Anti-Malware
Main
Security
Anti-MalwareMalware
MSNBC Security
Security Fix
Security World News
Random Feeds
Archives
| Feb 2012 | Jan 2012 | Dec 2011 | Nov 2011 | Oct 2011 | Sep 2011 | Aug 2011 | Jul 2011 | Jun 2011 | May 2011 | Apr 2011 | Mar 2011 | Feb 2011 | Jan 2011 | Dec 2010 | Nov 2010 | Oct 2010 | Sep 2010 | Aug 2010 | Jul 2010 | Jun 2010 | May 2010 | Apr 2010 | Mar 2010 | Feb 2010 | Jan 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 |Mon, 31 Aug 09
Trojan Targets Skype Users
http://blog.trendmicro.com/trojan-targets-skype-users/
TrendLabs researchers were alerted of a newly released Proof-of-Concept (PoC) that listens and records voice calls carried out via Skype. Trend Micro detects this as TROJ_SPAYKE.C. Skype is a popular application used for making voice over IP (VoIP) calls.Upon execution, the DLL component (also detected as TROJ_SPAYKE.C) intercepts Skype traffic and hooks the send and [...]
Sat, 29 Aug 09
Mobile Users Unfazed by Web Threats
http://blog.trendmicro.com/mobile-users-unfazed-by-web-threats/
Users are under the impression that mobile phones are more secure than PCs, according to the latest Trend Micro survey. A number of users are found not practicing safe browsing when using their mobile phones.The survey shows that 44% of over 1,000 respondents are lax when it comes to surfing using their mobile phones. The [...]
Sat, 29 Aug 09
Firefox Add-on Spies on Google Search Results
http://blog.trendmicro.com/firefox-addo-spies-on-google-search-results/
Trend Micro threat analysts were alerted to the discovery of a spyware (detected as TSPY_EBOD.A) purporting to be an Adobe Flash Player update. Upon execution, the spyware creates a Firefox add-on called “Adobe Flash Player 0.2,” the installer of which uses JavaScript (detected as JS_EBOD.A) and appears to spread via forum posts.The said add-on injects [...]
Sat, 29 Aug 09
XSS Attack Targets Chinese Social Networking Site
http://blog.trendmicro.com/xss-attack-targets-chinese-social-networking-site/
Recently we’ve encountered a cross-site scripting attack that targeted the Chinese social networking site Renren. Fortunately for users, it was quite harmless as far as these kinds of threats go—but it could have been much, much worse.Renren users received messages from their friends with a link that pointed to a video of the Pink Floyd [...]
Sat, 29 Aug 09
BKDR_REFPRON in New Mass Compromise
http://blog.trendmicro.com/bkdr_refpron-in-new-mass-compromise/
Trend Micro threat analysts were alerted to another mass compromise attack affecting around 55,000 consumer-oriented sites spread throughout Canada, China, the United Kingdom, and India as of the first report.This incident is a painful reminder of the persisting risk of unprotected Web-surfing. In this particular case, the malicious scripts injected in the legitimate sites [...]
Thu, 27 Aug 09
Bogus Snow Leopard Update Sites Lead to DNS Changers
http://blog.trendmicro.com/bogus-snow-leopard-update-sites-lead-to-dns-changers/
Before the August 28 official release of Apple’s OS X Snow Leopard, cybercriminals are already hitchhiking on this to proliferate their malicious activities. Earlier today, Advanced Threat Researcher Feike Hacquebord discovered several fake sites that supposedly give Mac users free copies of the newest version of the Mac OS, Snow Leopard. However, accessing these [...]
Thu, 27 Aug 09
Investigations on a Cybercrime Hub in Estonia
http://blog.trendmicro.com/investigations-on-a-cybercrime-hub-in-estonia/
Tartu, Estonia is the hometown of an Internet company that, from the outside, looks just like any other legitimate Internet service provider (ISP). On its website (see Figure 1), the company lists services such as hosting and advertising. According to publicly available information, it posted more than US$5 million in revenue and had more than [...]
