ESET Threat Blog

Pierre-Marc tells me that he has received two malware samples that grabbed his attention due to their resemblance to Storm/Waledac.  They use the same kind of distribution mechanism: that is, spam with links to a New Year eCard for New year with titles like "New Year Wishes!" and "You Received an Ecard."  The mail contains … Read More…

The December ThreatSense report, being the last report of the year, is a little bigger than usual, and takes a longer view. It includes:

A feature article by Pierre-Marc Bureau and Alexis Dorais Joncas on the Bflient.K malware kit.
A feature article by Urban Schrott on "The Wikileaks Affair and the Cyberworld"
ESET researchers across the globe putting … Read More…

The Lookout Mobile Security company is reporting a new trojan horse program that runs on Android based phones. The novel thing about this trojan is that it has enough functionality to allow the criminals to assemble an Android based botnet. This really should come as no surprise. The Android is not a phone with web … Read More…

This short video blog explains a bit about typo squatting. For our readers who are not native English speakers, typo means typographical error, or in plain English, it means you typed the wrong letters in. Some websites buy domains with similar names so that you will still get where you want to go if you … Read More…

It is generally well-understood that antimalware programs—the software which detects computer viruses, worms, trojan horses and other threats to your system—work by scanning files using signatures they already have. A signature could be as simple as a string[i] (like using the "find" command in your word processor to locate a particular piece of text) or as … Read More…

This short video blog explains what “Adult Traffic Trading” is. This series of Video Blogs is in response to a study done about adult content web sites. This is a really, really short video, but the answer is simple enough to answer the question that it doesn’t need to be a long video.
Randy Abrams
Director of … Read More…

This isn’t exactly a security post, although when things go wrong on electronic devices viruses almost always are suspected and blamed. Well, the truth is that sometimes it is a hardware problem.
Many Kindle users complained of crashes. The Kindle has not been found to have exploitable vulnerabilities (yet) and isn’t even reported to have an … Read More…

Here in the Cyber Threat Analysis Center we’re starting to add video blogs. If the threat information I share doesn’t scare you, maybe my picture will
This short video blog is about drive-by downloads. This is aimed at helping people who are not technical to understand the nature of the threat. Drive-by downloads are … Read More…

The case for in-the-lab botnet experimentation: creating and taking down a 3000-node botnet
By Joan Calvet, Carlton R. Davis, José M. Fernandez, Jean-Yves Marion, Pier-Luc St-Onge, Wadie Guizani, Pierre-Marc Bureau, and Anil Somayaji
This paper, presented at the Annual Computer Security Applications Conference (2010), and to which ESET's Pierre-Marc Bureau was a contributor, discusses alternative approaches to … Read More…

Version 1.3 of the Stuxnet Analysis white paper is now available on the white papers page at http://www.eset.com/documentation/white-papers. Details as follows.
Stuxnet Under the Microscope 
By Alexandr Matrosov, Eugene Rodionov, David Harley and Juraj Malcho, December 2010
Summary: Version 1.3 of a comprehensive analysis of the Stuxnet phenomenon, updated to include further information on the now-patched Task Scheduler … Read More…