The Canadian Pharmacy gang has added a new repertoire to their arsenal - this time they’re using Rich Text Format (RTF) files attached to the messages. The RTFs, when opened, looks like this: The domain names have a pattern of %randomletters%%randomdigits%.ru. This is a domain pattern we had seen before in the wavy image and mp3 Canadian [...] [...more]
ESET Smart Security and ESET NOD32 Antivirus v4.2.40 and ESET Authentication Server v1.0.26.0 have been released in Danish, Finish, Norwegian, Swedish and Turkish for licensed users, as well as trial versions of ESET NOD32 Antivirus, with other languages to follow.For more information, or to download licensed copies, visit ESET's web site here. For further information or to obtain an evaluation copy contact your local ESET office, distributor or reseller. [...more]
Beware, Twitter enthusiasts! Spam posing as Twitter email notifications are currently proliferating in the wild. The spam are of two types—the first type attempts to steal personal information or login credentials while the second attempts to infect systems with malware. A legitimate Twitter notification email looks like this: It usually begins with “Hi, *name of user*” and [...]Post from: TrendLabs | Malware Blog - by Trend MicroSpam Poses as a Twitter Email Notification [...more]
.PDF files—or their inherent features—have been used by cybercriminals in some of the most noteworthy attacks we have encountered. Modified versions of this file type have been especially notorious these past few months since they are capable of attacking user systems by initially exploiting inherent vulnerabilities found in Adobe Reader and Acrobat. TrendLabsSM has documented [...]Post from: TrendLabs | Malware Blog - by Trend MicroPDF Exploit Becomes a Little More Sophisticated [...more]
ZeuS/ZBOT is best known for its information-stealing routines via the use of configuration files downloaded from their home sites. They are created using toolkits that allow remote control of the malware. Getting them to infect target systems is the tricky part. Cybercriminals have thus tried utilizing drive-by downloads, spammed messages, worm propagation, and many more [...]Post from: TrendLabs | Malware Blog - by Trend MicroZeuS/ZBOT Tries Out File Infection [...more]
TrendLabsSM received reports of a suspicious email claiming to be an IT notification. It informs users that their mailbox settings have been changed. This email has a .PDF attachment that supposedly contains instructions that the users need to read before updating their settings. This attack is similar to many we have seen previously purporting to come [...]Post from: TrendLabs | Malware Blog - by Trend MicroFake IT Email Notification Spreads Malicious PDF [...more]
Flickr Credit: Sebastia Giralt The title of this post might confuse some people. The 2.0 symbol may trigger thoughts about yet another social networking story we have all read in the last three years and probably do not want to... [...more]
TrendLabsSM recently spotted a phishing site that specifically targets Public Bank of Malaysia’s clients. Public Bank is one of Malaysia’s leading financial institutions that operate in other parts of Asia as well, including Hong Kong, China, and Cambodia. The phishing page mimics Public Bank’s official login page to make users believe that it is the legitimate [...]Post from: TrendLabs | Malware Blog - by Trend MicroPublic Bank of Malaysia Phished [...more]
The ZeuS/ZBOT botnet has been entrenched in the cybercrime business for a long time now and has continuously evolved and improved. Given the vast number of toolkit versions readily available in the underground, the features ZeuS possesses continues to thwart both antivirus and other security solutions as well as the efforts made by the security [...]Post from: TrendLabs | Malware Blog - by Trend MicroAt a Glance: New ZeuS Variants [...more]
ESET Smart Security and ESET NOD32 Antivirus v4.2.40 and ESET Authentication Server v1.0.26 are now available in Hungarian and Slovenian for both licensed and trial users, with other languages to follow.For more information, or to download licensed copies, visit ESET's web site here. For further information or to obtain an evaluation copy contact your local ESET office, distributor or reseller. [...more]
