ESET Threat Blog

Our interim analysis of a version of the malware we detect as Java/Boonana.A or Win32/Boonana.A (depending on the particular component of this multi-binary attack) differs in some characteristics from other reports we've seen.
The most dramatic difference is in the social engineering hook used in messages sent to an infected user's friends list. Other reports (including … Read More…

While this is probably of marginal interest to anyone outside the UK, even those who look upon the UK's National Health Service as convincing proof that state-sponsored healthcare is a Bad Thing, I had an interesting chat with Dan Raywood of SC Mag recently, which he subsequently wrote up as an article which is now … Read More…

Here's a follow-up to my blog yesterday about how to pay for free (and in some cases non-existent) services, if you really want to.
I checked one of my junkboxes today and found another flurry of spam relating to Limewire and other stuff (Open Office and something called Stream Direct). Here's what the Limewire mail looks … Read More…

You may have seen some headlines today about a New Java Trojan that attacks Macs. It turns out that it also attacks Windows and Linux users as well. The Trojan pretends to be a video on Facebook. A user gets a message asking “is this you in this video” with a link. Upon clicking the … Read More…

A recent article at Time http://www.time.com/time/politics/article/0,8599,2025696,00.html details how an online voting system was hacked. The good news is that it was a public test and not a real election. The bad news is that real people’s information was able to be obtained.
The “hackers” professor J. Alex Halderman and some of his graduate students from The … Read More…

[C. Nicholas Burnett, the manager for ESET LLC's tier three technical support, contributed the following guest blog article on the FireSheep plugin for Firefox.  Thank you very much, Carl!  Aryeh Goretsky]
The past several days have seen the security community abuzz about a program presented in San Diego at ToorCon 12 this last weekend called FireSheep. … Read More…

[Update: if this post is of interest to you, you may also find Kevin Townsend's commentary of interest, though the title seems a little misleading to me. While I'm not altogether comfortable with the fact that the message is a little too reminiscent of fake AV, I don't see how you can describe an application that ... Read More…

If you spend a fraction of the time that I do tethered to the Internet, you'll be aware that Limewire has been told to "stop distribution and support of LimeWire’s P2P file-sharing service as a result of a court-ordered injunction". (Any chance of similar action against some of the sites making available pirated copies of … Read More…

Bart Parys (@bartblaze) recently contacted me about research he was conducting into botnets, exploit kits and so on. His article "The Botnet Wars: a Q&A" is now up. While Bart himself is a Technical Support Engineer at Panda Security, he's taken the approach of asking a number of experts and commentators (I'll leave it to … Read More…

I've just returned from the Anti-Malware Testing Standards Organization (AMTSO) workshop in Munich last week. Lots of useful work was done, but one of the most interesting results is the approval by the members present of a planned low-fee subscription model which will enable individuals and small organizations to participate in workshops and in discussion around … Read More…