Anti-Malware
Main
Security
Anti-MalwareMalware
MSNBC Security
Security Fix
Security World News
Random Feeds
Archives
| Jan 2012 | Dec 2011 | Nov 2011 | Oct 2011 | Sep 2011 | Aug 2011 | Jul 2011 | Jun 2011 | May 2011 | Apr 2011 | Mar 2011 | Feb 2011 | Jan 2011 | Dec 2010 | Nov 2010 | Oct 2010 | Sep 2010 | Aug 2010 | Jul 2010 | Jun 2010 | May 2010 | Apr 2010 | Mar 2010 | Feb 2010 | Jan 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 |Sat, 28 Nov 09
Don’t Give Spammers a Reason to Be Thankful
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/GxHTtMCFolA/
Thanksgiving kicks off the holiday season in the United States, the top spam-sending country in the world. The holiday season ushers sales and big discounts for users. Unfortunately, however, this also means that spammers will be rushing to offer consumers bogus promos and discounts. Seems even cybercriminals have something to be thankful for, too.Trend Micro [...]
Sat, 28 Nov 09
Another ZBOT Spam Run
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/F7TooMVrMDc/
Trend Micro threat analysts were alerted to the discovery of another ZBOT spam campaign. The emails bear subjects such as “your photos” and “some jerk has posted your photos.” They inform the recipients that someone has posted their photos without their permission on a site and has sent the link to their friends. The recipient is intended to [...]
Fri, 27 Nov 09
“New Koobface Variant” Targets Skype
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/Ck31XerpVFA/
The activities of the infamous Koobface botnet have been a frequent topic of discussion here at the Malware Blog. Some security analysts recently commented that the botnet has added a new tool to its arsenal as a new alleged “Koobface variant” has been targeting the VoIP application, Skype.The supposed “Koobface variant,” detected by Trend Micro [...]
Thu, 26 Nov 09
Win a Macbook Air, Get Malware
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/JF_iExt6sm8/
Trend Micro threat analysts were alerted to the discovery of spammed messages that purported to come from Media Service. The email bears the subject, “Congratulations,” and informs users that they won a Macbook Air. It also entices users to open the attached .ZIP file, which supposedly contains the details. Of course, the attachment does not hold any [...]
Tue, 24 Nov 09
Spoofed Trend Micro Email Leads to Phishing Site
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/9YhLK-MVzvA/
Trend Micro threat analysts recently unearthed spammed messages that purported to have come from Trend Micro. Targeting trusted organizations is not an uncommon technique, used by cyber criminals when carrying out spam campaigns. In this case, the phishing URL and domain are already inaccessible.The emails bear the subject, “Malware Blocking Tests put Trend Micro on [...]
Tue, 24 Nov 09
US$1 Tickets to Brazil Come with Hidden Costs
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/Ah_2vGiIl9Y/
Users who are currently planning to go or return to Brazil, especially with the holidays coming up, should watch out for a recent spam run. Spammed messages fashioned to look like an email from a Brazilian airline are offering users tickets to Brazil for just US$1.Here is a rough translation of the text in the [...]
Tue, 24 Nov 09
Internet Explorer Vulnerability Exploit Detected
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/9EAHA8Tbgaw/
Threat researchers have been alerted to the discovery of a new exploit targeting Internet Explorer. Analysts have conducted tests and confirmed that the exploit affects versions 6 and 7 of the browser. Although the exploit is currently unreliable, cybercriminals may be able to create a reliable exploit in the near future. This may allow them [...]
Mon, 23 Nov 09
Phishers Target Shaw Communications Customers
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/Z6-X5aL1nig/
Trend Micro threat analysts recently found a fake Shaw Communications phishing Web page http://{BLOCKED}nadaworld.net/{very long string containing random characters}/ that asks users for their customer care login name and password.Shaw Communications is one of the largest telecommunications company in Canada. It provides Internet, digital phone, and cable television services to millions of customers that are [...]
