Category Archives: Online Fraud

Robert Vamosi has a nice writeup on the antivirus market following Microsoft’s entrance into it. It’s interesting that the massive company, with its marketing prowess along with the advantage of its desktop dominance, still gives anything away for free. But … Continue reading

Posted in Online Fraud | 2 Comments

…from all sorts of bad things. We know. However, you may be seeing this mis-spelled message, which has changed a little bit over the past few months:“ATTENTION! If your computer is struck by the spyware, you could suffer data loss, … Continue reading

Posted in Online Fraud | 5 Comments

Larry Seltzer posted a fine review of the new AMTSO documents over on eWeek. It’s always great to see the words “I’m really impressed with what I’m reading in these standards.” He even goes over the “Best Practices for Dynamic … Continue reading

Posted in Online Fraud | Leave a comment

Last week we all witnessed the shutdown of the hosting provider McColo that was widely known for its affiliation with cyber criminals. An attempt to understand what McColo business was and who stood behind it led to some interesting discoveries. … Continue reading

Posted in Online Fraud | Leave a comment

A routine inspection of ThreatExpert reports revealed a large number of submissions of a banking trojan that appears to be produced by the construction kit “Limbo 2″. An analysis of this trojan reveals a few interesting techniques that are enlisted … Continue reading

Posted in Online Fraud | Leave a comment

Pdf malware is being actively distributed. Our user community is seeing a slew of rigged pdf files attacking various buffer overflow vulnerabilities in the Adobe Acrobat Reader software, including the newest publicly known. Sometimes, the user is duped into downloading … Continue reading

Posted in Online Fraud | Leave a comment

any spammed email message claiming to provide a link to information about U.S. culture or foreign policy may likely provide a trojan with rootkit capabilities. In one of the most prevalent social engineering schemes of this half of the year, … Continue reading

Posted in Online Fraud | Leave a comment

The Anti-Malware Testing Standards Organization (AMTSO) is meeting in Oxford, England, trying to finalize two documents that we have worked on as a part of the group for months. The “Fundamental Principles of Testing” document and “Best Practices of Dynamic … Continue reading

Posted in Online Fraud | Leave a comment

Critical vulnerability in Server Service has only been patched by Microsoft (MS08-067), as a new worm called Gimmiv.A has found to be exploiting it in-the-wild. Once executed, the worm will drop 3 files: winbase.dll, basesvc.dll and syicon.dll into the directory … Continue reading

Posted in Online Fraud | Leave a comment

Microsoft is releasing an out of band patch today. This Critical severity release is unusual — the last time such a patch was released was 18 months ago, when Windows users were getting slammed with exploits targeting one of the … Continue reading

Posted in Online Fraud | Leave a comment

That’s quite funny – the latest build of the rogue antispyware “AntiVirus2010” now fakes BSoD and complains about activation: What’s next – popping up an annoying message “This copy of AntiVirus2010 is not genuine. You may be a victim of … Continue reading

Posted in Online Fraud | Leave a comment

Clickjacking – a relatively new trick that can potentially be used for malicious purposes under any browser/OS platform. There is not much known yet on what exactly has been discovered by Robert Hansen and Jeremiah Grossman, as they pulled their … Continue reading

Posted in Online Fraud | Leave a comment

A variation on an old IM-Worm is making the rounds in Thailand and Vietnam. It just may be interrupting your Virus Bulletin reading — the papers were good this year.The worm is another AutoIt script compiled as “ssvichosst.exe” designed to … Continue reading

Posted in Online Fraud | Leave a comment

While we’ve been calling it Rogueware for years around here, Microsoft and the state of Washington Attorney General’s office is filing a set of complaints against “scareware” makers. It’s interesting that lawsuits can be filed against “John Doe” actors in … Continue reading

Posted in Online Fraud | Leave a comment

Twenty year old UT student David Kernell, suspected of hacking Vice Presidential Candidate Sarah Palin’s Yahoo! account, was not indicted at a court hearing earlier today. There is speculation that the private email account is used for government purposes as … Continue reading

