New VirusesHappy Birthday, AMTSO!
Last week, the Anti-Malware Testing Standards Organization, or AMTSO, held its second members’ meeting this year that took place in Budapest, Hungary as an extension to the CARO Workshop. AMTSO released new papers at their website, adding to their roster of documents regarding the organization’s principles and guidelines on testing.
Trend Micro has been constantly and [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Pushdo/Cutwail – From Russia with Love (Part 2 of 5)Read Part 1.
Russia has always been famous for some of its better known exports such as oil, gas, vodka and Andrei Arshavin (for our non-European readers, he kicks a leather ball around a pitch without wearing any body armour). Unfortunately nowadays we can add spam botnets to that list. The famous Storm botnet from 2008 [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Spoofed Western Union Mail Carries Info StealerFast, safe, and reliable–the promise of money transfer companies. They have been popular because of the convenience in transferring money in almost any part of the world. A convenience being enjoyed by spammers as well.
Recently, the Content Security team caught spam claiming to be from Western Union containing a notice of an uncollected money transfer. [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Pushdo/Cutwail – The Art of Spamming (Part 1 of 5)This is the first of the 5-part report on Pushdo. Don’t miss the next part of this series: “Pushdo – From Russia with love.”
Unless you’ve been off the Internet for the last seven years, you’ve probably heard of the massive security problem that botnets have become. These large collections of infected computers commanded by criminal [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Fake Antivirus Targets BrazilFake/rogue antivirus strikes again, this time targeting the users in Brazil. Like in today’s malware trends, it did not come alone.
It initially starts with a spam message:
SUBJECT:
Hello, I am sending you my invitation to the graduation location, date and time
BODY:
Hello, I am sending you my invitation to the graduation location, date and time.
I [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Yet More Swine Flu AttacksSpammers know a thing or two about persistence, it seems. CNET reports a new Trojan—TROJ_QHOST.TB—that is the latest to take advantage of fears of swine flu. TROJ_QHOST.TB modifies the HOSTS file of any affected system, which results to the user being redirected to a spoofed banking-related website whenever they attempt to access the real ones. [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Cybercriminals Launch Tainted Windows 7 RCThe official launch of the Windows 7 Release Candidate last May 5 was soon followed by another version of the software, only that this other version came with a malware surprise.
A file being hosted in popular torrent sites posing as a copy of the Windows 7 RC was found to be a Trojan by security [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
APWG Counter E-Crime Operations Summit 2009, Barcelona
I’m very much looking forward to seeing old & new friends in Barcelona next week at the annual APWG Counter E-Crime Operations Summit (CeCOS) 2009. This will be the third instance of this event (I have been to all three), and I am happy to report that if the upcoming Barcelona conference is anything like [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Waledac Turns to Cash and VaccinesRiding on the ongoing global economic recession, Waledac updates its spam messages with email subjects related to earning a fortune through Google cash.
Other spam email subjects we’ve seen so far:
Be your own boss with Google
Earn cash using Google today
Google System that really works
Make a fortune online
Make thousands a month from home
Start your home business today
Use [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Voice-Over-Net-AGE Phished!The Content Security Team encountered a phishing page of VONAGE.
Vonage is a publicly-held commercial voice over IP (VoIP) network and SIP company that provides telephone service via a broadband connection.
The phishing page looks exactly like Vonage official log in page. The phishing site asks the user to enter their user name and password. Once [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Spoofed KMart Survey Offers $150 for Credit Card InfoAfter the Walmart phish, comes the KMart survery form phish wherein it promises to add a $150 to the users account just by taking the survey form. As shown in the verification page, the user has to rate each criterion provided and then the personal information of the user such as full name, phone number [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Swine Flu Spam Attempt to Infect Japanese UsersAnother swine flu-related spam run was recently reported, this time targeting Japanese users. Aside from using the swine flu as its social engineering method, which has already been used in earlier spam runs, this spam run also uses a technique where the sender of the message appears to use the .yahoo.co.jp domain. This serves [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Porn Sites Lead to MBR RootkitWebsites related to pornography that appear to be compromised were found by Trend Micro engineers loading malicious JavaScript which redirects users onto malicious domains that ultimately lead to the download of an MBR rootkit (TROJ_SNOWAL.A)onto the affected system.
The malicious JavaScripts are now detected as the following:
JS_IFRAME.APQ
JS_IFRAME.ABG
JS_IFRAME.QD
JS_PSYME.CRT
JS_IFRAME.APU
JS_IFRAME.APW
The abovementioned malicious scripts all follow a similar routine: [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Koobface Tries CAPTCHA BreakingEarly this week, we’ve encountered a new Koobface spam campaign which involved links that eventually led users to this Youtube copycat web page.
The scheme uses the old flash player trick (see Figure 1) where the user is told that they need to download the latest version of Adobe Flash Player to view a certain video. [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Fake Form W-8BEN Used in IRS Tax ScamsEvery year, April 15th marks the deadline for the submission of tax returns in the US, and with it comes the now-classic IRS (Internal Revenue Service) scam.
Scammers are on the hunt for those who were not able to file their tax statements yet. Knowing how busy people are these days, scammers have taken advantage of [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
WALEDAC’s Latest Spamming FetishWALEDAC has found a new fetish — spamming users with email messages on free foot fetish movies.
According to Advanced Threats Researcher Joey Costoya, who initially reported the new WALEDAC spam run, clicking the link in the spammed email redirects users to websites featuring foot fetish videos.
WALEDAC is notorious for employing various social engineering techniques that [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Search for Twitter Worm News Snowballs to More MalwareDays after the Twitter worm outbreak that affected “tens of thousands of users,” the attacks on the popular microblogging site are anything but slowing down. In fact, cyber criminals are taking advantage of the public’s interest and high media coverage of the incident to spread malicious links.
Among the top ten search results in Google for [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
New Waledac Campaign: SMS ‘Snooping’ SoftwareAfter attempting to shock us with dire news of terrorist bombings, Waledac now attempts to entice us with offers of spying somebody else’s (notably a lover’s) SMS messages.
The links in the spammed messages shown above lead to a malicious website, which offers a 30-day trial for a SMS (Short Messaging Service) Spying software. The link [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
Online Casino, Geocities, and WaledacDeviating from Conficker/Downad update and jigsaw puzzle menace, Waledac updated its spam emails and is now spamming online casino advertisements.
The spammed email contains a URL link to a Yahoo! Geocities web page which is shown in Figure 4, and when the link “Play now” is clicked, it shows a casino related image ad as shown [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
April 2009 Patch Tuesday ReleaseMicrosoft released a total of 8 patches last April 14, comprising of 5 critical, 2 moderate, and 1 important update for the Windows OS. More information on the said patches are given below:
• (MS09-009) Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557)
• (MS09-010} Vulnerabilities in WordPad and Office Text Converters Could [...]
Post from: TrendLabs | Malware Blog - by Trend Micro Categories: New Viruses
|
SyndicateNavigation |