ESET Threat Blog

Earlier this month, researchers from AlienVault and Intego reported a new malware attack targeting Tibetan NGOs (Non-Governmental Organizations). The attack consisted of luring the victim into visiting a malicious website, which then would drop a malicious payload on the target’s computer using Java vulnerability CVE-2011-3544 and execute it. The webserver would serve a platform-specific JAR … Read More…

The Mac OS X information stealing malware OSX/Imuler, initially discovered last fall, has resurfaced. This time, instead of being installed by the OSX/Revir.A dropper, this new variant of OSX/Imuler hides itself inside a ZIP archive, right in the middle of an array of erotic pictures, waiting for the user to open the malicious application.

This new … Read More…

Introduction
Mobile World Congress 2012 is almost upon us, and one of the most hotly-anticipated topics is the next generation of Microsoft’s smartphone operating system Windows Phone 8, which has been kept under wraps far more tightly than its PC counterpart, Windows 8.
While Microsoft was an early adopter in the creation of smartphones with Windows Mobile, … Read More…

Yesterday, ESET announced the discovery of a new threat against the Apple Mac OS X platform. Today, we have found a new version of the same threat. The new version is similar to the previous version with two important differences. The first addition to this threat is that it now implements persistence on an infected … Read More…

ESET would like to extend our sincere sympathies to the friends, family and colleagues of Steve Jobs. Steve was a true visionary, without whom the world of computing would be very different. If you have never seen Steve's Stanford University Commencement Address, you should, it's truly inspirational. The third point he makes is that we … Read More…

A new attack against Apple Mac OS X Lion (10.7) has been detected by Intego.  The threat is a trojan, dubbed Flashback, installed via a fake Adobe Flash installer downloaded from a third party site.
As with the MacDefender and Revir malware the Flashback attack uses social engineering to entice the user to download then install the … Read More…

 
A new trojan has been released targeting the Macintosh Chinese-language user community.  The trojan appears to the user to be a PDF containing a Chinese language article on the long-running dispute over whether Japan or China owns the Diaoyu Islands.  
When the user opens the “PDF” file, it attempts to mask the installation of a … Read More…

Forensic software developer PassWare announced a new version of its eponymous software forensics kit on Tuesday. Already several news sources are writing about how the program can automatically obtain the login password from a locked or sleeping Mac simply by plugging in a USB flash drive containing their software and connecting it to another computer … Read More…

The MacDefender malware has morphed again, now taking the guise of "MacShield."   As in the case of its oldest sibling MacDefender, the MacShield variant has taken the name of a legitimate Mac OSX software product with small distribution, doubtless causing the real developer significant heartache.
The UI is essentially unchanged, but as usual all of … Read More…

In the last few days, I have been asked by a journalist (or four) what MacDefender means for the future of Apple security, and if I thought there was excess hype around it.  
I'll address the second question first.   I think its safe to say the current malware would not be newsworthy if it … Read More…