ESET Threat Blog

Al-Qaida appears to have had its web communications hit by hackers, thwarting its continued effort at updating the world about its activities. It appears that a good portion of their global web presence has been affected. A year ago a similar style attack halted their web communications.
According to Evan Kohlmann from Flashpoint Global Partners, which … Read More…

Facebook recently launched a facial recognition feature that allows you and others to “tag” photos with your name. As has been the norm for Facebook, this “feature” is turned on by default and users must take their own initiative to limit, or turn it off. The implications are wide-ranging, so if you or anyone in … Read More…

Yet another Facebook Clickjacking attack is making the rounds. This time the message shows as below.

A right-click (not left) will allow you to copy the source location and open the link in a protected environment. The link brings up the following image

The “Jaa” button is actually a “Share” button and will post the first … Read More…

Our friends at Threatpost have come across what they describe as a massive phishing attack against Tumblr users. It seems the lure of sexual content will work as many times as Lucy can pull the football out each time Charlie Brown tries to kick it.
According to the article, hijacked web pages of Tumbler users contain … Read More…

In a ComputerWorld article Gregg Kaiser cites a Microsoft engineer as saying that the trojan that Microsoft calls “Popureb” digs so deeply that the only way to eradicate it is to reinstall the operating system.
If you read the Microsoft blog Feng didn’t actually say that this is the only way to eradicate the trojan. In … Read More…

A lawsuit being leveled against Sony relating to the recent breach activity alleges they skimped on security experts, laying off a batch of professionals prior to the events. The suit, seeking class action status, is being brought by Felix Cortorreal, Jimmy Cortorreal, and Jacques Daoud Jr., who claim they were directly affected by the data … Read More…

The TDSS botnet, now in its 4th generation, is seriously sophisticated malware, which is why we've spent so much time writing about it: the revision of the paper The Evolution of TDL: Conquering x64 that will be up on the white papers page shortly runs to 54 pages and includes some highly technical analysis, including the detail on … Read More…

[News from my colleagues in Russia, Aleksandr Matrosov and Eugene Rodionov.]
Recently, we had a stroke of luck: our TDL tracker picked up a brand new plugin for TDL4 kad.dll (Win32/Olmarik.AVA) which we haven’t seen previously. It took some time to find out what it is intended to do. After some preliminary analysis we discovered that … Read More…

Long a puzzling challenge, the FBI seems to be making strides in tackling international coordinated scams, in this case, scareware. Scareware, the practice of providing fake infection notifications to users’ computers, and then offering to sell solutions to problems that don’t exist, has been quite a boon as of late for fraudsters. FBI claims the … Read More…

[Updated footnote in line with information received from Ontinet.com about coldcalling regulation in Spain.]
Yesterday I had a phone call. Well, several, of course, but this was yet another irritating cold call. If you've read some of my many blogs on the subject, you might think that it must have been yet another support desk scam, … Read More…