New VirusesAnother Wave of Mass Compromises Serve Info-StealersAside from Gumblar, another incident of mass compromised web sites have been seen in the wild lately, and has raised as much concern as the former. This one starts with the same technique: a malicious IFRAME unknowingly embedded in a legitimate website, injected via JavaScript. The said IFRAME redirects to another IFRAME, which in turn [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Autorun Worm Invades ZIPStealth technique used by malware is considered a core characteristic which has been developed, improved, redesigned, and reused. Michael Tants, Threat Researcher at Regional TrendLabs in Europe, has notified us of a worm that has a unique way of hiding: on infection, WORM_AUTORUN.JFZ writes a copy of itself in every ZIP-compressed file it finds on [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Air France Flight 447 Search Results Lead to Rogue AntivirusIssues surrounding the crash of Air France Flight 447 have not been fully resolved up to now but, it didn’t need be for cybercriminals; they’re already taking advantage of this tragedy too.
Through SEO poisoning, searches for reports related to the plane crash yield links that when opened trigger multiple redirections to various sites, which ultimately [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Air France Flight 447 Search Results Lead to Rogue Antivirus Categories: New Viruses
Social Engineering Watch: Summer
Invariably, summer (at least for people in most parts of the world) is when people troop to online shops, book flights to go on much-awaited vacations, and schedule recreational activities or hobby-type classes. Trend Micro identifies some of the biggest threats that take advantage of summer, an “important season for the social agenda of individuals.”
Shopping [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Phishing Attack Targets Microsoft Outlook UsersSeems like since micro-blogging, social networking, and banking sites are the ones commonly targeted by phishers nowadays, one attack pulled itself away from the trend and went for a more direct approach: email accounts.
We’ve recently found a phishing email that informs users to re-configure their Microsoft Outlook through an online procedure. Users are instructed to [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Government Sites Tainted with Sexy Star Video LuresEarly last week we alerted a government agency about one of the pages in their site that appears to have been injected with malicious frames. The San Bernardino County site’s probation page was, during that time, carrying a frame that directs users to a known disease vector under the domain videosdivx(dot)net. The target URL bear [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Suspended Site Serves as Malware RepositoryWe have recently found a website that purportedly offers cracks for numerous applications, but in reality serves malicious files to its unknowing users.
The website, hxxp://{BLOCKED}ck.com, is allegedly owned by an organization called China.United Telecom. Corp. The said website supposedly offers a wide collection of cracks for different applications. However, attempting to download any of these [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Phishing For Twitter PopularityAs many as 13,000 Twitter users have been affected by a new “worm-like” phishing attack that feeds on some members’ desire to gain more followers. The said scam dupes users into forking over their account names and passwords using a Web site called “Twittercut.”
Twitter users may see the following tweet in their stream:
When they click [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
‘Secret Admirer’ Confesses Through Web TV SpamWe might not be experts on how to express special feelings for someone, but we know sending them messages that lead to TV channel advertisements ain’t one of the ways to do them.
The message indicates that the recipient has a secret admirer and he/she has provided a profile for the recipient to view.
Below is a [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Fake Anti-Spam Filter Leads to KeyloggerSpam mails are very annoying, so we turn to spam filters to avoid ending up with an inbox flooded with them. Unfortunately one “anti-spam filter” we’ve encountered isn’t driving junk out, but letting them in.
We have received an email message claiming that it is from Webmail Support. It is posing as a security announcement and [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
From IM to Twitter: Weight-Loss Spam Gains Ground A spam attack that has affected instant messaging users has found its way through Twitter, infiltrating users accounts to post messages with links connecting to weight-loss drugs.
Hacked Twitter accounts are being used to post messages that promote weight-loss drugs. The messages vary in the stated text, but generally states the same message and are [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Fake Videos Lead to Fake Flash PlayerCybercriminals have long used videos as a lure to get unknowing users to download and install malware onto their systems. Recently, however, a new variant came up that differs just a little from the usual modus operandi.
TROJ_SMALL.UY, at first glance, appears to be a fairly standard malware that’s installed by claiming it’s needed for a [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Gumblar Finds Successor, Continues Info Stealing SpreeGumblar.{BLOCKED}, the domain to which visitors of reported compromised websites were directed to was taken down, only to be replaced by a new one: Martuz.{BLOCKED}.
In an attack which quickly garnered much attention in the security industry, visiting compromised websites were found to redirect the user to Martuz.{BLOCKED}, which leads to a download of a file [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Pushdo/Cutwail – Traditional AV is Useless (Part 5 of 5)This is the final part of our report on Pushdo. Read the first, second, third, and fourth part of this report for more information.
Over the course of our blog series on Pushdo we have covered some of the key aspects of the threat – how it spams, its stealth components, sniffer and some background on [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
German Job Offers Used for Nigerian ScamThese days, German users receive emails announcing that a company called IT-Electronics is looking for professionals in search of extra income.
Here is a rough translation of the email message:
Dear recipient,
IT Electronics, the leading Asian firm in the field of information technology, announces again its intention to employ workers in Germany. We give you [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Koobface Worm Alive and WrigglingShortly after a phishing attack that targeted the 200 million users of immensely popular social networking site, Facebook, another attack was launched by cybercriminals. This time however, the attack targets not only Facebook users but also members of Tagged, Friendster, MySpace and other networking sites as well.
A new Koobface attack was found, which uses the [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Pushdo/Cutwail – Sniffing for the Win (Part 4 of 5)Check out the first, second, and third part of this report.
The bad guys behind this botnet are sly and evil, you have to give them that!
From their end, this is just pure business. They cater to Russian companies to advertise their services, be it a law firm or a dance academy, but they have [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Pushdo/Cutwail – Can’t Touch This (Part 3 of 5)
Read the first and second part of this report.
We’ve all been there. Your scheduled scan displays a popup with text similar to
“A malicious file c:\definatelyNotAVirus_Honest.exe has been detected on your computer”
On finding a malicious file some network administrators will even proactively submit suspicious files to multi-scanner online services such as “Virus Total” - which [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Mediterranean Hacktivism on the RiseThe increasing number of website defacements by hackers in the Mediterranean region highlights persistent Web server security issues. A few weeks ago, Turkish hackers defaced several New Zealand websites, among them some high-profile and high-traffic sites, by modifying the pages to display messages like “Stop the war Israel (sic),” or a picture of Bill Gates [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
CVE-2009-0556 Vulnerability PatchedMicrosoft finally released on Tuesday the patch for the PowerPoint vulnerability that has been exploited by cybercriminals early last month. The said update patches 14 Microsoft PowerPoint vulnerabilities, 11 of which were rated as critical, Microsoft’s highest threat ranking. It provides fixes for some versions of Microsoft Office, including 2000, XP, 2003 and 2007.
However, [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
|
SyndicateNavigation |