The Android threat landscape continues to evolve in 2013. To distribute Android threats, malware authors are transitioning away from attacking traditional vectors like the Google Play Market and third-party Android markets to vectors like spam and phishing emails and SMS. Recently a new information-stealing Android malware was found being distributed as an attachment in emails Read more…
One threat has evolved and dominated the threats landscape like no other: botnets. Practically every day a new set of online criminals attempt to exploit users in some way or the other. The best way to stop this threat at the perimeter is to identify its communication channel and block the bot from connecting to Read more…
One threat has evolved and dominated the threats landscape like no other: botnets. Practically every day a new set of online criminals attempt to exploit users in some way or the other. The best way to stop this threat at the perimeter is to identify its communication channel and block the bot from connecting to Read more…
While monitoring a Russian underground forum recently, we came across a discussion about a Trojan for sale that can steal credit card information from machines running Windows for financial transactions and credit card payments. The malware, vSkimmer, can detect the card readers, grab all the information from the Windows machines attached to these readers, and Read more…
A massive computer shutdown of two South Korean banks and media companies occurred Wednesday via an Internet malware attack. The malware wiped out the master boot records on the hard drives of the infected computers, overwriting the MBR with either one of these strings: PRINCPES PR!NCPES HASTATI. Figure 1: Snapshot of MBR after infection. The Read more…
A very profitable line for mobile malware developers is Android banking Trojans, which infect phones and steal passwords and other data when victims log onto their online bank accounts. One recent trend is Android malware that attacks users in specific countries, such as South Korea and India. We have already seen this type of malware Read more…
Attackers use all kinds of attack vectors to steal sensitive information from their targets. Their efforts are not limited to only zero-day vulnerabilities. Malware authors often exploit old vulnerabilities because a large number of organizations still use old vulnerable software. The Trojan Travnet, which steals information, is a classic example of malware that takes advantage Read more…
In the quarterly McAfee Threats Reports we offer our readers some charts on the prevalence of messaging botnets. For the last quarter of 2012, we announced the continuing decline in global messaging botnet infections as well as in former leaders Festi and Cutwail (see page 23). In this blog, I will detail the evolution of Read more…
The Problem Cybercriminals are targeting organizations successfully in spite of traditional security measures as noted recently by the NY Times and a front page article in the Wall Street Journal on cyber espionage. This issue is driven by the cybercriminal gangs’ ability to compromise vulnerable systems using sophisticated reconnaissance and penetration tactics. So, how do Read more…
We already know that mobile malware is growing at a fantastic rate, but we now see a new trend that concerns us: specific regions targeted by mobile threats. Just last week McAfee Labs blogged about a new malware threat targeting phone owners in South Korea. Today we have identified another new strain of Android Trojan Read more…