Webroot Threat Blog » Stupid malware tricks

Webroot Threat Blog » Stupid malware tricks http://blog.webroot.com WEBROOT - INSIGHTS INTO THREATS AND TRENDS FROM OUR INTERNET SECURITY EXPERTS Sat, 11 Feb 2012 02:04:59 +0000 en hourly 1 http://wordpress.com/ http://0.gravatar.com/blavatar/2f6f528880dcd9039e50bf3a1b6b8a40?s=96&d=http%3A%2F%2Fs2.wp.com%2Fi%2Fbuttonw-com.png Webroot Threat Blog » Stupid malware tricks http://blog.webroot.com Cybercriminals generate malicious Java applets using DIY tools http://blog.webroot.com/2012/01/30/cybercriminals-generate-malicious-java-applets-using-diy-tools/ http://blog.webroot.com/2012/01/30/cybercriminals-generate-malicious-java-applets-using-diy-tools/#comments Mon, 30 Jan 2012 22:22:55 +0000 ddanchev http://blog.webroot.com/?p=5911 ]]> http://blog.webroot.com/2012/01/30/cybercriminals-generate-malicious-java-applets-using-diy-tools/feed/ 1 ddanchev Malicious_Jave_Applet_Generator_01 Malicious_Jave_Applet_Generator_02 Morto Worm Annoyances Outstrip Functionality http://blog.webroot.com/2011/08/31/morto-worm-annoyances-outstrip-functionality/ http://blog.webroot.com/2011/08/31/morto-worm-annoyances-outstrip-functionality/#comments Wed, 31 Aug 2011 20:22:48 +0000 mguthrie09 http://blog.webroot.com/?p=4882 ]]> http://blog.webroot.com/2011/08/31/morto-worm-annoyances-outstrip-functionality/feed/ 1 39.923932 -105.118490 39.923932 -105.118490 mguthrie09 Add to Facebook Add to Digg Add to Del.icio.us Add to Stumbleupon Add to Reddit Add to Blinklist Add to Twitter Add to Technorati Add to Yahoo Buzz Add to Newsvine Yes, it's Morto not Morbo, and yes, I went there -- thanks to dover19 at DeviantArt for the awesome Futurama fan art 20110831_morto_prop-comparison 20110831_morto_originalheader 20110831_morto_traffic 20110831_morto_qfsl-whois Morto uses two of the function names from the legit CLB.DLL but also calls itself SvchostLoader.dll internally, and adds ServiceHandler and ServiceMain 20110831_morto_mouse-reset Webroot blog stats Trojans Employ Misdirection Instead of Obfuscation http://blog.webroot.com/2011/08/25/trojans-employ-misdirection-instead-of-obfuscation/ http://blog.webroot.com/2011/08/25/trojans-employ-misdirection-instead-of-obfuscation/#comments Thu, 25 Aug 2011 22:49:05 +0000 mguthrie09 http://blog.webroot.com/?p=4864 ]]> http://blog.webroot.com/2011/08/25/trojans-employ-misdirection-instead-of-obfuscation/feed/ 0 39.923932 -105.118490 39.923932 -105.118490 mguthrie09 Add to Facebook Add to Digg Add to Del.icio.us Add to Stumbleupon Add to Reddit Add to Blinklist Add to Twitter Add to Technorati Add to Yahoo Buzz Add to Newsvine 20110825_misdirection_icons 20110825_misdirection_services_crop 20110825_misdirection_properties-comparison 20110825_misdirection_procexp-hilite 20110825_misdirection_petools-hilite 20110825_misdirection_ram Webroot blog stats Black Hat Redux: Botnet Takedown Mistakes to Avoid http://blog.webroot.com/2011/08/17/botnet-takedown-mistakes-to-avoid/ http://blog.webroot.com/2011/08/17/botnet-takedown-mistakes-to-avoid/#comments Wed, 17 Aug 2011 19:00:51 +0000 mguthrie09 http://blog.webroot.com/?p=4841 ]]> http://blog.webroot.com/2011/08/17/botnet-takedown-mistakes-to-avoid/feed/ 3 mguthrie09 Add to Facebook Add to Digg Add to Del.icio.us Add to Stumbleupon Add to Reddit Add to Blinklist Add to Twitter Add to Technorati Add to Yahoo Buzz Add to Newsvine 20110817_rustock_lanstein-and-wolf 20110817_rustock_getgrum 20110817_rustock_abuse-reports-useless-wolf 20110817_rustock_posttakedown 20110817_rustock_cnc-in-user-agent 20110817_rustock_fake-404 20110817_rustock_spamemail 20110817_rustock_dmitri-a-sergeev_photo Webroot blog stats New Tool Released: Kiss (or Kick) ZeroAccess Goodbye http://blog.webroot.com/2011/08/03/new-tool-released-kiss-or-kick-zeroaccess-goodbye/ http://blog.webroot.com/2011/08/03/new-tool-released-kiss-or-kick-zeroaccess-goodbye/#comments