
Go on Adobe, make my day.
Yesssssss!!!!
Though I'd settle for a slightly shorter step towards … Read More…

Here's a translation of another interesting blog from my colleague Jorge Mieres at ESET Latin America (the original is in Spanish). Apologies in advance for any errors in interpreting and interpretation, and if you find the sub-headers flippant, that's my fault too.
Jorge told me about it (the blog, not my tendency to flippancy) several days … Read More…

Our colleagues Aleksandr Matrosov, Senior Virus Researcher, & Eugene Rodionov, Rootkit Analyst, who work in our partner labs in Russia, have allowed us to share a long and comprehensive report on the TDL3 rootkit (also known as TDSS, Alureon, W32/Olmarik and so on).
The paper starts with a summary of the rootkit's connection with the Dogma Millions … Read More…

Today as I filled up, I noticed that they changed my BP / Arco pump kiosk’s payment instructions, probably as a result of the Hotea Arco skimming case a few years back. With the recent commentary on skimming David Harley provided, I thought a picture of anti-skimming advice might speak a thousand words – or … Read More…

Further to my last blog here, it seems that I've been missing some serious fake AV telephone scam action. Some links provided by my good friend Steve B. Nice one, Steve.
ALERT: metsupport.com – yet another telephone based fraud (aka SupportOnClick revisited – again)
http://hphosts.blogspot.com/2010/06/alert-metsupportcom-yet-another.html
techonsupport.com, click4rescue.com, pcrescueworld.com: SupportOnClick revisited
http://hphosts.blogspot.com/2009/12/techonsupportcom-click4rescuecom.html
SupportOnClick: Phoned by Malwarebytes? BigPond? Anyone else?
http://hphosts.blogspot.com/2009/07/supportonclick-phoned-by-malwarebytes.html
SupportOnClick … Read More…

Yesterday I was advised by a researcher working for another security company of a story he'd heard from one of his colleagues based in the UK, concerning an attempt to sell what was claimed to be ESET antivirus software.
The individual concerned had received a phone call from someone claiming to be from Microsoft, and informing him that  notification … Read More…

This is actually a resource from 2009 that someone brought to my attention today. Skimming in this instance is nothing to do with separating milk, or speedreading, or even throwing stones across the lake. It's the not-so-gentle art of stealing credit (or debit) card data, normally in the course of a legitimate transaction.
A common example … Read More…

I recently came across a few videos on YouTube where TV stations did undercover investigations for computer repair work. It is amazing how often a non-existent virus gets blamed for problems.
If you ever need computer repair work done and you are not real tech savvy, it pays to get referrals  and if the cost is … Read More…

The attacks from cybercriminals are now occurring in the online stock and equity trading world. Instead of simply emptying out compromised brokerage accounts, cybercriminals apparently are refining their attacks and striking at broader and more lofty goals: the trust mechanisms of business equity valuations with publicly traded stocks and equities.
George Hulme, InformationWeek contributing writer … Read More…