ESET Threat Blog

Yesterday’s announcement by the US Department of Justice that the operators of file-sharing site Megaupload had been indicted for operating a criminal enterprise that generated over $175 million by trafficking in over half a billion dollars of pirated copyrighted material has sent shockwaves across the Internet.  The accuracy of those figures may be questionable, but … Read More…

An article came out yesterday from Clement Genzmer who is a security engineer at Facebook.  His tagline is "searching and destroying malicious links".  Those of us in the business of digital security and safety can certainly identify with that, especially the part where we aim to identify the criminals and work with law enforcement to … Read More…

The death of Osama bin Laden has gone viral, with blogs, social media and search engines pumping terabytes of rumor, innuendo and conspiracy theories at the speed of light, along with the occasional kilobyte of truth.  As the number of people searching for pictures and videos of bin Laden’s execution has skyrocketed, the criminal syndicates … Read More…

[NOTE:  As we were publishing this articl, our Latin American office discovered another Black Hat SEO campaign incorporating promises of Osama bin Laden videos on Facebook.  Click here to view their article in Spanish. We will follow up on this shortly.  AG]
The malware phenomenon started by the announcement of Osama Bin Laden’s death continues unabated, … Read More…

 
Just a quick follow up on the Microsoft Security Advisory (2501696) post that my colleague Randy Abrams wrote about on January 28th regarding Microsoft's recent MHTML vulnerability, which is listed by ESET as HTML/Exploit.CVE-2011-0096.A in our signature database.
 
Although reports remain low so far, any vulnerability in a particular version of Microsoft Windows is likely to … Read More…

This weekend, an unnamed worm forced Microsoft to temporarily suspend active links  in Live Messenger 2009, in order to prevent the aggressive worm from spreading further. This is quite a surprising measure, because worms spreading through Instant Messaging (IM) such as Skype, Yahoo! Messenger and Microsoft Live Messenger are not new at all! For example, … Read More…

[UPDATE #1 at 12:15PM:  Added more information about location of earthquake and prior scams. AG]
We have just heard about the early September 4 (Saturday morning) earthquake near Christchurch, New Zealand, currently estimated at a Richter magnitude of 7.4. Our New Zealand distributor in Auckland is unaffected, but communications with the area are difficult.
As with any tragedy … Read More…

While the jury’s still out about whether the intent of the past month’s mass webserver breaches are fully criminal, Dancho reports new developments which also link Koobface activity into this command and control structure:

Yet another mass sites compromise is currently taking place, this time targeting DreamHost customers, courtesy of the same gang behind the U.S … Read More…

Earlier this month, we reported on the massive new Koobface campaign making the rounds through Facebook and how it tricked users into downloading and running it through that tenet of social engineering, the fake codec. We now have a video showing how the Koobface worm tricks users into running it:

NOTE: The audio is not completely … Read More…

We have discussed SEO poisoning extensively in the ESET Threat Blog, and it should come as no surprise to our readers that any topic which trends up quickly in search engine traffic will be exploited by the criminals who specialize in such activities.  The poisoned search term du jour is "erin andrews death threat".  Apparently, … Read More…