2011 February « Webroot Threat Blog

Monthly Archives: February 2011

New Bank Phisher Brings Added Functionality, Problems

February 23, 2011 – 4:23 pm

By Andrew Brandt I didn’t want to let too much time pass before I wrote about a new Zbot-like bank phishing Trojan variant that came across my desk last week. The keylogger started arriving the first week of February as an attachment to a spam email designed to look like it came from United Parcel [...]

By mguthrie09 | Posted in Botnet activity, Downloaders, Keyloggers, phishing, Phishing Trojans, social engineering, spam, Stupid malware tricks, Threat Research | Tags: Bank of America, Capital One, Chase, cheburash.com, Cutwail, eveningquest.com, HKEY_CURRENT_USER\Software\Microsoft setiasworld, nightphantom.com, Rapport, romanspamer.com, The Adventures of Cheburashka and Crocodile Gena, Trojan-Backdoor-Downfall, Trojan-Backdoor-Poebot, Trojan-Pushu, Trusteer, TRxGM, United Parcel Service notification, USPS_Document.zip | Comments (2)

Fishing for Phishers is a Full-Time Job

February 23, 2011 – 12:30 pm

By Ian Moyse, EMEA Channel Director We seem to take phishing attacks for granted these days, in much the same way that we’ve accepted spam as a natural, and inevitable, by-product of email. Some experts believe that one of the best solutions to thwart phishing attacks is end-user training, but I doubt training alone can [...]

By imoyse | Posted in Gaming threats, Online shopping threats, Passwords, phishing, social engineering, spam | Tags: cloud security, email scams, phishing, spam | Comments (1)

Malicious PHP Scripts on the Rise

February 22, 2011 – 4:34 pm

By Andrew Brandt Last week, I gave a talk at the RSA Security Conference about malicious PHP scripts. For those who can’t attend the conference, I wanted to give you a glimpse into this world to which, until last year, I hadn’t paid much attention. My normal week begins with a quick scan of malware [...]

By mguthrie09 | Posted in Destructive behavior, Enterprises, phishing, social engineering, spam, Stupid malware tricks, Threat Research, Uncategorized, Website owners | Tags: Canadian Pharmacy, ELF, Mal-ELF, Mala Direta, Pbot, Perl, PHP, Python, Remote shell, TRxMS, TRxNC | Comments (3)

With Great Power Comes Great Responsibility

February 15, 2011 – 9:22 am

By Ian Moyse, EMEA Channel Director The cloud delivery model gives vendors a great amount of power. It is easier to create, deploy, maintain and enhance a service than it has been at any other point in computing history. Just look at Facebook, which grew to 500 million members in a very short period of [...]

By imoyse | Posted in Destructive behavior, Enterprises, Mobile security, phishing, Search engines | Tags: cloud security, Cloud services, security in the cloud | Comments (2)

A Cryptogram a Day Keeps the Malware Away

February 1, 2011 – 11:18 am

By Andrew Brandt As a child, one of my favorite daily pastimes was solving the cryptogram puzzle published in the LA Times (after my mom finished the crossword puzzle, of course). I used to plow through paperback word puzzle books obsessively, finishing them in days. Appropriately, a Trojan that popped onto my radar last week [...]

By mguthrie09 | Posted in Uncategorized | Tags: "\lmqrs'ABC34D8G+|{9V%XYZ=[M];120ab*(N)_}:?cdijtuvwz`-nop, ./~IOPQRSJL!@#$efgh56^&EFHxykTUK7, canima.exe, Nationaldddeew Instruments Domain Service, s{{8HSS, Trojan-Phisher-dddeew | Comments (2)

Follow

Follow “Webroot Threat Blog”

Powered by WordPress.com