Tue, 25 Aug 09
All Your Info Are Belong to Us
http://blog.trendmicro.com/all-your-info-are-belong-to-us/
We at Trend Micro Research recently produced a short blog series on the Pushdo botnet, a botnet which excelled at staying under the radar for a considerable amount of time. Pushdo is not alone in this regard however: enter Ilomo.Ilomo has also being active for several years now, and like Pushdo has done so without [...]
Mon, 24 Aug 09
File Infector Targets Delphi Compilers
http://blog.trendmicro.com/file-infector-targets-delphi-compilers/
A new threat targeting Borland Delphi Compilers is fast becoming a global concern, as we have been receiving reports of increased infection incidents. The file infector, detected by Trend Micro as PE_INDUC.A, tampers with Borland Delphi Compilers installed in targeted systems, causing all files compiled using the compromised Delphi compiler to be infected. Borland Delphi [...]
Mon, 24 Aug 09
More Mac Malware In The Wild
http://blog.trendmicro.com/more-mac-malware-in-the-wild/
While still low-intensity compared to the PC platform, malware attacks against Macs are definitely becoming more prevalent. Trend Micro researcher Ivan Macalintal has found another new variant of the JAHLAV family hosted on known malicious domains. The new variant is detected as OSX_JAHLAV.I and, like other JAHLAV variants, poses as pirated versions of legitimate [...]
Sat, 22 Aug 09
A Fall-Guy For Eastern European Cyber Crime?
http://blog.trendmicro.com/a-fall-guy-for-eastern-europen-cyber-crime/
Albert GonzalesAlbert Gonzales may be taking the majority of the heat (and rightly so), and the full force of U.S. Law Enforcement prosecution, but he is only the tip of the proverbial iceberg.There is an entire Eastern European organized criminal operation that is further along in this food chain.In case you haven’t heard, Gonzales [...]
Sat, 22 Aug 09
Laptop Delivery Note Contains Malware
http://blog.trendmicro.com/laptop-delivery-note-contains-malware/
Just today, we at the Content Security team received a large number of spam with a ZIP attachment that contains a backdoor. The said email informs the user that the product he/she has ordered/purchased online is already sent. It then asks the user to view the tracking document details by opening the attachment.The attachment is [...]
Thu, 20 Aug 09
Facebook Applications Used For Phishing
http://blog.trendmicro.com/facebook-applications-used-for-phishing/
It would be easy to think that once someone has logged in successfully to Facebook—and not a phishing site—that the security threat is largely gone. However, that’s not quite the case, as we’ve seen before.Earlier this week, however, Trend Micro researcher Rik Ferguson found at least two—if not more—malicious applications on Facebook. (These were the [...]
Sat, 15 Aug 09
1H 2009: Malware Threat Grows Ever Larger
http://blog.trendmicro.com/1h-2009-malware-threat-grows-ever-larger/
Malware threats have undergone many, many stages of evolution over the years. First it was DOS viruses, then macro viruses, then mass-mailers, then botnets, then Web threats… the only constants seem to be that these are growing both in number and in danger.TrendLabs has seen this continued growth of malware. The effects on users is [...]
Sat, 15 Aug 09
Brazil: Spam Changing A HOSTS File?
http://blog.trendmicro.com/brazil-spam-changing-a-hosts-file/
We have recently detected a new spam attack that attempts to grab the bank data of Brazilian users.The mechanics of this attack are simple. Users receive this spam email:The mail claims that the user has received an e-card, and contains a link to “read” the said card. Click on the related link, a file is [...]
