A massive computer shutdown of two South Korean banks and media companies occurred Wednesday via an Internet malware attack. The malware wiped out the master boot records on the hard drives of the infected computers, overwriting the MBR with either one of these strings: PRINCPES PR!NCPES HASTATI. Figure 1: Snapshot of MBR after infection. The Read more…
A very profitable line for mobile malware developers is Android banking Trojans, which infect phones and steal passwords and other data when victims log onto their online bank accounts. One recent trend is Android malware that attacks users in specific countries, such as South Korea and India. We have already seen this type of malware Read more…
Attackers use all kinds of attack vectors to steal sensitive information from their targets. Their efforts are not limited to only zero-day vulnerabilities. Malware authors often exploit old vulnerabilities because a large number of organizations still use old vulnerable software. The Trojan Travnet, which steals information, is a classic example of malware that takes advantage Read more…
In the quarterly McAfee Threats Reports we offer our readers some charts on the prevalence of messaging botnets. For the last quarter of 2012, we announced the continuing decline in global messaging botnet infections as well as in former leaders Festi and Cutwail (see page 23). In this blog, I will detail the evolution of Read more…
The Problem Cybercriminals are targeting organizations successfully in spite of traditional security measures as noted recently by the NY Times and a front page article in the Wall Street Journal on cyber espionage. This issue is driven by the cybercriminal gangs’ ability to compromise vulnerable systems using sophisticated reconnaissance and penetration tactics. So, how do Read more…
We already know that mobile malware is growing at a fantastic rate, but we now see a new trend that concerns us: specific regions targeted by mobile threats. Just last week McAfee Labs blogged about a new malware threat targeting phone owners in South Korea. Today we have identified another new strain of Android Trojan Read more…
While testing malware recently, we got some logs from our automated analysis system showing a few samples that are only partially replicated. We have heuristics that predict the behavior of a sample; but if that prediction fails, then the heuristics identify the state of a sample and decide if it is worth sending to our Read more…
While working on the release of the latest version of the McAfee Network Security Platform, which offers advanced malware and botnet protection, we tested a sample of the malware Red October. With the help of our in-house advanced botnet analysis framework, we analyzed the network traffic generated by this sample and tracked its communications with the Read more…
It’s a common misconception that mobile malware is a problem limited to users in a particular geographical region such as China or Eastern Europe. Last week, McAfee Labs mobile research department received a mobile malware sample that targets Android mobile phone users in South Korea. The sample pretends to be a popular coffee shop coupon Read more…
McAfee publie aujourd’hui son dernier rapport trimestriel sur les menaces informatiques (McAfee Threats Report: Fourth Quarter 2012) dans lequel le McAfee Labs révèle que les attaques sophistiquées ciblant à l’origine le secteur de la finance sont de plus en plus dirigées vers d’autres secteurs clés de l’industrie, tandis qu’une nouvelle série de tactiques et de nouvelles Read more…