security tool « Webroot Threat Blog

Karagany Isn’t a Doctor, but Plays One on Your PC

November 22, 2010 – 4:29 pm

By Andrew Brandt A Trojan that pulls a sly performance of now-you-see-me-now-you-don’t disguises itself on an infected system as the Adobe Updater, a real program that’s installed alongside such mainstay applications as the Adobe Reader. This method of hiding in plain sight means the downloader, Trojan-Downloader-Karagany, may remain active on an infected system for an [...]

By mguthrie09 | Posted in Botnet activity, Downloaders, Rogue Security Products, Stupid malware tricks, Threat Research | Tags: AdobeUpdate .exe, AdobeUpdater.exe, antivirus 2010, err.log, InstallAntivirus2010.exe, Karagany, loadplugin:localftp2, localftp2.dll, myusermanager.in, security tool, Trojan-Downloader-Karagany, usermanager.in, webtopantivirus.com, \Application Data\Adobe\plugs | Comments (6)

Blackhat SEO of Google Images Links to Rogue AV

August 3, 2010 – 1:35 pm

By Andrew Brandt Yesterday, a few of the Threat Research folks and I had a little fun playing with a hack that had, for one day at least, pretty much decimated Google’s Image Search feature. One researcher, who stumbled into the attack purely by chance, found that a Google Images link to a map of [...]

By mguthrie09 | Posted in Blackhat SEO, Firefox, Google Chrome, Internet Explorer, Rogue Security Products, Safari, Search engines, social engineering, Stupid malware tricks, Threat Research, Trojans | Tags: "USA Map", Black SEO Empire, говнюк клуба, ff-update.exe, fffest.co.cc, Flash ActiveX Object Error, Googleum, Googleum is watching for you!, inst.exe, install new version of Adobe Flash Player 11 to take advantage of web 2.0, Killing Hazard(R) for Microsoft Windows XP immediately started to work, mookhost.com, On your computer detected the malicious code., Possible loss of important documents!, security tool, Should immediately make sure that your system is safe!, TRxGM, update-ff.co.cc, Wait a minute! This is important – we check your device, You must install new version of flash player, You need to install media components | Comments (11)

’30 Rock’ Phrase ‘Circulus et Pruna’ Draws Fakealerts

March 30, 2010 – 1:04 pm

Every search result on the first page (and most of the second page) of results for “circulus et pruna” leads to a Fakealert trap.

By mguthrie09 | Posted in Blackhat SEO, Rogue Security Products, social engineering, Stupid malware tricks, Threat Research | Tags: 30 Rock, Alec Baldwin, circulus, Circulus et Pruna, fakealert, hd_codec.exe, Love lines, packupdate_build, pruna, rogue antivirus, rogue security product, security tool, Silver Panther | Comments (2)

British Music Awards Draws Web Scams

February 15, 2010 – 12:01 am

By Andrew Brandt Music fans may already be aware that next Tuesday the British music industry will honor the top acts of the year at a ceremony known simply as The BRITs. What they may not know is that common Internet criminals have begun to target people searching for information about the artists and the [...]

By mguthrie09 | Posted in Rogue Security Products, social engineering, Stupid malware tricks, Threat Research | Tags: As seen on the Internet, As seen on TV, British Music Awards, BRITs 2010, fakealerts, rogue antivirus, security tool | Leave a Comment

Fakealerts Invade Google Image Search Results for ’24′ Star

January 27, 2010 – 5:10 pm

By Andrew Brandt Searchers beware: Those photos of celebrities or funny cat pictures that turn up in your Google image search results might not be photos at all, but fake antivirus alerts. Evidence appears to indicate that a similar scam to one we blogged about last November may be working its way up the Google [...]

By mguthrie09 | Posted in Blackhat SEO, Rogue Security Products, social engineering, Stupid malware tricks | Tags: 24, Annie Wersching, fake antivirus, fakealert, Rogue Security Products, security tool, Spyware.IEMonster, total security, what a tool | Comments (8)

Follow

Follow “Webroot Threat Blog”

Powered by WordPress.com