Wed, 12 Aug 09
August 2009 Patch Tuesday Addresses MS Vulnerabilities
http://blog.trendmicro.com/august-2009-patch-tuesday-addresses-9-ms-vulnerabilities/
Today’s Patch Tuesday from Microsoft comes with 9 security advisories, 5 of which are tagged as critical, 4 as important. Collectively, 19 flaws are addressed in these advisories, 15 of which are critical. This set of advisories also includes the bulletin that addresses the previously exploited Microsoft Office Web Components bug.The critical advisories include patches [...]
Wed, 12 Aug 09
PayPal Fraud with CAPTCHA
http://blog.trendmicro.com/paypal-fraud-with-captcha/
It’s about time this technique comes in.. Content Security’s forecast that phishing with captcha would be an emerging fraudulent techniques.CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) used to protect web sites against abusive automated softwares that can register, spam, login, or even splog. However, now a days that isn’t the [...]
Wed, 12 Aug 09
Twitter: Target of a Not-so-Normal DDoS Attack?
http://blog.trendmicro.com/twitter-target-of-a-not-so-normal-ddos-attack/
Twitter suffered service problems from hacker attacks on Thursday.Users of the micro-blogging service Twitter are used to seeing the fail whale, a graphic that appears when the service’s capacity is overloaded. During the denial-of-service (DoS) attack, however, the site was left completely unreachable for around 90 minutes. This means a hacker used a herd of [...]
Wed, 12 Aug 09
Mac OS X DNS-Changing Trojan in the Wild
http://blog.trendmicro.com/mac-os-x-dns-changing-trojan-in-the-wild/
A Domain Naming System (DNS)-changing Trojan targeting Macs is currently making the rounds disguised as MacCinema Installer (detected by Trend Micro as OSX_JAHLAV.D. This is the latest variant of OSX_JAHLAV.C, which was identified in June.The Trojan is supposedly a QuickTime Player update with the file name QuickTimeUpdate.dmg. As with its earlier variants, users are prompted [...]
Sat, 8 Aug 09
DefCon Las Vegas 2009
http://blog.trendmicro.com/defcon-las-vegas-2009/
DefCon in Las Vegas is probably the biggest event hackers and even non hackers have been waiting for. Although there were fewer people in this year’s DefCon (around 6,000, my estimate), the presentations, contests, and parties still raked in a huge number of attendees.The DefCon attendees believe that cybercriminals will likely be doing more of [...]
Fri, 7 Aug 09
The Real Face of KOOBFACE
http://blog.trendmicro.com/the-real-face-of-koobface/
A year after its first discovery, Koobface is still generating a lot of noise, no thanks to its high activity level over the past several weeks. But one year is a long time for a malware to stay alive. Storm didn’t make it out of its first year. Waledac has been around for [...]
Thu, 6 Aug 09
Twitter Filters Tweets
http://blog.trendmicro.com/twitter-filters-tweets/
Micro-blogging site Twitter has recently begun filtering tweets containing links to malicious sites.The tactic was first noticed by security researchers on Monday but has yet to be officially announced by Twitter. It has been designed to prevent surfers from being automatically redirected to sites packed with dangerous exploits.The widespread use of URL shortening in tweets [...]
Tue, 4 Aug 09
Cory Aquino’s Death Used to Spread Another FAKEAV
http://blog.trendmicro.com/cory-aquino%e2%80%99s-death-used-to-spread-another-fakeav/
It has only been a few days since former Philippine president Corazon Aquino died of cardio-respiratory arrest last Saturday (August 1). Cybercriminals are already well on their way to use this event for their own selfish gains.Cybercriminals use popular and high interest events to further their cause—in this case, spreading fake antivirus software detected by [...]
Mon, 3 Aug 09
Compromised Websites: It Can Happen To Anyone
http://blog.trendmicro.com/compromised-websites-it-can-happen-to-anyone/
Compromised websites are a sad fact of life on the Internet today, and here’s proof. Last week the website of a major British music producer was compromised, and stayed that way for at least several days. The site is now clean (last checked July 31, 2009) but the lessons to be learned from it remain [...]