This blackhole exploit kit gives you Windows Media Player and a whole lot more

November 11, 2011 – 10:11 am

By Mike Johnson As a follow-up to the Blackhole Exploit posting, I thought I would share one aspect of my job that I truely enjoy: Discovery. While investigating some active urls being served up via a blackhole kit, I noticed something quite odd, as I would end up on sites that had malicious code injected into their webpages. Once [...]

By Lisa Bongiovanni | Posted in Destructive behavior, Exploits, Internet Explorer, malware, Threat Research, Uncategorized | Tags: , , , , , , , , , , , , | Comments (4)

Brazilian “Winehouse” Trojan Sends Hotmail, Bank Passwords to China

July 29, 2011 – 11:18 am

By Andrew Brandt Late Monday, after news about the death of troubled pop singer Amy Winehouse had been circling the globe for a little more than 48 hours, we saw the first malware appear that used the singer’s name as a social engineering trick to entice victims to run the malicious file. Abusing celebrity names, [...]

By mguthrie09 | Posted in Botnet activity, phishing, Phishing Trojans, social engineering, spam, Stupid malware tricks, Threat Research | Tags: , , , , , , , , , , , , , , , , , , , , | Comments (3)

Removing Popureb Doesn’t Require a Windows Reinstall

June 30, 2011 – 7:26 am

By Marco Giuliani Last Wednesday, Microsoft published a blog post detailing a significant update to a piece of malware named Popureb. The malware adds code to the Master Boot Record, or MBR, a region of the hard disk that’s read by the PC during bootup, long before the operating system has had a chance to [...]

By Marco Giuliani | Posted in Advanced Malware Removal, Backdoors, Destructive behavior, malware, Ransomware, Stupid malware tricks, Threat Research, Trojans | Tags: , , , , , , , , , , , , , , , , , | Comments (9)

Defencelab Rogue Steals Microsoft’s Name (Again)

May 6, 2010 – 1:15 pm

By Andrew Brandt When you see an online order form that bears Microsoft’s logo and the words “pay to: Microsoft Inc.,” are you any more likely to enter a credit card number into the form and click submit? That’s the psychological experiment currently being undertaken by a company that calls itself DefenceLab, which subjects unsuspecting [...]

By mguthrie09 | Posted in Rogue Security Products, social engineering, Stupid malware tricks, Threat Research | Tags: , , , , , , | Leave a Comment

Zero-Day Malware Drops Payloads Signed with a Forged Microsoft Certificate

December 15, 2009 – 6:00 pm

By Andrew Brandt Security Websites are buzzing with news that a new zero-day exploit against Adobe Reader and Acrobat is circulating today, causing computers to become infected with malware simply by visiting certain Web pages. While the exploit itself is worthy of note, nobody is talking about the payload it downloads: It installs a trio [...]

By mguthrie09 | Posted in Stupid malware tricks, Threat Research | Tags: , , , , , , , , , , , , | Comments (3)

Spammers Use Bing to Bypass Filters, Spam Bad Links

October 19, 2009 – 4:12 pm

By Andrew Brandt Word came down from our Threat Research team this morning about a new spam campaign that uses upstart Bing search engine’s own redirection mechanism to bypass spam filters and send undesirable links over email. On top of that, the spammers are also abusing MySpace’s lnk.ms link shrinking system to further obfuscate the destination [...]

By mguthrie09 | Posted in social engineering, Stupid malware tricks, Threat Research | Tags: , , , | Comments (12)
Follow

Get every new post delivered to your Inbox.

Join 545 other followers