ESET Threat Blog

In the months since Stuxnet first hit our radar, I’ve wiped a lot of brickdust off my forehead. Mostly as a result of banging my head against the wall in the hope of distraction from yet another infuriating, unsubstantiated speculation about who wrote it, what it was for, and who was the target, repeated as … Read More…

Just when I think maybe the traditional hoax/chain message is finally dying (or at any rate the type that describes mythical malware), along comes another, though it’s spreading through Facebook rather than email as in days of old. I've included some more information in a blog here about “the Christmas Tree app” hoax first cited by … Read More…

One of my ESET colleagues (thanks, Nienke!) brought to my attention an article (sorry, it's in Dutch) that picks up on the blog by Eric Chien that I mentioned a few days ago, and suggests that "Stuxnet was developed to improve the quality of enriched uranium, so that it no longer can be used for … Read More…

After quite a few months of trying to raise public awareness of the problem of fake support cold-calling both here [and elsewhere, it's good to see other vendors also starting to publicize the issue. I've previously cited an article by Symantec's Orla Cox that describes one exchange of civilities with one of the scammers, and … Read More…

This weekend, an unnamed worm forced Microsoft to temporarily suspend active links  in Live Messenger 2009, in order to prevent the aggressive worm from spreading further. This is quite a surprising measure, because worms spreading through Instant Messaging (IM) such as Skype, Yahoo! Messenger and Microsoft Live Messenger are not new at all! For example, … Read More…

If you read my previous blogs about P2P/inbox-mediaone/traclickmedia spam offering the currently-defunct Limewire (though some sort of replacement has been promised), you'll be glad to know that not only have they caught up with the latest news, but are now offering an alternative that is cleaner, faster, friendlier and safer. Yeah, right…
In fact, looking through … Read More…

…or at least a lot clearer than it has been.
Much of the controversy about the origin and targeting of Stuxnet derived from the uncertainty about exactly what its code was meant to do. Even after it was established that it was intended to modify PLC (Programmable Logic Controller) code, details of the kind of installation … Read More…

Speaking of the October 2010 ThreatSense report, which includes an article on fake support and AV…
A few days ago I wrote an article about fake support scams, a topic I've addressed before for Security Week – Fake AV, Fake Support  -and here on the ESET blog. What was missing, I guess, was that extra edge you … Read More…

I should probably have mentioned this before, but it's only just hit my radar.
ESET's October ThreatSense report is available on the Threat Center page as Global Threats Trends for October 2010. Naturally, it includes the usual information about the top ten global threats reported by ThreatSense.Net telemetry in October, which are:
 

INF/Autorun
Win32/Conficker
Win32/PSW.OnLineGames
Win32/Sality
INF/Conficker
Win32/Tifaut.C
HTML/ScrInject.B
Win32/Bflient.K
JS/TrojanClicker.Agent.NAZ
Win32/Spy.Ursnif.A

It also includes articles on:

Feature Article by … Read More…

In response to my recent cookie theft blog a reader asked the following questions:
What is VPN, what is SSL and what is the significance of https?
What precautions can we take if we need to do Internet banking from a public computer, Internet café for example?
VPN, SSL and https are all about encryption. Encryption is what … Read More…