ESET Threat Blog

ESET has discovered a new version of the Delphi infector, Win32/Induc. Unlike its predecessors, however, this variant incorporates a seriously malicious payload and has acquired some extra file infection and self-replicative functionality.
Two years ago, we published comprehensive information (here , here, and here) about the virus Win32/Induc.A, which infected Delphi files at compile-time. Though not … Read More…

You might think it strange, but the creation of viruses and malware isn't illegal in most jurisdictions. Most virus-writers have been prosecuted on secondary grounds such as unauthorized access or modification, malicious damage and so on. More recent malware authors, botmasters and such may also fall foul of similar issues, or other criminal activities such as fraud or … Read More…

It's something of a truism, that 'old viruses never die', and that certainly seems to be the case for some of the older, more widespread, email worms. In this interview (http://www.signonsandiego.com/uniontrib/20041129/news_lz1b29five.html) back in 2004, I talked about an email worm called "Win32/Zafi.b" which, at the time, had recently been spreading on a global scale.
However, a … Read More…

One of the (few) blessings of having been so long in this industry is that I remember a time when most malware was viral and Trojans were rare: so rare, in fact, that there was at one time a notorious "dirty dozen" set of Trojans. 
At around the same time, there were innumerable hoaxes describing malware with some … Read More…

It is generally well-understood that antimalware programs—the software which detects computer viruses, worms, trojan horses and other threats to your system—work by scanning files using signatures they already have. A signature could be as simple as a string[i] (like using the "find" command in your word processor to locate a particular piece of text) or as … Read More…

There was a bit of a stir today around a British scientist, Dr. Mark Gasson. In the BBC article Dr. Gasson was touted as the “First Human ‘Infected With a Computer Virus’”. I let this one stew around for a few seconds and I have to say that this isn’t what it’s cracked up to … Read More…

Earlier this month, we reported on the massive new Koobface campaign making the rounds through Facebook and how it tricked users into downloading and running it through that tenet of social engineering, the fake codec. We now have a video showing how the Koobface worm tricks users into running it:

NOTE: The audio is not completely … Read More…

Even in Europe, we have a rough idea of what Thanksgiving is about, though we don't celebrate it at the same time or in the same way. However, Black Friday and Cyber Monday are rather less well known outside the US.
Since Randy has already blogged on Cyber Monday and its security implications at http://www.eset.com/threat-center/blog/2009/11/19/is-cyber-monday-the-end-of-shopping-as-we-know-it, I took the opportunity … Read More…

I recently learned a new acronym: SODDI (Some Other Dude Did It). What this refers to is the defense that criminals routinely use (plausible deniability) – and even more so when it comes to illicit activities on the Internet.
On Sunday, November 8th 2009 the Associated Press published an article regarding an individual that was … Read More…

ESET released its Global Threat Report for the month of September, 2009, identifying the top ten threats seen during the month by ESET's ThreatSense.Net™ cloud.  You can view the report here and, as always, the complete collection is available here in the Threat Trends section of our web site.  While the report identifies a number … Read More…