Category Archives: The Law

Yesterday, amid the heavy Michael Jackson news coverage and tabloid autopsy speculations, another round of email was spammed out with the following text: Michael Jackson Was Killed… But Who Killed Michael Jackson? Visit X-Files to see the answer: (hxxp://xfiles link … Continue reading

Posted in The Law | 2 Comments

The New York Times reported on the developing challenges in confronting cybersecurity challenges with government bodies in an article about the differing approaches between Russia and the U.S.: “The United States and Russia are locked in a fundamental dispute over … Continue reading

Posted in The Law | Leave a comment

We have been investigating and analyzing a variety of malicious components delivered from some recent downloaders. Some of the filenames stand out as unusual. In particular, “podmena”,which translates from russian to english as “Substitution or replacement made in a covert … Continue reading

Posted in The Law | Leave a comment

You’re going to have to wait for it to come out. And if you don’t, you may be sorry you didn’t wait. The group pushing blackhat SEO tactics to abuse the most popular networks, including digg.com, blogspot.com and others, continues … Continue reading

Posted in The Law | Leave a comment

No, probably not. This fake alert most likely has to do with the streamviewer exe that you downloaded and ran. We’ve been monitoring a FakeAv/Koobface/spyware delivery scheme, and today the group dropped their standard FakeAv moneymaker and added a set … Continue reading

Posted in The Law | 1 Comment

Our post last week warned on a group moving their FakeAv-Koobface-Vundo-Spyware “softwarefortubeview” phony codec downloader to a new home last week, and this week, we are examining a similar scheme that downloads, surprise, surprise, Koobface, FakeAv prompting BHOs like iehelper.dll’s … Continue reading

Posted in The Law | 1 Comment

Following reports about pirated Trojan-Infested Windows 7 Builds, it is quite interesting to see what wrappers are used at the “crack stores” to lure as many people as possible. Some of these wrappers look pretty hilarious:

Posted in The Law | Leave a comment

It is Patch Tuesday and Microsoft posted another ten bulletins for their Windows platform and Office applications — be sure to update, six of the ten are rated “critical” or “pwn me”. Four of the patches address holes in client … Continue reading

Posted in The Law | Leave a comment

We posted a couple of weeks ago on the continued success of a group in distributing FakeAv/Rogueware/Scareware. Please note that their downloaders have been moved to a new home at 65.110.50.141. There are multiple domains currently resolving to that ip … Continue reading

Posted in The Law | Leave a comment

A new variant of an Autorun worm is on the loose, probably created by another childish and angry ex-lover. The little multithreaded beast injects into windows explorer, and attempts to communicate with one of several Irc servers at June.IRCdevils.net, June.helldark.biz, … Continue reading

Posted in The Law | Leave a comment

If you’re looking for the 60-page cybersecurity policy review that President Barack Obama discussed this morning, you can find it here. Considering that AlephOne’s article on “Smashing the Stack for Fun and Profit” was released in 1996, Iloveyou in 2000, … Continue reading

Posted in The Law | Leave a comment

An interesting exploitation of the popular micro-blogging service Twitter has been reported a few hours ago. A bogus website – TwitterCut.com – has been set up to collect users’ login details for Twitter. Once the website receives the login details … Continue reading

Posted in The Law | Leave a comment

Virut is a nasty file infector that has been actively updated and distributed for a few years. Yes, you read that correctly. Actively updated and distributed for a few years now. A system infected with this stuff often needs to … Continue reading

Posted in The Law | Leave a comment

While no product protects against absolutely everything, a couple of technical support people here had links sent from their friends to their Facebook account, telling them to check out “Brunga. at”. (Do not visit this site right now to fill … Continue reading

Posted in The Law | 3 Comments

A couple of anti-malware firms have grumbled about the number of successful web site compromises a group has been making in order to inject malicious web pages on these victimized sites and refer to the threat as “Gumblar“, reportedly using … Continue reading

