ESET Threat Blog

We received a worrying notice today from the Internet Crime Complaint Center (IC3) which is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C), The headline reads: "Malware Installed on Travelers' Laptops Through Software Updates on Hotel Internet Connections." We felt that the warning which followed the … Read More…

Earlier this month, we reported on the massive new Koobface campaign making the rounds through Facebook and how it tricked users into downloading and running it through that tenet of social engineering, the fake codec. We now have a video showing how the Koobface worm tricks users into running it:

NOTE: The audio is not completely … Read More…

An article at Help Net Security by Zeljka Zorz describes malware written in Visual BASIC which masquerades as legitimate updates DeepFreeze, Java, Windows, Adobe Reader, and other legitimate applications.
Zeljka says:
"They have the same icon and version details, and can fool regular users and experts alike…it opens the DHCP client, the DNS client, Network share and open … Read More…

Round here, we're more than a little concerned about fake/rogue antivirus (and other fake security software). It's an ugly form of ransomware that hurts its victims in many ways.
It scares them by threatening dire consequences and damage from malware that doesn't exist (except in the sense that the fake AV is itself malware), in order … Read More…

[Update: I notice that at about the same time that I posted this, Sophos also flagged a blog reporting a somewhat similar fake update for Microsoft Outlook/Outlook Express (KB910721). The message is a lot different and links to a different site pretending to be Microsoft's update site, but is clearly not to be trusted. So the ... Read More…