Antivirus Software Reviews, Ratings, Comparisons

TrendLabs researchers recently published their findings on ZeuS, a botnet that is again making the headlines in today’s threat landscape. ZeuS: A Persistent Criminal Enterprise ZeuS has been entrenched in the cybercriminal business for a long time now and has continuously evolved and improved. Given the vast number of toolkit versions readily available in the underground, the [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

What’s the Juice on ZeuS?

Another Proof-of-Concept (POC) Revealed The changing threat landscape has brought about more sophisticated Web threats, and left the online population clamoring for better security features in the systems and applications that they use. This has pushed Microsoft to develop security mechanisms within its applications like Windows’ Data Execution Protection (DEP) and Address Space Layout Randomization (ASLR). Both [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

New Exploit Bypasses DEP

As the security industry evolves, underground cybercriminals are constantly looking for ways to counter the technology challenges presented to them. I recently found out that the bad guys have begun offering services to track the blacklisting of domain names through reputation checks. The number of “businesses” offering this type of service is growing and the service itself has [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Web Reputation Checks Gone Awry

Text scams are increasingly becoming common again due to the forthcoming Philippine national and local elections, as political campaigns take to rampant text messaging for faster political mobilization. Earlier, I received a text message with the following content: May GOD bountifuly bles u & ur family. Have a blissful day Fr Frends of UNI-MAD Party List, [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Text Spam and Text Scams

Asking for help in Windows could lead to more trouble. A newly discovered vulnerability in Internet Explorer (IE) leverages the ability of a Visual Basic script to invoke a .HLP (Windows Help file format) file, which could give a remote attacker the ability to run arbitrary code on an affected system. Visual Basic uses the following syntax [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Calling Windows Help May Lead to Vulnerability

Just when you think old-school network bots are dead, a group of cybercriminals revives them from them grave in the name of Chuck Norris. Dubbed the “Chuck Norris botnet,” based on the Italian comment in its source code, in nome di Chuck Norris (translation: “in the name of Chuck Norris”), this botnet infects vulnerable DSL [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Botnet Rises in the Name of Chuck Norris

Trend Micro recently came across a .PDF file sample that exploits a vulnerability that was discovered as early as mid-2009. The specially crafted .PDF file detected as TROJ_PIDIEF.SML contains malicious JavaScript in its code that uses the getAnnots() method to corrupt an affected system’s memory. It is interesting to note that its final payload is [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

ZeuS and PDF Exploits: Two Baddies Team Up

Spammers are clearly becoming more and more creative as they try new ways to bypass our anti-spam filters. Just recently, we received a spammed message disguised as a spam quarantine notification message from a competitor. To the untrained eye, the email looks quite convincing. However, closer inspection of the message properties reveals that while the email [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Spam Quarantine Notification = Spam

A new wave of spammed messages posing as mail service notifications targeted antivirus companies, including Trend Micro. These messages ask the receivers to update their mailbox settings by opening and executing the attachment. The two samples above TrendLabs obtained were sent to domains that belonged to Trend Micro. The file attachment does not contain any mailbox [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Spammers Target Antivirus Companies

Where news leads, cybercriminals follow. Over the weekend, a massive earthquake hit Chile and killed hundreds of people. This, of course, was soon followed by a blackhat SEO attack that successfully placed multiple malicious links leading to FAKEAV malware on top of the search results for “chile earthquake 2010 wiki.” According to Senior Threat Analyst, Joseph [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Chile Earthquake Used for Blackhat SEO and FAKEAV

A new KOOBFACE variant is again making the rounds in the social-networking scene. According to Trend Micro researcher, Norman Ingal, the malware employs Facebook’s Private Message feature to proliferate. The threat arrives as a Facebook private message that does not bear a subject but contains a supposed link to a YouTube video. Taking a closer look [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

KOOBFACE Makes a Comeback

Phishing and its effects, namely, identity fraud, continue to grow. Unfortunately, it is now easier than ever to carry out these kinds of attacks. Cybercriminals are now using a new tool known as “Super Phisher” (detected by Trend Micro as HKTL_SUPERPHISER) has been released, which creates a phishing page from a legitimate website. The tool creates all [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Phishing Made “Super”

Google recently announced its latest service Google Buzz, which is considered as the company’s first step in entering the social-networking scene. Naturally, hordes of Internet users became interested in the new application. But such buzz also gained unwanted attention from cybercriminals who already used the service to spread a malware detected by Trend Micro as [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

The Buzz on Google Buzz Malware

News of a performer killer whale allegedly killing its trainer made the headlines this week. Dawn Branchaeu, an animal trainer in SeaWorld Florida, was attacked by one of the trained killer whales last Wednesday. This sad event, unfortunately, paved the way for cybercriminals to distribute another FAKEAV variant. With the usual blackhat search engine optimization (SEO) techniques, [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

FAKEAV Rides on the Back of a Killer Whale

Within days of Adobe’s release of out-of-band security updates for both Acrobat and Reader, word now comes from security researcher Aviv Raff, of another new vulnerability in an Adobe product. The flaw was found in Adobe Download Manager (DLM), an application Adobe uses to deliver common applications (e.g., Flash and Reader) to users’ systems. Normally, it [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

New Adobe Download Manager Bug

A few days ago, I got access to the source code of the well-known Elite Loader for free. Yes. It was published on one of the Russian underground forums. It even had a detailed description and screenshots showing how to use the application’s command and control (C&C) server. Apart from dropping malicious files on infected machines, [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Elite Loader Goes Public

When BREDOLAB entered the threat landscape several months ago, it was initially thought of as a common downloader (that downloads executable files) designed for malware infection only. However, Trend Micro researchers noticed a sudden increase in its activities in August 2009. This pushed our researchers to delve more into the inner workings and behaviors of BREDOLAB. Our analysis then [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

BREDOLAB Revealed!

Trend Micro threat analysts found spammed messages that pretended to be a letter coming from the “boss.” The messages bore the subject “get back to my office for more details” and instructed users to extract and read the letter contained in the attached .ZIP file. The attachment, of course, does not contain a letter but an .EXE file [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Malware Conceals Itself as Boss’s Letter

With Christmas just right around the corner, spammers are already flooding users’ inboxes with unwanted email. No surprises there. Spammers are known to exploit the holidays to further their malicious causes. Just recently, Trend Micro threat analysts found another spammed message that claimed to be a “replication specialist” and enticed users to buy replica products like watches, handbags, [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Christmas Spam Spotted

The month of October in the threat landscape is often associated with scary social engineering tactics in time for Halloween. As in years past, the threats that lurk in and plague the current threat landscape are real. Most of them can cause irreparable damage, often resulting in information, or worse, identity theft as shown in [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Trick or Threat?