Fri, 20 Nov 09
Job Spam Uses Twitter
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/MoJun7x4mCE/
TrendLabs researchers were alerted to the discovery of spammed messages that contained Twitter URLs. The spam uses subjects such as N3 Earn Extra Income! 7L, C2 Exrtra Income Daily 4P, and Q0 $$$ Oppurtunity 6O. It informs users about supposed work-from-home opportunities for Google that pay good sums of money. It then entices users to click the Twitter [...]
Fri, 20 Nov 09
Fake Blogs Lead to FAKEAV
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/HQI7cm45V-A/
Media reports have revealed the existence of fake blogs that were used to spread FAKEAV malware. The blogs do not actually contain any useful content. Instead, they have posts that contain nothing but images with post titles that use a wide variety of topics. The images used appear to have simply been taken from a [...]
Thu, 19 Nov 09
Payment Request Spam Contains Malware
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/LleixjLxkfY/
TrendLabs researchers received spammed messages purporting to have come from various companies such as eBay, J.P. Morgan Chase and Co., and Colgate-Palmolive, among others. The email bore the subject, “Payment request from,” and informs users about a certain recorded payment request.The spammed message even gave users two options—to either ignore the email if the payment request has been made or to [...]
Wed, 18 Nov 09
Meteor Shower and New Moon Lead to FAKEAV
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/cK924rCHid8/
TrendLabs threat analysts found another FAKEAV campaign piggybacking on the Leonid meteor shower and the much-anticipated sequel to the Twilight saga, New Moon. Users searching for news and updates using the keywords “meteor shower tonight november 16 time” and “New Moon premiere live stream” end up with poisoned search results. These results redirect users to fake [...]
Tue, 17 Nov 09
Pacquiao vs Cotto Fight Live Stream Leads to FAKEAV
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/RX8lzcuDewg/
As Filipinos and Puerto Ricans were busy rooting for their champions in yesterday’s fight, so were cybercriminals who wished to capitalize on the match. Through SEO poisoning, users searching for a live stream of the Pacquiao vs Cotto fight were instead served a FAKEAV variant.According to Threat Response Engineer Jasper Manuel, search results led to the download of [...]
Sat, 14 Nov 09
Bogus ‘Balance Checker’ Tool Carries Malware
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/ohcfgzTz6lA/
Trend Micro threat analysts received samples of spammed messages that purports to come from mobile phone companies, Vodafone and Verizon Wireless. The email messages carry the subject, “Your credit balance is over its limits” and inform users that their credit balance is due. To be able to review the payments, users should employed the balance [...]
Fri, 13 Nov 09
New SMB Zero-Day Exploit?
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/qqkcPg8poQk/
Third-party security researchers reported that they found a vulnerability in both Windows 7 and Windows Server 2008 Release 2. The said bug exists in the handling of Server Message Block (SMB) packets and can allow malicious users to remotely crash systems if a malformed packet is received by the target system. The crash does not [...]
Fri, 13 Nov 09
Twitter DM Spam Collects Mobile Numbers
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/_15msuckWGk/
Cybercriminals are using compromised Twitter accounts to spam out information-gathering websites to unknowing users.The attack starts with compromised Twitter accounts. The accounts are used to send out Direct Messages to the followers of the users who own the compromised accounts.The Direct Message—which is basically the Twitter counterpart of a private message—contains a link to what [...]
Fri, 13 Nov 09
Beware: Never Share Your Capita with Phishers
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/LaJOadv9bHE/
Trend Micro threat analysts recently discovered a phishing attack targeting the website of the Capita Group. The said site is dedicated for the company shareholders’ use. It aims to reduce the need for paperwork and provides 24 hour access for greater convenience.The fake Web portal asks users to enter their surname, shareholder reference number, postal code, telephone number, date of birth, and [...]