Posted in The Law | Leave a comment

A rogueware distribution gang known for their use of Rbn services and phishing scams continue to maintain a couple of the busiest servers in our daily prevented malware lists. Starting on May 6th, the group moved their downloaders and malware … Continue reading

Posted in The Law | Leave a comment

What is a virus i-worm trojan anyways? Well, it’s not a legitimate detection with a valid CARO name, it’s gibberish to lead a user to “Click ‘Ok’ to Install System Security Antivirus”, either on XP: Or with a more sleek … Continue reading

Posted in The Law | Leave a comment

The Anti-Malware Testing Standards Organization finished up its meeting in Budapest, Hungary this week. PC Tools was in attendance at this meeting as well, seeing three new papers passed and contributing to others in progress. The AMTSO website has changed … Continue reading

Posted in The Law | Leave a comment

Peter Singer, a leading US defense analyst, who headed Barack Obama’s defense policy team during last year’s presidential campaign, believes that the world is on the brink of a “robotics revolution” in military combat that will have profound social, psychological, … Continue reading

Posted in The Law | Leave a comment

A handful of academic researchers recently completed another thorough and fascinating report about Torpig: “Taking over the Torpig Botnet“. Torpig is an especially evil little piece of Crimeware. Over the past couple of years, ThreatFire has been preventing fairly high … Continue reading

Posted in The Law | Leave a comment

As Koobface has proven, stealing biscuits can get malware distributors a long ways. Another technique and tool has just been posted to abuse stolen biscuits, much like the Koobface worm, and it supports changing a wall without the password. The … Continue reading

Posted in The Law | Leave a comment

Another Acrobat Reader 0day PoC has been posted, this time targeting a boundary condition error (longhand for buffer overflow here) in the vulnerable ‘getAnnots()’ javascript function. We haven’t seen any ITW malcode targeting Windows versions of Reader, but based on … Continue reading

Posted in The Law | Leave a comment

Links to LuckySploit exploit pages are being sent over gaming collaboration tools with the end goal of installing rogueware/scareware Spyware Protect 2009, still being hosted at antiwareprotect.com: Name: antiwareprotect.comAddress: 91.212.65.122 inetnum: 91.212.65.0 – 91.212.65.255netname: EUROHOST-NETdescr: Eurohost LLCdescr: Provider Local Registrycountry: … Continue reading

Posted in The Law | Leave a comment

Not surprisingly, spammers are taking advantage of the current swine flu news topic to link to the very same Waledac-style Canadian pharmacy sites that we have presented in previous posts. This news event campaigning is reminscent of the Storm-cum-Waledac groups’ … Continue reading

Posted in The Law | Leave a comment

At the RSA Conference in San Francisco, Bruce Schneier opined on the media sensation that Conficker became. According to Iain Thompson, Schneier said that “it was a classic example of how the mainstream news media misunderstood the threat from malware … Continue reading

Posted in The Law | Leave a comment

The Waledac gang continues to host more malicious sites, growing their botnet. It seems unusual, given the work that effort underway for spreading the bot through other means. Nonetheless, potential victims/visitors are presented with a new SMS spy offer: Bot … Continue reading

Posted in The Law | Leave a comment

What has been described as a day of epic struggle appears to be starting quietly, with Conficker day setting in for China and S. Korea, two of the nations maintaining reportedly high Conficker infection volumes (the worm has spread to … Continue reading

Posted in The Law | 2 Comments

Another spam run of Zbot messages are going out as this is written. As in previous posts, we find that the end game is to install password stealing components. Some of the subject lines look like“FaceBook message: Very Beautiful facebook … Continue reading

Posted in The Law | Leave a comment

Spoofing video codecs and third party video player plugin upgrades have proven to be an effective way to fool users into running malware on their systems. Malware does not need to spread effectively by exploiting vulnerable and unpatched code on … Continue reading

Posted in The Law | Leave a comment

In the scope of the current economic situation, it’s not uncommon to hear the news how another bank is downsizing its departments and outsourcing its software development. The big question is if this practice increases any risk of having the … Continue reading

Posted in The Law | Leave a comment