2010 March « Webroot Threat Blog

Monthly Archives: March 2010

’30 Rock’ Phrase ‘Circulus et Pruna’ Draws Fakealerts

March 30, 2010 – 1:04 pm

Every search result on the first page (and most of the second page) of results for “circulus et pruna” leads to a Fakealert trap.

By mguthrie09 | Posted in Blackhat SEO, Rogue Security Products, social engineering, Stupid malware tricks, Threat Research | Tags: 30 Rock, Alec Baldwin, circulus, Circulus et Pruna, fakealert, hd_codec.exe, Love lines, packupdate_build, pruna, rogue antivirus, rogue security product, security tool, Silver Panther | Comments (2)

Social Nets Put Your Privacy at Risk

March 30, 2010 – 12:01 am

By Mike Kronenberg Attention Facebook and Twitter users: You’re still at risk. Last year, our survey found that lots of people using social networking sites were taking the risk of financial loss, identity theft, and malware infection. Have things gotten any better? Well, the answer is yes but, unfortunately, not better enough — and potentially [...]

By Mike | Posted in phishing, social engineering, social networks | Tags: facebook, Personal Security, privacy, privacy settings, security, social media, social networks, survey, survey results, twitter | Comments (1)

Pushu Variant Spams Hotmail, Cracks Audio Captchas

March 22, 2010 – 5:01 am

By Andrew Brandt A new version of Trojan-Pushu is doing some interesting stuff to bypass captchas used by Microsoft’s Hotmail/Live.com/MSN webmail services in order to spam people with links to malicious Yahoo Groups pages. The three-year-old spy (known by a variety of other aliases, including Cutwail, Pushdo, Diehard, and Rabbit) has always been, primarily, a [...]

By mguthrie09 | Posted in spam, Stupid malware tricks, Threat Research | Tags: audio captcha, Become more emancipated man, captcha, Cutwail, Diehard, God wants you to look this hot photos right now!, Hacked Blackbook, Hotmail, Keep posting such photos on facebook, Live.com, Look at these delineations!, MSN, Pushdo, Pushu, Rabbit, spam, spambot, Trojan-Pushu, You are looking so manhood on your delineations. | Comments (8)

Weird New Koobface URLs Use Old Tricks

March 19, 2010 – 2:20 pm

By Andrew Brandt Pretty much since it arrived on the malware scene, Koobface has used the technique of sending messages with Web links — in your name, to your friends — as a method of propagating the infection to others. Using your name is a powerful social engineering trick, and the makers of the worm [...]

By mguthrie09 | Posted in social engineering, social networks, Stupid malware tricks, Threat Research | Tags: dotless IP, dotless IP address, hex IP address, hexadecimal IP, http://0100.0116.0266.0322, http://0x404eb6d2, http://1078900434, Koobface, obfuscated URLs, octal IP | Comments (6)

Fakealert Accurately Mimics Windows Update

March 10, 2010 – 4:29 pm

By Andrew Brandt A new Windows Update-themed stupid malware trick that’s making the rounds appears to be trying to capitalize on the recent frequency of “out of band” Windows patches Microsoft has been releasing lately. The spy, which serves as nothing more than a vehicle for the fraudulent sale of a fake product called Antimalware [...]

By mguthrie09 | Posted in Rogue Security Products, social engineering, Stupid malware tricks | Tags: Antimalware Defender, KB961118, start worker, wrk1.tmp | Comments (4)

Follow

Follow “Webroot Threat Blog”

Powered by WordPress.com