Wed, 03 Aug 2011 21:09:33 +0000 mguthrie09 http://blog.webroot.com/?p=4766 ]]> http://blog.webroot.com/2011/08/03/new-tool-released-kiss-or-kick-zeroaccess-goodbye/feed/ 21 40.030122 -105.258413 40.030122 -105.258413 mguthrie09 Add to Facebook Add to Digg Add to Del.icio.us Add to Stumbleupon Add to Reddit Add to Blinklist Add to Twitter Add to Technorati Add to Yahoo Buzz Add to Newsvine 20110803_antizeroaccess_crop This Week: Black Hat Coverage http://blog.webroot.com/2011/08/03/this-week-black-hat-coverage/ http://blog.webroot.com/2011/08/03/this-week-black-hat-coverage/#comments Wed, 03 Aug 2011 16:45:03 +0000 mguthrie09 http://blog.webroot.com/?p=4761 ]]> http://blog.webroot.com/2011/08/03/this-week-black-hat-coverage/feed/ 0 36.116685 -115.176830 36.116685 -115.176830 mguthrie09 Add to Facebook Add to Digg Add to Del.icio.us Add to Stumbleupon Add to Reddit Add to Blinklist Add to Twitter Add to Technorati Add to Yahoo Buzz Add to Newsvine webroot-at-blackhat-2011 Brazilian “Winehouse” Trojan Sends Hotmail, Bank Passwords to China http://blog.webroot.com/2011/07/29/brazilian-winehouse-trojan-sends-hotmail-bank-passwords-to-china/ http://blog.webroot.com/2011/07/29/brazilian-winehouse-trojan-sends-hotmail-bank-passwords-to-china/#comments Fri, 29 Jul 2011 18:18:15 +0000 mguthrie09 http://blog.webroot.com/?p=4737 ]]> http://blog.webroot.com/2011/07/29/brazilian-winehouse-trojan-sends-hotmail-bank-passwords-to-china/feed/ 3 36.080192 -85.361062 36.080192 -85.361062 mguthrie09 Add to Facebook Add to Digg Add to Del.icio.us Add to Stumbleupon Add to Reddit Add to Blinklist Add to Twitter Add to Technorati Add to Yahoo Buzz Add to Newsvine Amy Winehouse malware steals bank & Microsoft passwords and sends them to China 20110729_winehouse_hosts-strings 20110729_winehouse_guangdongmobile 20110729_winehouse_china-ernc-tsinghua 20110729_winehouse_chinatelecom 20110729_winehouse_hotmail-phishpage_crop 20110729_winehouse_icons 20110729_winehouse_opendirectory 20110729_winehouse_opendirectory_arquivos 20110729_winehouse_message Webroot blog stats Criminals Abuse Amazon Hosting with Rogues, Ransomware http://blog.webroot.com/2011/07/20/criminals-abuse-amazon-hosting-with-rogues-ransomware/ http://blog.webroot.com/2011/07/20/criminals-abuse-amazon-hosting-with-rogues-ransomware/#comments Wed, 20 Jul 2011 18:21:09 +0000 mguthrie09 http://blog.webroot.com/?p=4698 ]]> http://blog.webroot.com/2011/07/20/criminals-abuse-amazon-hosting-with-rogues-ransomware/feed/ 2 mguthrie09 Add to Facebook Add to Digg Add to Del.icio.us Add to Stumbleupon Add to Reddit Add to Blinklist Add to Twitter Add to Technorati Add to Yahoo Buzz Add to Newsvine 20110719_rogue_amazonnetworktraffic_crop 20110719_rogue_networktraffic_domains-crop 20110719_rogue_domain-courtesy-of-robtex.com_crop 20110719_rogue_icons 20110719_rogue_ransomware-dl 20110719_rogue_xp-security-2012 20110719_rogue_ransomscreen_crop Webroot blog stats ZeroAccess Gets Another Update http://blog.webroot.com/2011/07/19/zeroaccess-gets-another-update/ http://blog.webroot.com/2011/07/19/zeroaccess-gets-another-update/#comments Wed, 20 Jul 2011 05:13:34 +0000 mguthrie09 http://blog.webroot.com/?p=4719 ]]> http://blog.webroot.com/2011/07/19/zeroaccess-gets-another-update/feed/ 7 mguthrie09 20110719_zeroaccess_reparse_crop 20110719_zeroaccess_RC4 Free Anti-Popureb Tool Released http://blog.webroot.com/2011/07/08/free-anti-popureb-tool-released/ http://blog.webroot.com/2011/07/08/free-anti-popureb-tool-released/#comments Fri, 08 Jul 2011 23:00:55 +0000 mguthrie09 http://blog.webroot.com/?p=4679 ]]> http://blog.webroot.com/2011/07/08/free-anti-popureb-tool-released/feed/ 2 mguthrie09 Add to Facebook Add to Digg Add to Del.icio.us Add to Stumbleupon Add to Reddit Add to Blinklist Add to Twitter Add to Technorati Add to Yahoo Buzz Add to Newsvine 20110708_antipopureb_screen_crop