ESET Threat Blog

  • Most Recent
  • |
  • Most Popular
  • |
  • Most Discussed
spacer
From Georgia With Love: Win32/Georbot information stealing trojan and botnet
by Righard Zwienenberg Senior Research Fellow
March 21, 2012 at 6:00 am

Malicious software that gets updates from a domain belonging to the Eurasian state of Georgia? This unusual behavior caught the attention of an analyst in ESET's virus laboratory earlier this year, leading to further analysis which revealed an information stealing trojan being used to target Georgian nationals in particular. After further investigation, ESET researchers were … Read More…

Comments
0

?>
spacer
Win32/Carberp Gang on the Carpet
by David Harley Senior Research Fellow
March 20, 2012 at 12:54 pm

[Update: police have issued a video of the man they say ran the whole group.]
We've spent quite a lot of time on this blog in the last year or more discussing Win32/Carberp, which has also found its way into the occasional paper and presentation.
So it gave us particular pleasure to see that our friends at … Read More…

Comments
0

?>
spacer
Drive-by FTP: a new view of CVE-2011-3544
by David Harley Senior Research Fellow
March 19, 2012 at 9:57 am

[Some interesting research reported by Aleksandr Matrosov]
[Update: minor edits to graphics]
[Update 2: two additional FTP server graphics added at the end.]
Not long ago we received interesting information from an independent security researcher from Russia, Vladimir Kropotov. (We will be presenting our joint research with him at CARO 2012.) We started to research this information and … Read More…

Comments
0

?>
spacer
OSX/Imuler updated: still a threat on Mac OS X
by Alexis Dorais-Joncas Security Intelligence Team Lead
March 16, 2012 at 10:02 am

The Mac OS X information stealing malware OSX/Imuler, initially discovered last fall, has resurfaced. This time, instead of being installed by the OSX/Revir.A dropper, this new variant of OSX/Imuler hides itself inside a ZIP archive, right in the middle of an array of erotic pictures, waiting for the user to open the malicious application.

This new … Read More…

Comments
0

?>
spacer
Fake Support, And Now Fake Product Support
by David Harley Senior Research Fellow
March 15, 2012 at 8:02 am

[Update: there is now a well-considered response from Avast! on its blog here.]
There's a blog article I've been wanting to write for a few days, but haven't so far been able to make time for. However, Martijn Grooten drew my attention to a blog on much the same topic from our friends at Avast! and … Read More…

Comments
2

?>
spacer
Support Scammers (mis)using INF and PREFETCH
by David Harley Senior Research Fellow
March 15, 2012 at 1:26 am

Here's a quick summary of the PREFETCH and INF ploys I mentioned in a separate blog here. These are alternatives (or supplements) used by support scammers from India to the Event Viewer and ASSOC/CLSID ploys also used to "prove" to a victim that their system is infected with malware or has other security/integrity problems.
The "Prefetch" command shows the … Read More…

Comments
0

?>
spacer
Google’s data mining bonanza and your privacy: an infographic
by Stephen Cobb Security Evangelist for ESET.
March 20, 2012 at 12:31 pm

Do you use Google? These days the question sounds almost absurd. If you use the Internet, or an iPhone, or an Android phone, or a Kindle or an iPad, then of course you use Google in some shape or form. And if you take a keen interest in how your personal information is used, you … Read More…

Comments
1

?>
spacer
Modern viral propagation: Facebook, shocking videos, browser plugins
by Robert Lipovsky Malware Researcher
March 14, 2012 at 10:55 am

Fraudsters continue to innovate their scam propagation methods. Again using Facebook and a pretense of a shocking video, they also utilize browser plugins to execute malicious scripts. We also see how the malware scene is intertwined, when the user is directed to a dubious Potentially Unwanted Application.
Facebook auto-like scams have been commonplace on the world’s … Read More…

Comments
0

?>
spacer
The security of unlocking an Android based device, the future is near?
by Righard Zwienenberg Senior Research Fellow
March 14, 2012 at 4:58 pm

In a recent survey of people in America who use their smartphone for work, less than a third said they employ the password protection on their smartphones. Although everyone will agree that not protecting your smartphone isn’t smart, it is all about memorizing. 
Everyone that has an Android-based device knows they do not have to remember … Read More…

Comments
2

?>
spacer
Kelihos: not Alien Resurrection, more Attack of the Clones
by David
Related searches:
research senior fellow security update
gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.