SpyEye « Webroot Threat Blog

Outdated Operating System? This BlackHole Exploit Kit has you in its sights

October 31, 2011 – 11:50 am

By Mike Johnson Several weeks back, I was presented with a group of snapshots from an active BlackHole Exploit Kit 1.2 Control Panel. As with other toolkits I’ve seen in the wild, this one has all the makings of some real bad medicine. The authors have yet again gone to the trouble of making this toolkit incredibly easy [...]

By Lisa Bongiovanni | Posted in Firefox, Google Chrome, Internet Explorer, rootkit, Search engines, Trojans, Uncategorized | Tags: ActiveX, adobe, Blackhole toolkit, browser exploit, Careberp, exploit, java, Mebroot Rootkit, Sirefef.B/Zero-Access, SpyEye, zero-access, Zeus | Comments (4)

Awake at all hours during Cyber Security Awareness Month

October 25, 2011 – 10:19 am

By Jacques Erasmus I’ve been having trouble sleeping lately, and last night I pinpointed why. October has presented me with a perfect storm of Internet security developments: I embarked on my first few weeks as chief information security officer for Webroot amidst the most significant consumer product launch the company has ever had. These activities [...]

By mguthrie09 | Posted in Keyloggers, phishing, Phishing Trojans, social engineering, Trojans | Tags: Cyber Security Awareness Month, SpyEye | Comments (1)

A look inside the SpyEye Trojan admin console

October 24, 2011 – 1:38 pm

By Michael Johnson At Webroot we’ve been researching and chronicling developments with SpyEye since we first saw it in April 2010. This nasty Trojan is the successor to the Zeus Trojan, and it became essentially the main rootkit available for sale after the author of ZeuS left the underground market and sold ZeuS sources to [...]

By Lisa Bongiovanni | Posted in Deep Knowledge, Threat Research | Tags: admin console, bots, malware, Microsoft security bulletin, MS11-065, RDP Exploit, Spy eye, SpyEye, trojan, Zeus | Comments (1)

Fake UPS Document Installs Fake Microsoft Patch Payload

June 17, 2011 – 8:12 am

By Andrew Brandt As if we didn’t have enough to deal with this week — after a Microsoft patch Tuesday that brought with it a boatload of security updates for Windows, Office, Silverlight, Visual Studio, and other programs — some enterprising malware distributor is emailing around bogus tracking number malware dressed up in the icon [...]

By mguthrie09 | Posted in Backdoors, Botnet activity, Downloaders, hijack search results, Keyloggers, Rogue Security Products, social engineering, spam, Stupid malware tricks, Threat Research | Tags: 153 James Street, 153 James Street Suite 100 Long Beach CA 90000, 90000, And it will arrive within 3 buisness days., clickcareful.org, findsmell.org, findstation.org, Hiloti, Long Beach CA, miliardov.com, Paymentsadd.com, pusk3.exe, Rogue Security Products, searchbreeze.org, SpyEye, Suite 100, svchost.exe, The parcel was sent to your home adress., Trojan-Downloader-Tukpat, trol.exe, trol2.exe, UPS_Document.exe, UPS_document.zip, variantov.com, Windows Recovery, Windows XP Restore | Comments (1)

Follow

Follow “Webroot Threat Blog”

Powered by WordPress.com