Malware and botnets and phishing, oh my! Symantec’s latest report on the Internet threat landscape highlights trends in cybercrime.
source
Posted under Spyware in the News
This post was written by Ted on June 24, 2009
Three Ways Internet Crime Has Changed (PC World)
Software protects networks against email-borne threats. (ThomasNet)
Operating as third-party plug-in, SPAMfighter Mail Gateway offers protection against all email-borne threats that attack networks continuously – spyware in attachments, spam, and phishing. Instant spam protection is provided without any setup or configuration, and user-defined actions prevent network penetration if spyware/spam is detected. Solution integrates seamlessly with existing email …
source
Posted under Spyware in the News
This post was written by Ted on June 16, 2009
HAMLET. “Something is rotten in the state of Malware”
Written on behalf of José Julio Ruiz de Loizaga. Today being the birthday of William Shakespeare, I felt the urge to write this post. When reversing files, one is prepared to find anything – well, almost anything. I was analyzing a dll and was surprised to find passages from Hamlet. At first I thought "My God, a trojan that promotes literacy, how odd." My surprise increased when the next files, two additional dlls, also contained fragments of The Bard's prose.First dll.It was clear that these three files were related. There were two possibilities, either the malware author was a fan of sixteenth century renaissance literature, or that the text was used to make detection more difficult.This method has been seen before in phishing emails. Anti-phishing engines look at keywords in the body of a message. When these words are found, they are correlated to the length of the message. In other words, a keyword has greater weight the more times it is repeated in a short message, which is why it is not unusual to find phishing emails with some literary text rendered white, so as to be invisible to the reader. Although the recipient does not see the extra words, the anti-phishing engine is fooled by the additional words. Second dll.This technique isn't exactly the same, but it has the same goal; to trick the antivirus. In this case, the signature file engine is the target. The additional text is inserted with the intention of changing the file's signature, thereby avoiding detection. The truth is that this is an interesting and educational way of doing so. Third dll.P.S., I would have personally chosen "100 Years of Solitude", but well, "Hamlet" is not bad either.
source
Posted under Malware Alerts
This post was written by Ted on April 24, 2009
Webroot Threat Advisory: Phony Warnings from the Federal Reserve Bank Aim to Swindle Americans (PR Newswire via Yahoo! Finance)
Webroot, a leading security provider for the consumer, enterprise and SMB markets, has detected a phishing scam exploiting the names of the Federal Reserve Bank and other federal entities to fool consumers into clicking Web links that infect their PCs with spyware.
source
Posted under Spyware in the News
This post was written by Ted on March 30, 2009
Spear Phishing Scam Targets LinkedIn Users (Washington Post)
About 10,000 users of LinkedIn.com, the social networking site for professionals, recently were targeted by a tailor-made scam that urged recipients to open a malicious file masquerading as a list of business contacts. Most e-mail-based malware attacks and phishing campaigns designed to trick people into handing over personal and financial data generally are blasted out indiscriminately. But …
source
Posted under Spyware in the News
This post was written by Ted on March 11, 2009
