Category Archives: Botnet activity

Criminals Abuse Amazon Hosting with Rogues, Ransomware

July 20, 2011 – 11:21 am

By Andrew Brandt The criminals who push rogues at the world don’t really care about the reputations of the ISPs or Web hosting services they abuse. They leap from free service to free service until they’ve thoroughly worn out their welcome and, in some cases, destroyed the reputation of the service they abused. But they [...]

By Lisa Bongiovanni | Also posted in Advanced Malware Removal, Ransomware, Rogue Security Products, social engineering, Stupid malware tricks, Threat Research | Comments (3)

ZeroAccess Rootkit Guards Itself with a Tripwire

July 8, 2011 – 12:40 pm

By Marco Giuliani The latest generation of a rapidly evolving family of kernel-mode rootkits called, variously, ZeroAccess or Max++, seems to get more powerful and effective with each new variant. The rootkit infects a random system driver, overwriting its code with its own, infected driver, and hijacks the storage driver chain in order to hide [...]

By Marco Giuliani | Also posted in Ad-clickers, Destructive behavior, Downloaders, Stupid malware tricks, Threat Research, Trojans | Comments (5)

With IM Buddies Like These, Who Needs Frienemies?

July 6, 2011 – 11:15 am

By Andrew Brandt The other morning, I walked into the office to find a slew of instant messaging buddy requests from total strangers. This isn’t unexpected: I frequently get buddy requests on IM accounts I maintain for research purposes that contain malicious URLs and other useful research data. But this was one request I wasn’t [...]

By Lisa Bongiovanni | Also posted in Destructive behavior, spam, Stupid malware tricks, Threat Research | Comments (1)

Phishers Cast Their Nets in the Social Media Pool

June 21, 2011 – 8:23 am

By Ian Moyse, EMEA Channel Director It can seem at times that the only people who like change are Internet attackers. And they don’t just like it—they need it. Technology’s rapid changes give cybercriminals new attack vectors to exploit, and new ways to turn a profit out of someone else’s misfortune. Take phishing, for example. [...]

By Lisa Bongiovanni | Also posted in hijack search results, Keyloggers, phishing, Search engines, social engineering, social networks, spam, Stupid malware tricks, Trojans, Website owners | Comments (2)

Fake UPS Document Installs Fake Microsoft Patch Payload

June 17, 2011 – 8:12 am

By Andrew Brandt As if we didn’t have enough to deal with this week — after a Microsoft patch Tuesday that brought with it a boatload of security updates for Windows, Office, Silverlight, Visual Studio, and other programs — some enterprising malware distributor is emailing around bogus tracking number malware dressed up in the icon [...]

By Lisa Bongiovanni | Also posted in Backdoors, Downloaders, hijack search results, Keyloggers, Rogue Security Products, social engineering, spam, Stupid malware tricks, Threat Research | Comments (1)

Android ‘Angry Birds’ Malware Contains Bot-like Code

June 10, 2011 – 9:05 am

By Andrew Brandt Most of yesterday, Threat Research Analyst Armando Orozco and I took a closer look at a piece of malware discovered by a university security researcher, Xuxian Jiang of North Carolina State. The malicious code, which the malware creator named Plankton, is embedded into a number of apps that were briefly posted to [...]

By Lisa Bongiovanni | Also posted in Android, Backdoors, Downloaders, Mobile security, social engineering, Stupid malware tricks, Threat Research, Trojans | Comments (16)

Thre@t Reply: What’s a Firewall?

May 24, 2011 – 2:43 pm

This week’s Thre@t Reply video features Threat Research Analyst Armando Orozco answering one of the most frequently asked questions we receive: What is a firewall, and how does it work? Well, the actual question wasn’t put quite so politely, but that’s the gist of it. Armando is the primary researcher working on the Mobile Security [...]

By Lisa Bongiovanni | Also posted in Destructive behavior, Stupid malware tricks, Threat Research | Comments (5)

Shipping Confirmations Back on the Radar

March 21, 2011 – 2:11 am

By Andrew Brandt After a prolonged absence, waves of Trojans distributed as Zipped email attachments have been showing up in our spam traps for a few weeks. The spam messages employ the same hackneyed shipping confirmation pretext as many previous iterations of this scam. This technique’s emergence as a common malware distribution method correlates with [...]

By Lisa Bongiovanni | Also posted in Backdoors, Downloaders, Keyloggers, Rogue Security Products, social engineering, spam, Stupid malware tricks, Threat Research | Comments (3)

Shorty Worm Spams Links, Hijacks Browsers

March 4, 2011 – 9:51 am

By Andrew Brandt & Grayson Milbourne A novel worm we’re calling Worm-IM-Shorty appears to be winding its way through Facebook and some instant messaging services, with its come-on disguised as a link to a photograph hosted elsewhere. But when recipients click the link, they receive an executable Trojan instead, dressed up with the name and [...]

By Lisa Bongiovanni | Also posted in adware, Backdoors, Downloaders, Firefox, hijack search results, Internet Explorer, Search engines, social engineering, spam, Stupid malware tricks, Threat Research | Comments (1)
Follow

Get every new post delivered to your Inbox.

Join 609 other followers