Recently we identified a threat which uses Twitter and Facebook to spread. The origin of the infection begins by clicking malicious tweets or Facebook posts. After clicking a tweet similar to the figure below, the user is redirected to a webpage, which asks to download and install Adobe Flash Player. The translation of the marked […]
The title of this blog post may make you think that we will discuss the security of your Facebook account. Not this time. However, I will analyze an attack which starts with a suspicious email sent to the victim’s email account. The incoming email has the following subject, ‘Hey <name> your Facebook account has been […]
If you had the privilege to meet Android:Obad, which Kaspersky earlier reported to be the “most sophisticated android malware,” you are in a real bad situation and this will probably be the moment to which you’ll be referring to in the future as “The time I learned the hard way what better-safe-than-sorry means.” A few […]
We all have our favorite apps for all the things we do. I use Shazam when I don’t know what song is playing, Maps when I’m lost, FlightRadar24 when I’m curious about the plane flying over my head. These apps are there for my satisfaction; they meet some need. Each of us have different needs […]
Recently I wrote a blog post about a legitimate website spreading Sirefef malware. Then I continued with a deeper analysis and noticed that it uses an interesting cryptor. Malware authors spread many new variants of malware every day. These variants often look completely different at the first glance. That’s why regular updates of your antivirus […]
Grum, one of the largest spamming botnets, suspected to be responsible for over 17% of worldwide spam (as described here), which was “killed” in July 2012, still lives. We have been tracking its activity since January 2013. We can confirm spiderlab’s doubts about the grum killing published in March 2013. The following article provides some […]
When the mastermind hackers of the notorious Carberp Banking Trojan were arrested, we thought the story had ended. But a sample that we received on May 7th, a month after the arrests, looked very suspicious. It connected to a well known URL pattern and it really was the Carberp Trojan. Moreover, the domain it connected […]
I was given a suspicious website link pointing to the website belonging to Board of Regents of State of Louisiana. This link points to the main website hxxp://regents.la.gov/, followed by /wp-content/upgrade/<numbers>.exe, where <numbers>.exe represents several random numbers, followed by EXE extension. A link looking like the following one hxxp://regents.la.gov/wp-content/upgrade/<some_numbers>.exe seems suspicious at first glance. Websites […]
We come across a plenty of malware reports every day. Sometimes we have to deal with some special cases, where a respected vendor is involved. This time it was the Dell driver download site. The “Download file” link leads to this unexpected screen (our user complained about a false positive): Well, being an average user, […]
Several months ago I wrote a blog post about an adware downloader which after execution downloaded a few adware programs and installed them on the computer, giving no chance for the user to skip or bypass their installation. This time, we will analyze an application, which installs similar types of adware programs on user computers. […]