ESET Threat Blog

The recent MacDefender Trojan has been receiving “rebranding” facelifts since it came out. It has now been deployed as MacProtector, MacDetector, MacSecurity, Apple Security Center, and there are no doubt more iterations to come. The malware has been updated, and now sports an improved UI that looks like a native Mac OSX application, unlike the ... Read More.

The Trojan downloader malware Win32/TrojanDownloader.Agent.QXN that showed up in my email about 10 days ago made a return visit today, posing as a pair of emails from the United States Postal Service. The first time the malware showed up it was dressed up, as a package delivery receipt from Canada Post. But this time the ... Read More.

Adobe Flash is, in my opinion, the most ubiquitous spyware in the world and no products detect it as such. The reason it goes undetected is that it also has numerous legitimate uses, however, there is growing evidence that indicates significant abuse. This will be the first in a series of blogs in which I ... Read More.

Having implemented generic detection of the CVE-2010-2568 vulnerability used to propagate the now infamous Win32/Stuxnet, ESET has identified not one but two new malware families that exploit the same vulnerability.  This vulnerability allows code execution through malicious LNK (shortcut) files.  We have identified a new family that exploits this unpatched vulnerability in order to spread, which ... Read More.

If you use Facebook you've probably heard of Timeline, a "new" feature that replaces the "traditional" profile page. However, you may be confused by Timeline–I know I am–and confusion could make you the target of a growing number of Timeline-related scams. As of January 3rd, the watchful folks at Inside Facebook were reporting 16 Timeline-related ... Read More.

What’s wrong with this picture? Yes, that’s right, I am using Google’s incognito mode and Clicker knows exactly who I am! I have previously blogged here and here about Facebook’s instant personalization, but let me spell it out for you. Facebook “Instant Personalization” destroys Google Chrome’s “Incognito mode”. There is nothing incognito about opening a clean ... Read More.

Introduction LinkedIn is a social network platform whose specialty is connecting professionals together to build relationships and create business opportunity. Recently the company became publicly traded and grabbed the attention of the world as its initial public stock offering more than doubled on the first day. Here we focus tools and options for user privacy on ... Read More.

With the breach of Epsilon, we are going to see a huge influx of phishing attacks before it settles back down to the normal level of tons of phishing attacks. So you aren’t a computer expert, how do you protect yourself? Don't worry about spotting the phish, it is more important that you do not take ... Read More.

This week we have detected another interesting attack vector. This time cybercriminals are using an interesting technique for hiding malicious Javascripts and employ implicit iFrame injection. At this moment we are tracking hundreds of infected legitimate web sites in the Russian internet segment using this technique of infection. Let’s analyze this attack method step by ... Read More.

Installing an application on an iPhone is a bit different than installing an application on an Android based system. With the iPhone you go to the App Store, select your application (and pay if required) then download and install it. For the Android based phones you go to the Android Market, select your application, download ... Read More.