New VirusesSpammers Target Facebook and Twitter at OnceDue to their ever-growing popularity, social networks have been a continuous target of cybercriminals to proliferate their malicious schemes. TrendLabsSM received samples of another Facebook spam, this time also taking advantage of the popular micro-blogging site, Twitter. The mail, which poses as a Facebook notification message, uses adult-themed strings to lure users into opening the [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
How Many Spam Can a Spam Bot Spam?Mega-D is one of the most prolific spam botnets accounting for around 7 percent of the spam traffic worldwide. It once accounted for as much as 50 percent of the world’s spam volume but has quieted down since the high-profile takedown of the McColo hosting service, and the 2009 takedown of its command-and-control (C&C) servers. [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Months-Old Skype Vulnerability Exploited in the WildCybercriminals have once again used a not-so-new but still a seemingly promising medium for their malware campaigns. Earlier today, ZDNet reported a “new” exploit that targets Skype users. This exploit takes advantage of a vulnerability in a Skype component—EasyBits Extras Manager. While the vulnerability was found and fixed as early as October 2009, many users [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Microsoft Help Center Zero-Day Exploits LooseHeads-up for users still running Windows XP: The unpatched Help Center flaw revealed last week is now out in the wild and being used to launch malware attacks against target users. This new zero-day exploit takes advantage of the vulnerability that exists in the Microsoft Windows Help Center, a default Microsoft application that allows users [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Passwords Matter—The Hidden Risks “Minor” Info Stealers PoseLast week, we had two major mass compromises. The first one hit more than 100,000 websites, including major news sites like the Wall Street Journal and the Jerusalem Post. The second campaign was much smaller, hitting only around 1,000 pages, and also lacked similarly high-profile victims although the casino firm Ameristar was on the victim [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Spoofed Trend Micro Alert Leads to Canadian Pharma SiteWith the underground economy still thriving, cybercriminals will surely use any method such as Canadian pharma spam runs to facilitate their information theft operations. Canadian pharmacy sites are known to be used by scammers to sell a wide range of fake medicines usually for impotence and other serious medical conditions at much lower prices compared [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Bye, Bye Tequila BotnetLast week, we talked about the Tequila botnet that was targeting Mexican users. Since our last post, there has been one big development—the botnet appears to have been taken down by the owners themselves. On Thursday (June 3, 2010), the botnet’s controllers sent out new instructions to all of the active bots. One of the [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Increased Use of MultiPart Malicious JavaScripts in the WildMalicious JavaScript code used to be contained in single .JS or .HTML files, which made malicious JavaScript analysis and detection pretty straightforward. However, in the past few days, a couple of distinct Web compromises caught my attention because the codes involved used the multipart malicious JavaScript technique. In this technique, malicious JavaScript codes can be [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Bogus Twitter Spam Hits InboxesSpammers seem to be on something of a Twitter rampage of late. They have sent out a wide variety of spammed messages recently that all appear to be from Twitter: The first mail sample shows a phishing attack mounted against users. The second contains links to a malicious file that is already detected as TROJ_FAKETWT.A. [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Patch Now: 10 Updates for June Patch TuesdayAfter a relatively quiet May with only two security bulletins, Microsoft comes out with 10 security bulletins in June’s Patch Tuesday release. Three of these were rated “critical,” which means these vulnerabilities could be exploited without the user having to take any action beyond visiting a malicious site. These bulletins cover a total of 34 [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Zero-Day Flash/Acrobat Exploit Seen in the WildOn Friday, Adobe released a security advisory announcing a zero-day exploit found in specific Adobe Flash Player versions. Tagged as critical, the vulnerability (CVE-2010-1297) causes the application to crash. Potentially, the underlying vulnerability could also be used to run arbitrary code such as downloading/dropping malicious files onto an affected system. Currently, all released 10.0.x and [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Spam Sends Malicious Links to Skype UsersTrendLabsSM engineers recently discovered a new Skype spam campaign. The spam arrives as a message from a user’s list of contacts. It contains a list of links with the domain {BLOCKED}4.171.116, most of which are already inactive.
One of these links has been found to lead to the download of a malicious file detected by Trend [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Your Tweet Is My CommandA Twitter bot builder is currently being freely distributed on the Internet with the capability to attack users’ systems and to have some fun at the same time. It may, however, act as a threat when an attacker uses the tool to start a distributed denial-of-service attack (DDoS) on critical systems and to download malicious [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Dubious JavaScript Code Found in Facebook Application“Liking” a fan page or a group on just about every page you stumble on Facebook may backfire someday and you’ll wish you hadn’t “liked” it at all.
TrendLabsSM engineers found a dubious Facebook page that uses JavaScript code to spam everyone in a user’s Friends list.
The page called “10 lies girls ALWAYS tell guys! funny!” [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
The Frustrations of Attempting Malicious Notifications
I hate to single out individual countries, organizations, ISPs, or any other entity but I have to tell you—my head almost explodes when I run into barriers in trying to contact the responsible organization where I see criminal activity.
Now sure, I see criminal activity in a lot of places, granted. It is almost endemic in [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
CV Spam Comes with a Malicious AttachmentA new spam campaign has been discovered spoofing job-application-related emails. While most spammed messages have been known to take advantage of a specific occasion, a holiday, or even a currently newsworthy item, spammers have hit a new low with this scheme.
The sample in Figure 1 contains a short body text that says “Please review my [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Microsoft and Adobe Release Fixes in May Patch TuesdayMicrosoft released two critical security advisories as part of its May Patch Tuesday. In addition to the advanced notification it released last Thursday, Microsoft has addressed the vulnerabilities with this batch of patches.
MS10-030 deals with a privately reported vulnerability plaguing Outlook Express, Windows Mail, and Windows Live Mail, which can allow remote code execution if [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
New Vulnerabilities Found in Apple Safari and OperaVulnerabilities found in Internet Explorer (IE) have been well-documented in the past due to the browser’s popularity among users. However, the rise in the use of alternative browsers, particularly Apple Safari and Opera, has now led to the discovery of new vulnerabilities as well.
Trend Micro researcher Rajiv Motwani reports that there have been a lot [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Pirate Worm Sails the P2P BayTrendLabsSM engineers recently spotted a new worm leveraging peer-to-peer (P2P) applications similar to the threat that displays copyright violation warnings. The new worm detected by Trend Micro as WORM_PITUPI.K solves the typical problem that P2P worms face, that is, hard-coded file names used to trick users by pretending to be cracks, key generators, or actual [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Fake iTunes Promo Gives Away MalwarePromises of freebies and other enticing promos are just a few of the tricks cybercriminals use to lure users to their profiteering schemes. TrendLabsSM engineers recently discovered suspicious-looking emails pretending to come from the iTunes Store. The spoofed email tells users they won a gift certificate worth US$50 and encourages recipients to check out the certificate code in the [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
|
SyndicateNavigation |