ESET Threat Blog

Yesterday’s announcement by the US Department of Justice that the operators of file-sharing site Megaupload had been indicted for operating a criminal enterprise that generated over $175 million by trafficking in over half a billion dollars of pirated copyrighted material has sent shockwaves across the Internet.  The accuracy of those figures may be questionable, but … Read More…

Google researchers have recently released a rather interesting paper on Trends in Circumventing Web-Malware Detection, and several people have been asking me about it (or rather, the blog that announced it).
Read the full paper, folks! There's a lot more in there than the "cloaking" stuff, though if you're not a specialist, you may find some … Read More…

An article came out yesterday from Clement Genzmer who is a security engineer at Facebook.  His tagline is "searching and destroying malicious links".  Those of us in the business of digital security and safety can certainly identify with that, especially the part where we aim to identify the criminals and work with law enforcement to … Read More…

The death of Osama bin Laden has gone viral, with blogs, social media and search engines pumping terabytes of rumor, innuendo and conspiracy theories at the speed of light, along with the occasional kilobyte of truth.  As the number of people searching for pictures and videos of bin Laden’s execution has skyrocketed, the criminal syndicates … Read More…

[NOTE:  As we were publishing this articl, our Latin American office discovered another Black Hat SEO campaign incorporating promises of Osama bin Laden videos on Facebook.  Click here to view their article in Spanish. We will follow up on this shortly.  AG]
The malware phenomenon started by the announcement of Osama Bin Laden’s death continues unabated, … Read More…

Not using Twitter or Facebook is, in these times, akin to not owning or using a mobile ‘phone. Last night’s events – the reported death of Osama Bin Laden – proved that we are well and truly in the Twitter era (Twitter reported that over 4000 tweets per second were made immediately preceding the President’s … Read More…

 
Just a quick follow up on the Microsoft Security Advisory (2501696) post that my colleague Randy Abrams wrote about on January 28th regarding Microsoft's recent MHTML vulnerability, which is listed by ESET as HTML/Exploit.CVE-2011-0096.A in our signature database.
 
Although reports remain low so far, any vulnerability in a particular version of Microsoft Windows is likely to … Read More…

This weekend, an unnamed worm forced Microsoft to temporarily suspend active links  in Live Messenger 2009, in order to prevent the aggressive worm from spreading further. This is quite a surprising measure, because worms spreading through Instant Messaging (IM) such as Skype, Yahoo! Messenger and Microsoft Live Messenger are not new at all! For example, … Read More…

Every layer of protection you add will harden the target against cybercrime. SmartScreen technology found in Internet Explorer 8 has recently clocked over 1 billion blocked potential malware downloads from malicious sites. By way of Terry Zink’s blog:

1 billion malware blocks is an amazing milestone and an example of two things.
First socially engineered attacks … Read More…

While the jury’s still out about whether the intent of the past month’s mass webserver breaches are fully criminal, Dancho reports new developments which also link Koobface activity into this command and control structure:

Yet another mass sites compromise is currently taking place, this time targeting DreamHost customers, courtesy of the same gang behind the U.S … Read More…