Last week, we noticed thousands of malware files in the wild that employ a simple phishing attack by modifying the hosts file on Windows systems. What’s interesting, however, is the technique chosen by the malware authors to distribute their payload. The samples in question (Example MD5: 34d9b42bfd64c6f752fe27eef8d80c5f) are packaged in a ZIP file along with Read more…
Foreign languages are no longer as difficult to understand as they once were, thanks to improvements in web translation services, which instantly translate words and web pages. The website translator plug-in can expand your global world with an amazing and effortless approach by automatically recognizing foreign-language identifiers. Website translators require JavaScript to be enabled to Read more…
In what may be the biggest security-related incident on Google Play this year, multiple Trojans targeting Japanese users were discovered carrying the strain of Android one-click fraud. McAfee Mobile Research has already identified multiple developer accounts that were used to spread the malware and confirmed that more than 80 applications of this type existed on Read more…
In what may be the biggest security-related incident on Google Play this year, multiple Trojans targeting Japanese users were discovered carrying the strain of Android one-click fraud. McAfee Mobile Research has already identified multiple developer accounts that were used to spread the malware and confirmed that more than 80 applications of this type existed on Read more…
Exploits of the Java Runtime Environment (JRE) have been extensively used in drive-by-download toolkits such as Blackhole and Red Kit. New vulnerabilities discovered in 2013, such as CVE-2013-1493 and CVE-2013-0422, are popular, and we still see lots of older exploits such as CVE-2012-1723, CVE-2012-4681, and CVE-2012-0507. These vulnerabilities are already fixed in the latest JRE. Read more…
One thing that disturbs me is how people classify some malware by how surprising large the file is, how many libraries it uses, etc. In many cases, this just means the malware has inefficient code and all the tools are available to easily convert the binaries back into human-readable pseudocode. Let’s look back a bit Read more…
The Android threat landscape continues to evolve in 2013. To distribute Android threats, malware authors are transitioning away from attacking traditional vectors like the Google Play Market and third-party Android markets to vectors like spam and phishing emails and SMS. Recently a new information-stealing Android malware was found being distributed as an attachment in emails Read more…
One threat has evolved and dominated the threats landscape like no other: botnets. Practically every day a new set of online criminals attempt to exploit users in some way or the other. The best way to stop this threat at the perimeter is to identify its communication channel and block the bot from connecting to Read more…
One threat has evolved and dominated the threats landscape like no other: botnets. Practically every day a new set of online criminals attempt to exploit users in some way or the other. The best way to stop this threat at the perimeter is to identify its communication channel and block the bot from connecting to Read more…
While monitoring a Russian underground forum recently, we came across a discussion about a Trojan for sale that can steal credit card information from machines running Windows for financial transactions and credit card payments. The malware, vSkimmer, can detect the card readers, grab all the information from the Windows machines attached to these readers, and Read more…