ESET Threat Blog

ESET had quite a strong representation at Virus Bulletin this year in Barcelona, as David Harley mentioned in his post prior to the conference.
On the first day, Pierre-Marc Bureau presented his findings about the Kelihos botnet, David Harley and AVG’s Larry Bridwell discussed the usefulness and present state of AV testing, and to finish the … Read More…

…not, on this occasion, the classic Blackhat "It's your fault that we've hacked your server, infected you with a virus, and broadcast your credit card details and gaming credentials to anyone one who cares to access the torrent" self-justification. (Which reminds me of a mugger saying "don't make me do this to you" while he … Read More…

One of the most common ways to propagate malware through social engineering is to piggyback it on some attention-catching news event. This can be carried out using a variety of techniques and is certainly nothing new. One infamous example from 2007 was Win32/Nuwar (a/k/a the Storm Worm), which distributed through spam emails with current and/or … Read More…

You may not be aware that ESET writers have been supplying blogs to SC Magazine for a while now. Recently, Randy Abrams and I were drafted in after the original contributors moved on, and we started contributing this week:

Poachers and Gamekeepers considers whether there is a conflict of interest when AV companies work with companies … Read More…

[Update: more information from ESET on this malware here.]
Last October, my colleague Tasneem Patanwala blogged about rogue antivirus masquerading as an ESET product. In that instance it was a product calling itself Smart Security, and Tasneem's blog includes lots of useful information about that particular malware, and fake AV in general.
Looking through my huge backlog … Read More…

Since its release in 2007, ESET Smart Security has received many accolades for its antimalware, antispam and firewall functions.  However, we have recently been the recipient of a very dubious honor; a rogue antivirus program which masquerades as our own software.
The Rogues Gallery
Rogue antivirus is a loose family of programs that claim to scan a … Read More…

Kurt Wismer posted a much-to-the-point blog a few days ago about the way that purveyors of scareware (fake/rogue anti-virus/security products) mimic the marketing practices of legitimate security providers. You may remember that a while ago, I commented here about a post by Rob Rosenberger that made some related points.
If you’re a regular reader of my … Read More…

Our research colleagues in South America have found that there is considerable effort by the bad guys to try to infect your computer when you search for information about the 2010 world cup games. Specifically, if you are searching for free tickets. The bad guys know that people searching for free tickets to the World … Read More…

Earlier this month, we reported on the massive new Koobface campaign making the rounds through Facebook and how it tricked users into downloading and running it through that tenet of social engineering, the fake codec. We now have a video showing how the Koobface worm tricks users into running it:

NOTE: The audio is not completely … Read More…

[Interim updates removed: later information on Twitter profile attacks and Blackhat SEO attacks using keywords related to this topic to spread malware, has been made public in a later blog at http://www.eset.com/blog/2010/03/30/here-come-more-of-the-ghouls.]
Following this morning's bombings in the Moscow Metro (subway system), Aryeh Goretsky suggests the likelihood of criminals using "blackhat SEO" (search engine optimization or … Read More…