We have just completed fresh analysis of the malicious software known as Win32/Festi. While the "Festi" botnet created with this malware has been in business since the autumn of 2009 we can see that the software is frequently updated, as described in our analysis, and these updates mean Festi continues to be a potent threat … Read More…
One of the (few) blessings of having been so long in this industry is that I remember a time when most malware was viral and Trojans were rare: so rare, in fact, that there was at one time a notorious "dirty dozen" set of Trojans.
At around the same time, there were innumerable hoaxes describing malware with some … Read More…
Another day, another Facejack attack. We see a lot of these sorts of scams, alluringly titled posts – typically with a promise to show you who has been visiting your profile (or infamously, video of Osama Bin Laden's death) – that try to get you to click to see some special content.
The latest one looks … Read More…
It is unfortunate, but a fact that many organizations are going to suffer hacks. The internet was designed to be a cybercriminal’s dream. That was not the intent of the internet, but the design certainly is such that it serves the purpose well. Fortunately it also serves many great purposes quite well too.
News came out … Read More…
My colleague from ESET Ireland, Urban Schrott, reports that the company has seen a megawave of Facebook spams: five separate spams in 24 hours.
I've no idea of the numbers involved, but Urban's "think before you click" message is well worth repeating. The post is to ESET Ireland's CyberThreats Daily blog post: the company also has … Read More…
The February ThreatSense Report is now available from the ESET Threat Center. As well as the top ten threats reported globally by our ThreatSense.Net telemetry, it includes feature articles from Josep Albors and Urban Schrott, as well as some shorter news items:
From Russia with spam (Josep Albors)
Misplaced trust in trustworthy names? (Urban Schrott)
Nothing exceeds like … Read More…
[My colleague in Spain, Josep Albors, reports that Ontinet has been noticing lots of emails with links to forums. Following the links leads to a forum full of spam products, from replica watches to viagra. He's published a Spanish language blog on the topic, but here's a rough translation.]
Sending out unsolicited email on a massive scale … Read More…
This is a 419 (a so-called Nigerian scam letter) received via Facebook. Well, it doesn't look very Nigerian, and it includes a phone number that appears to be in Hong Kong (no, I haven't tried it out). But the letter, though perhaps more literate than some of the African scams I've seen, is standard Advance … Read More…
Pierre-Marc tells me that he has received two malware samples that grabbed his attention due to their resemblance to Storm/Waledac. They use the same kind of distribution mechanism: that is, spam with links to a New Year eCard for New year with titles like "New Year Wishes!" and "You Received an Ecard." The mail contains … Read More…
If you read my previous blogs about P2P/inbox-mediaone/traclickmedia spam offering the currently-defunct Limewire (though some sort of replacement has been promised), you'll be glad to know that not only have they caught up with the latest news, but are now offering an alternative that is cleaner, faster, friendlier and safer. Yeah, right…
In fact, looking through … Read More…
- David Harley (741)
- Randy Abrams (431)
- Cameron Camp (111)
- Stephen Cobb (62)
- ESET Research (56)
- Pierre-Marc Bureau (51)
- Aryeh Goretsky (31)
- Andrew Lee (15)
- Jeff Debrosse (12)
- Robert Lipovsky (12)
- Paul Laudanski (11)
- Sebastian Bortnik (8)
- Dan Clark (6)
- Righard Zwienenberg (6)
- Sébastien Duquette (5)
- Alexis Dorais-Joncas (3)
- Tasneem Patanwala (3)
- Aleksandr Matrosov (2)
- Peter Stancik (2)
RSS
