Malware
Main
Security
Anti-MalwareMalware
MSNBC Security
Security Fix
Security World News
Random Feeds
Archives
| Feb 2012 | Jan 2012 | Dec 2011 | Nov 2011 | Oct 2011 | Sep 2011 | Jul 2011 | Jun 2011 | May 2011 | Apr 2011 | Mar 2011 | Feb 2011 | Jan 2011 | Dec 2010 | Nov 2010 | Oct 2010 | Sep 2010 | Aug 2010 | Jul 2010 | Jun 2010 | May 2010 | Apr 2010 | Mar 2010 | Dec 2009 | Nov 2009 | Oct 2009 | Sep 2009 | Aug 2009 | Jul 2009 | Jun 2009 | May 2009 | Apr 2009 | Mar 2009 | Aug 2008 | Jul 2008 | Jun 2008 | May 2008 |Sat, 10 Oct 09
Blackhat SEO Campaign Targets 2009 Nobel Prize Winner
http://pandalabs.pandasecurity.com/archive/Blackhat-SEO-Campaign-Targets-2009-Nobel-Prize-Winner.aspx
We’ve identified a new Blackhat SEO campaign today which targets President Obama as the 2009 Nobel Peace Prize winner among a thousand or so other search terms. Clicking on a malicious search result yields the typical Rogueware campaign.
Search result:
Rogueware site:
The complete list of targeted search terms can be found here.
Fri, 9 Oct 09
Rogueware with new Ransomware Technologyâ„¢
http://pandalabs.pandasecurity.com/archive/Rogueware-with-new-Ransomware-Technology_2221_.aspx
The criminals behind Rogueware attacks are becoming increasingly aggressive in their approach to make money. We recently stumbled across a sample (Adware/TotalSecurity2009) which uses a ransomware technique to improve its sales. Once the computer becomes infected, Total Security forces the victim to purchase it before it will allow any files from being accessed on the system. When attempting to open a file, a message pops up in the notification area claiming that the application was blocked due to infection. The pop up recommends activating the "antivirus" software, which costs $79.95.
This would be a devistating blow to any user and would likely force the victim to purchase it, so we went ahead and cracked the sample to reveal all of the valid serial numbers. We're hoping that victims can find this blog post before shelling out any hard earned cash to these criminals.
Watch the video to see it in action:
Valid serials for Adware/TotalSecurity2009:
WNDS-TGN15-RFF29-AASDJ-ASD65
WNDS-U94KO-LF4G4-1V8S1-2CRFE
WNDS-6W954-FX65B-41VDF-8G4JI
WNDS-G84H6-S854F-79ZA8-W4ERS
WNDS-TTUYJ-7UO54-G561H-J1D6F
WNDS-A1SDF-6AS4D-RF5RE-79G84
WNDS-A1SDF-RY4E8-7U98D-F1GB2
WNDS-5SRTS-AEHUF-YA54S-D6F35
WNDS-P9685-4H41A-DSW3A-2R64T
WNDS-2AE32-1VFC2-B6894-G67YU
WNDS-4TS8R-D6F5D-4JH8T-U4JK5
WNDS-FGS5D-649RG-4S53D-412SF
WNDS-452S3-ER00F-TSE35-S8FSD
WNDS-SERFH-2642S-F04SD-64FG1
WNDS-F40SA-1ER5H-4FG5D-F8412
WNDS-5D1V2-XB0D5-JT1TY-97DS3
WNDS-4BGY2-JY4KO-IT98Y-7HJ43
WNDS-G8FB6-1V87S-DRT1S-63SRG
WNDS-HFVDR-9844O-U54DA-5TBSC
WNDS-89OF7-7324R-5SAD4-TG68U
WNDS-JUYH3-24GHJ-HGKSH-FKLSD
You can download a free trial to completely remove the infection once the ransomware feature is removed.
Special thanks to Sherab Giovannini for extracting the serials.
Tue, 6 Oct 09
Rogueware distributors use Skype
http://pandalabs.pandasecurity.com/archive/Rogueware-distributors-use-Skype.aspx
Rogueware distributors are like the cockroaches of the Internet; they’re everywhere. Malicious search results, online advertisements, and iframe hijacked sites are the typical distribution methods, but every once in a while we come across an interesting approach.
Recently, a colleague alerted me of a spam message coming through to his personal Skype account. The message appeared out of nowhere from an account labeled “Online Notification” and made the typical claims of a found infection. Once the victim navigates to the site, the usual fake antivirus trickery takes place.
Skype isn’t the most reliable or innovative distribution method, but we’ll go ahead and give them an "A" for effort.
Fri, 2 Oct 09
Q3 report released
http://pandalabs.pandasecurity.com/archive/Q3-report-released.aspx
We've just published our latest quarterly report. We'll show the different figures about malware in Q3, and some interesting articles. If you want to know what has happened in the last 3 months, which have been the most important Blakhat SEO attackes or the latest movements of the Koobface worm, just download it and enjoy!
English: 
Spanish: 