Tag Archives: McAfee Labs

Operation Troy: OpenIOC Release

      No Comments on Operation Troy: OpenIOC Release

  In conjunction with our investigation into Operation Troy, we will be releasing IOC data in the open and highly flexible OpenIOC Framework format. The McAfee Operation Troy IOC can be downloaded here.       In addition to various open/free tools, OpenIOC data can be consumed by:             McAfee Read more…

Adult Voice-Service Apps on Google Play Japan Charge Users Without Notice

McAfee has reported on increasing fraudulent Android applications on Google Play in Japan this year, including one-click fraud applications and fraudulent adult dating service applications. The attackers are still looking for new victims using various techniques. We have also found a new variant of the one-click fraud application that lures careless users into adult voice-connection Read more…

New Zero-Day Attack Copies Earlier Flash Exploitation

Late on July 10, Microsoft released a blog post disclosing that they were aware of a zero-day attack in the wild. This attack exploits a previously unpatched Internet Explorer vulnerability (CVE-2013-3163). It’s interesting that the vulnerability was just patched in this month’s Patch Tuesday (July 9), which is perhaps only a coincidence. Although we do Read more…

Dissecting Operation Troy: Cyberespionage in South Korea

Today we announce the McAfee Labs report Dissecting Operation Troy: Cyberespionage in South Korea, the results of a four-month investigation into the events surrounding the cyberattack Dark Seoul, which occurred on March 20. The group behind Dark Seoul was involved in more than what previous reports have covered: DDoS attacks dating from 2009 and the Read more…

Android Malware Set for July 4 Carries Political Message

McAfee Mobile Security has identified a new Android Trojan embedded in a pirated copy of an exclusive app from rapper Jay Z. We suspect the malware author is attempting to go after the demand for the app Magna Carta Holy Grail on pirated sites. The legitimate app has been released exclusively for Samsung devices on Read more…

Targeted Campaign Steals Credentials in Gulf States and Caribbean

Last week, McAfee’s Foundstone Incident Response team got hold of a piece of malware that was sent out during a phishing campaign. The campaign targeted several companies and institutes in the United Arab Emirates, Oman, Bahrain, and a couple of Caribbean islands. The executable that was sent with the email was called emiratesstatement.exe and the Read more…

Security Apps, Malware Race to Be First On Your Mobile

In China, there is a saying: “道高一尺,魔高一丈,” meaning “The law is strong, but the outlaws are sometimes stronger.” In the last few weeks, a new Android malware we’re calling Android/Obad.A has appeared. It uses a number of techniques that have rarely been seen before in mobile malware. Android/Obad.A requests the victim to authorize its Device Read more…

Styx Exploit Kit Takes Advantage of Vulnerabilities

Web-based malware has increased over the last few years due to an abrupt spike in new exploit kits. These kits target vulnerabilities in popular applications and provide an effective way for cybercriminals to distribute malware. We have already discussed Red Kit, a common exploit kit. Recently McAfee Labs has observed an increase in the prevalence Read more…

Mobile Malware Plays Hide and Seek

      No Comments on Mobile Malware Plays Hide and Seek

Android/Obad.A is mobile malware that has been described as very complex. Truly it is one of the most complex we’ve seen because it: Uses Bluetooth to infect other Android devices Accepts commands from the attacker Hides from the Device Administration list This is a good collection of malicious activities for a modern piece of malware. Read more…

Mobile Malware Plays Hide and Seek

      No Comments on Mobile Malware Plays Hide and Seek

Android/Obad.A is mobile malware that has been described as very complex. Truly it is one of the most complex we’ve seen because it: Uses Bluetooth to infect other Android devices Accepts commands from the attacker Hides from the Device Administration list This is a good collection of malicious activities for a modern piece of malware. Read more…