Category Archives: Stupid malware tricks

Most malware in circulation are Trojans, and resort to some form of trickery in order to get themselves executed. Sometimes these tricks are, well, dumb, don’t work, or otherwise find themselves worthy of derision and mockery. These are their stories. (DUM DUM!)

Rogue of the Week: Windows Recovery

May 19, 2011 – 10:56 pm

By Andrew Brandt Word from the AMR group last week was that there weren’t many changes from the previous week; Many of the same rogue antivirus previously reported in this blog continue to plague the Internet. This week I decided to focus on a rogue that’s recently become a problem. It goes by the name [...]

By Lisa Bongiovanni | Also posted in Advanced Malware Removal, Internet Explorer, Rogue Security Products, social engineering, Threat Research | Comments (7)

Chinese Android Trojan Texts Premium Numbers

May 11, 2011 – 12:42 pm

By Andrew Brandt and Armando Orozco A Trojaned application that displays a cutesy image of a 2011 calendar on an Android device’s desktop comes with a nasty surprise: The app sends text messages to a premium service that charges the phone’s owner money. As first reported by the Taiwan-based AegisLab, a single developer, which went [...]

By Lisa Bongiovanni | Also posted in adware, Android, Dialers, Mobile security, Threat Research | Comments (1)

Antivirus Center: Rogue of the Week

May 10, 2011 – 2:59 pm

By Andrew Brandt and Brenden Vaughan Our Advanced Malware Removal group reported seeing several cases of a rogue called Antivirus Center this past week. The rogue isn’t new – we began seeing samples of it last year – but has re-emerged as a threat. This rogue is characterized by a close mimicry of some aspects [...]

By Lisa Bongiovanni | Also posted in Advanced Malware Removal, Rogue Security Products, social engineering, Threat Research | Comments (5)

Thre@t Reply: “Online Shopping” | Part 1 of 2

May 2, 2011 – 1:33 pm

In the latest Thre@t Reply video, Threat Research Analyst Grayson Milbourne answers a reader’s question about how to avoid being phished. The first step is to be able to identify whether you’re on the legitimate Web site you think you are, and if you’re not, what are the telltale signs that indicate you may be [...]

By Lisa Bongiovanni | Also posted in Online shopping threats, phishing, spam, Threat Research | Comments (3)

ROTW: “Total Security” and Antivirus IS

April 25, 2011 – 9:00 am

By Brenden Vaughan and Andrew Brandt This week, our support and advanced malware removal (AMR) team did not have a lot of new data to report about rogue security products. The most commonly encountered infection continues to be one of the rogues we reported about last week. While we may refer to it as XP [...]

By Lisa Bongiovanni | Also posted in Advanced Malware Removal, hijack search results, Internet Explorer, mal-effects, Rogue Security Products, social engineering, Threat Research | Comments (2)

Rogues of the Week: XP Total Security & MS Removal Tool

April 18, 2011 – 9:00 am

By Andrew Brandt It’s been said that sunlight sanitizes almost everything it shines on. Beginning this week, and every week from now on, we’ll focus a concentrated beam on the rogue antivirus programs our support staff and Threat Research team have been working to remediate. Rogues have a tendency to switch up their names, user [...]

By Lisa Bongiovanni | Also posted in Blackhat SEO, Destructive behavior, Rogue Security Products, social engineering, spam, Threat Research, Trojans | Comments (10)

Korean Rogues’ Slapfight Bonanza

April 11, 2011 – 8:40 pm

By Andrew Brandt The other day, Threat Reseacher Dan Para sent along the video clip below, which gave us all a good laugh. Dan had been researching a Korean-language Trojan downloader, but when he ran the file, he didn’t expect the downloader to retrieve not one…not two…but three separate rogue antivirus products. The most amusing [...]

By Lisa Bongiovanni | Also posted in adware, Downloaders, Rogue Security Products, Threat Research | Comments (4)

Facebook-Spamming Worm Wants Your Eyeballs

April 6, 2011 – 4:15 pm

(Update, July 11, 2011:  On May 25, 2011, we were contacted by representatives of Future Ads, LLC, the parent company of both Playsushi and Gamevance.  Future Ads informed us that they, too, had been victims of a scam perpetrated by rogue affiliates who seemed to be involved with the malicious campaigns we described in this [...]

By Lisa Bongiovanni | Also posted in Blackhat SEO, social engineering, social networks, spam, Threat Research | Comments (5)

Webroot Answers Your Security Questions

April 5, 2011 – 9:05 am

By Andrew Brandt I’m very pleased to present today the first in a series of videos we’ve produced. The videos have the lofty goal of addressing the most pressing questions relating to malware, cybercrime, and online fraud. We’ll take you behind the scenes at Webroot and introduce you to some of our Threat Research team [...]

By Lisa Bongiovanni | Also posted in Destructive behavior, Passwords, phishing, social engineering, spam, Threat Research | Comments (2)

Pinball Corp’s Appbundler Employs Malware-like Techniques

March 29, 2011 – 12:44 pm

By Andrew Brandt For a couple of weeks now, I’ve been noticing a curious (and increasingly prevalent) phenomenon: Some of the free Web hosts popular among those who engage in phishing are popping new types of multimedia ads over the tops of the pages they host. Not only does the victim, in this case, risk [...]

By Lisa Bongiovanni | Also posted in adware, Downloaders, Passwords, phishing, social engineering, social networks, Threat Research | Comments (2)
Follow

Get every new post delivered to your Inbox.

Join 609 other followers