Thu, 12 Nov 09
November Patch Tuesday Addresses 15 Vulnerabilities
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/dnQNBY3vV9E/
Microsoft released six security bulletins to fix 15 vulnerabilities in this month’s Patch Tuesday. Three of these security advisories (MSO9-063, MS09-064, MS09-65) are considered “critical” while the other three have been dubbed “important.”MS09-067 deals with eight security holes plaguing Microsoft Excel that when successfully exploited can allow remote code execution when users open a specially crafted .XLS file. Users are thus strongly [...]
Wed, 11 Nov 09
New Koobface Component Imitates Facebook User
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/KbEtBL56WUE/
The Koobface botnet has pushed out a new component that automates the following routines:Registering a Facebook accountConfirming an email address in Gmail to activate the registered Facebook accountJoining random Facebook groupsAdding Facebook friendsPosting messages to Facebook friends’ wallsOverall, this new component behaves like a regular Internet user that starts to connect with friends in Facebook. [...]
Tue, 10 Nov 09
Koobface Abuses Google Reader Pages
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/M3IXuq8hL3I/
We are seeing another development from the Koobface botnet, this time abusing the Google-owned service Google Reader to spam malicious URLs in social networking sites such as Facebook, MySpace, and Twitter.The Koobface gang used controlled Google Reader accounts to host URLs containing an image that resembles a flash movie. These URLs are spammed through the said social networks. When [...]
Sun, 8 Nov 09
Are You Being (Facebook) Phished?
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/i4oE36baMXQ/
Trend Micro security experts received email messages that supposedly came from Facebook. It asks recipients to update their login credentials for security purposes. It then instructs them to click the URL provided in the email message. When the user clicks the URL, it points them to a spoofed Facebook website where they are required to [...]
Fri, 6 Nov 09
Lose/Lose: Kill an Alien, Delete a File
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/5KHA3SSuNVI/
Anyone who has ever played a video game—whether in an arcade, using a gaming console, or on a PC—knows how a good kill can get one all excited and pumped up. Games that involve killing certain entities give us the thrill of being in such an exhilarating situation, without suffering any serious consequence. A certain [...]
Thu, 5 Nov 09
DOWNAD/Conficker Turns 1yr
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/yIYVonp6uso/
Worm Exploits MS08-067 BugDOWNAD, also known as the Conficker worm, was first seen in the wild taking advantage of the MS08-067 vulnerability. True to form, it propagated via shared networks. Like its predecesors—the Sasser and Nimda worms—it also raised security concerns with regard to a spike in port 445 activity.A few days after its appearance, [...]
Wed, 4 Nov 09
Elite Loader Goes Public
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/YncaXPIz0Co/
A few days ago, I got access to the source code of the well-known Elite Loader for free. Yes. It was published on one of the Russian underground forums. It even had a detailed description and screenshots showing how to use the application’s command and control (C&C) server.Apart from dropping malicious files on infected machines, [...]
Tue, 3 Nov 09
BREDOLAB Revealed!
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/BM3Ob72cy4s/
When BREDOLAB entered the threat landscape several months ago, it was initially thought of as a common downloader (that downloads executable files) designed for malware infection only. However, Trend Micro researchers noticed a sudden increase in its activities in August 2009. This pushed our researchers to delve more into the inner workings and behaviors of BREDOLAB.Our analysis then [...]
Tue, 3 Nov 09
Malware Conceals Itself as Boss’s Letter
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/VXKD9DUNSbo/
Trend Micro threat analysts found spammed messages that pretended to be a letter coming from the “boss.” The messages bore the subject “get back to my office for more details” and instructed users to extract and read the letter contained in the attached .ZIP file. The attachment, of course, does not contain a letter but an .EXE file [...]
Tue, 3 Nov 09
Christmas Spam Spotted
http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/gZZ7xzRKWzA/
With Christmas just right around the corner, spammers are already flooding users’ inboxes with unwanted email. No surprises there. Spammers are known to exploit the holidays to further their malicious causes.Just recently, Trend Micro threat analysts found another spammed message that claimed to be a “replication specialist” and enticed users to buy replica products like watches, handbags, [...]