Category Archives: adware

Software designed either to (1) display ads to the computer user, or (2) load ad pages in the background, using the victim’s resources to do so. (see also: clickfraud)

ZeroAccess Rootkit Guards Itself with a Tripwire

July 8, 2011 – 12:40 pm

By Marco Giuliani The latest generation of a rapidly evolving family of kernel-mode rootkits called, variously, ZeroAccess or Max++, seems to get more powerful and effective with each new variant. The rootkit infects a random system driver, overwriting its code with its own, infected driver, and hijacks the storage driver chain in order to hide [...]

By Marco Giuliani | Also posted in Ad-clickers, Botnet activity, Destructive behavior, Downloaders, Stupid malware tricks, Threat Research, Trojans | Comments (4)

Chinese Android Trojan Texts Premium Numbers

May 11, 2011 – 12:42 pm

By Andrew Brandt and Armando Orozco A Trojaned application that displays a cutesy image of a 2011 calendar on an Android device’s desktop comes with a nasty surprise: The app sends text messages to a premium service that charges the phone’s owner money. As first reported by the Taiwan-based AegisLab, a single developer, which went [...]

By mguthrie09 | Also posted in Android, Dialers, Mobile security, Stupid malware tricks, Threat Research | Comments (1)

Korean Rogues’ Slapfight Bonanza

April 11, 2011 – 8:40 pm

By Andrew Brandt The other day, Threat Reseacher Dan Para sent along the video clip below, which gave us all a good laugh. Dan had been researching a Korean-language Trojan downloader, but when he ran the file, he didn’t expect the downloader to retrieve not one…not two…but three separate rogue antivirus products. The most amusing [...]

By mguthrie09 | Also posted in Downloaders, Rogue Security Products, Stupid malware tricks, Threat Research | Comments (4)

Pinball Corp’s Appbundler Employs Malware-like Techniques

March 29, 2011 – 12:44 pm

By Andrew Brandt For a couple of weeks now, I’ve been noticing a curious (and increasingly prevalent) phenomenon: Some of the free Web hosts popular among those who engage in phishing are popping new types of multimedia ads over the tops of the pages they host. Not only does the victim, in this case, risk [...]

By mguthrie09 | Also posted in Downloaders, Passwords, phishing, social engineering, social networks, Stupid malware tricks, Threat Research | Leave a Comment

Spammed YouTube Comments Promote Adware – Successfully

March 8, 2011 – 3:43 pm

(Update, July 11, 2011:  On May 25, 2011, we were contacted by representatives of Future Ads, LLC, the parent company of both Playsushi and Gamevance.  Future Ads informed us that they, too, had been victims of a scam perpetrated by rogue affiliates who seemed to be involved with the malicious campaigns we described in this [...]

By mguthrie09 | Also posted in Blackhat SEO, hijack search results, Search engines, social engineering, social networks, spam, Stupid malware tricks, Threat Research | Comments (4)

Shorty Worm Spams Links, Hijacks Browsers

March 4, 2011 – 9:51 am

By Andrew Brandt & Grayson Milbourne A novel worm we’re calling Worm-IM-Shorty appears to be winding its way through Facebook and some instant messaging services, with its come-on disguised as a link to a photograph hosted elsewhere. But when recipients click the link, they receive an executable Trojan instead, dressed up with the name and [...]

By mguthrie09 | Also posted in Backdoors, Botnet activity, Downloaders, Firefox, hijack search results, Internet Explorer, Search engines, social engineering, spam, Stupid malware tricks, Threat Research | Comments (1)

Chinese Trojan Turns Infected PCs Into Web Servers

December 4, 2010 – 8:39 am

By Andrew Brandt A complex and elaborately conceived family of malware that originates in China installs the Apache Web server, as well as half a dozen keylogger and downloader payloads, disguised as components of legitimate apps. We and a few other antivirus vendors are calling this type of malware Taobatuo. It just so happens that [...]

By mguthrie09 | Also posted in Ad-clickers, Backdoors, Downloaders, hijack search results, Keyloggers, phishing, social engineering, Stupid malware tricks, Threat Research | Leave a Comment

Five Reasons You Should Always “Stop. Think. Connect.”

October 4, 2010 – 9:27 am

By Andrew Brandt Today’s the official kickoff for National Cyber Security Awareness Month, and the organizations supporting the event, including the National Cyber Security Alliance, the Anti-Phishing Working Group, and dozens of corporate citizens including Webroot, want you to protect your computer and your personal information. So they’ve come up with a three word campaign [...]

By mguthrie09 | Also posted in Blackhat SEO, Botnet activity, Destructive behavior, Firefox, Gaming threats, Internet Explorer, Keyloggers, malware, Online shopping threats, Passwords, phishing, Rogue Security Products, Search engines, social engineering, social networks, spam, Stupid malware tricks, Trojans, Website owners | Comments (19)

Newsflash: HTML Spammers are Not So Bright

September 27, 2010 – 10:12 am

By Andrew Brandt It’s been more than a week that we at Webroot, and countless others, have been getting floods of bogus messages with HTML attachments. I thought I’d give the curious readers of this blog a quick glance at one of the drive-by sites that load in the browser if you try to open [...]

By mguthrie09 | Also posted in Downloaders, Rogue Security Products, social engineering, spam, Stupid malware tricks, Threat Research | Comments (4)
Follow

Get every new post delivered to your Inbox.

Join 526 other followers