ESET Threat Blog

I just did some work on a report that quotes some of the various statistics – or do I mean guesstimates? – regarding how many machines were likely to have been infected by Conficker. That report has already gone out, but it’s been pointed out to me that the wording makes it sound like we’re … Read More…

I just happened upon a blog that made an interesting point about the information that’s been made about Conficker. Essentially, the writer was fulsome in her praise of an article by Gary Hinson here, which gave some simple advice on dealing with Conficker/Downadup. As it happens, I’m familiar with the name Gary Hinson: he also contributes … Read More…

[Update: Spiegl Online reports (in German!) that the total may be as high as 50 million infected machines: however, this figure seems to be extrapolated from the number of infections picked up Panda's online scanner. Statistically, I'm not sure it makes any sense at all to try to correlate this self-selecting sample to the total population of ... Read More…

The top ten (twenty, twenty-five…) season doesn’t seem to have finished yet: the latest to cross my radar was something like seven ways of surviving the recession, which I’m sure is of interest to all of us, but not really in scope for this blog.
So here’s a snippet from our 2008 Global Threat Report, … Read More…

You might have noticed that Conficker (Downadup) is actually standing up rather well to all the attention it’s receiving at the moment.
Heise (a European publisher sending out a weekly security newsletter that’s often worth a closer look) that 2.5 million PCs are already infected. In The Register, Dan Goodin reports that the total has … Read More…

CNN reported that there a new sleeper virus out there. http://www.cnn.com/2009/TECH/ptech/01/16/virus.downadup/index.html
There is nothing sleepy about the Conficker worm, it is wide awake and looking for people who are asleep at the security wheel.
CNN reports that Conficker could allow hackers to steal personal and financial data, and they also report that it “it is not very … Read More…

There are different techniques that can be used by a program to identify in which country it has been installed.  It can check for time zone information, public IP addresses or even domain names.  Lately, we have seen two different malware families trying to discover their geographic location in an effort to avoid infecting PCs … Read More…

Here’s the second instalment of the "ten ways to dodge cyberbullets" that I promised you.
Keep applications and operating system components up-to-date with automated updates and patches, and by regularly reviewing the vendors’ product update sections on their web sites.
This point is particularly  relevant right now, given the escalating volumes of Conficker that we’re seeing … Read More…