Posted in Online Fraud | Leave a comment

A high number of Fakealert droppers are showing up on the radar today and yesterday. A crack under the name “crack_ver1.454.0.exe” in a “zebradesigner pro.zip” package is being distributed from a fairly popular crack site. The standard phony codec distributions … Continue reading

Posted in Online Fraud | Leave a comment

No, it is not a link, it is a file that does not have photos that you are interested in, and will not direct you to jpegs you are interested in on the facebook site. Also making the rounds is … Continue reading

Posted in Online Fraud | Leave a comment

If you download and plan on running what you think is a codec named “multycodecupgr.7..exe” (as in “multycodecupgr.7.20680.exe”), you should be aware that users have been effected by this phony codec over the weekend and today in surprisingly high numbers. … Continue reading

Posted in Online Fraud | Leave a comment

At BlackHat 2006, the organizers handed out books titled “Perfect Passwords“, a fantastic writeup on selecting, using and evaluating passwords: “Author Mark Burnett has accumulated and analyzed over 1,000,000 user passwords and through his research has discovered what works, what … Continue reading

Posted in Online Fraud | 1 Comment

A recent wave of spam seems to have hit users in the U.S. and Germany with a theme playing on end users’ confusion regarding software security. This one has the subject line “I am wait your reply” and starts “I … Continue reading

Posted in Online Fraud | Leave a comment

A spammed email is making the rounds with the subject line “Your internet access is going to get suspended” from the “ICS Monitoring Team”. Some ThreatFire users started seeing it and were protected from the executable late last night.Have you … Continue reading

Posted in Online Fraud | Leave a comment

Not really. See previous post. This scheme has been ongoing this year. Unfortunately, if this one has run on your system, System Restore points have been deleted from the system and a new restore point created post infection. Cleanup will … Continue reading

Posted in Online Fraud | 4 Comments

A new anti-piracy software solution was recently presented in this article. Marketed as “an intelligence gathering tool”, the described software “rather than trying to prevent unauthorized use of software, collects data on how and where it is used, and then … Continue reading

Posted in Online Fraud | Leave a comment

If you see the above message popping up on your system, you most certainly do. The creators of Antivirus 2008 have updated their system of delivering fraudulent and inaccurate alerts to users around the world, following up their 2008 money … Continue reading

Posted in Online Fraud | 14 Comments

Hey, when they add even your blog to their lists of restricted sites on infected machines, you know that you’re doing something right. Our talented colleague Sergei Shevchenko noticed a recent ThreatExpert report in which a not-so-well-detected IRCBot variant is … Continue reading

Posted in Online Fraud | 3 Comments

The Race2Zero contest at Defcon added a new voice, the voice of an eager young student from New Zealand, to the conversation regarding the problems of Anti-Virus scanner evasion that has been going on for years. At the base of … Continue reading

Posted in Online Fraud | 1 Comment

The week of con is over. The best talk of the week must have been Mark Dowd and Alexander Sotirov’s “How To Impress Girls With Browser Memory Protection Bypasses”. While I’m still not convinced that the girls were impressed with … Continue reading

Posted in Online Fraud | Leave a comment

The malware community has came up with an idea of what they call “a reliable detection” if a threat is being analyzed by ThreatExpert. The code of such detection has been distributed in underground malware forums a few days ago. … Continue reading

Posted in Online Fraud | Leave a comment

According to the Russian media agency Interfax, the website of the Ministry of Internal Affairs of Georgia has been defaced it with a collage of the Georgian President Saakashvili and Adolf Hitler photos. The hacker attack coincides with the war … Continue reading

Posted in Online Fraud | Leave a comment

Black Hat Las Vegas 2008. If the latest Dns exploit research performed in part by Dan Kaminsky comes up in casual conversation for you, then these are your people. The ~4,500 nameless researchers and geeks at this conference rush into … Continue reading

Posted in Online Fraud | Leave a comment