Category: blog
-
Mac trojan is VMware-aware
Malicious execution stopped when virtual environment is detected. Researchers at F-Secure have found a variant of the ‘Flashback’ trojan for Mac (a fake Adobe Flash Player update) that is capable of detecting whether it is run in a virtual environment. Virtualization is a technique commonly used by malware researchers as it allows them to run…
-
Government trojan found on German computers
Four states admit the use of spyware. Controversy has arisen in Germany, after the well-known CCC hacker group reported that it had found a trojan that was used to spy on behalf of law enforcement agencies. The malware, which has since been given the names ‘R2D2’, ‘0zapftis’, and more informally, ‘Bundestrojaner’ (‘Federal trojan’), shares many…
-
VB conference hashtag used to spread malware
Tweet promising conference news links to trojan. A tweet using the #vb2011 hashtag, which was used in numerous tweets referring to last week’s VB2011 conference , contained a link spreading malware, according to researchers at BitDefender . The link used a URL-shortening service to download a file named VB2011.exe , which, once executed, injected a…
-
Mysql.com hacked, serving malware
Root access to site offered on black market. Yesterday, mysql.com, the official website of the popular database management system MySQL , was hacked and visitors to the website were at risk of being infected with malware. The hack of popular websites is nothing new, and with such sites serving as the shop windows of the…
-
E-marketing companies compromised to send spam
Fake order confirmations contain malicious links. Spammers have gained access to the accounts of email service providers (ESPs) and used them to send out fake order confirmation spam with links leading to malware. The systems of ESPs are a popular target among spammers: they contain a large number of email addresses and other personal information…
-
Alureon trojan uses steganography to receive commands
Messages hidden inside images create extra layer of redundancy. Researchers at Microsoft have discovered a new variant of the ‘Alureon’ trojan that uses steganography to make itself invincible against the takedown of botherders’ domains. Steganography , sometimes referred to as ‘hiding in plain sight’, is the art and science of writing messages in such a…
-
Attack targets government agencies in CIS countries
Trojans used to steal specific files. Researchers at Trend Micro have discovered an ongoing targeted attack against, among others, government agencies and diplomatic missions in Russia and its neighbours. The attack is executed by sending targeted emails to employees. These emails contain attachments that exploit vulnerabilities in popular software and allow the attackers to install…
-
New RFC grants DKIM improved status
Email signing method now ‘Draft Standard’. The Internet Engineering Task Force (IETF) has published a new RFC describing the DKIM protocol which sees its status advance from ‘Proposed Standard’ to ‘Draft Standard’. DKIM (‘DomainKeys Identified Email’) allows mail transfer agents (MTAs) to sign email messages that pass through them and also to verify a signature…
-
Malicious spam campaigns leave experts puzzled
Increase in malware in spam has not led to increase in malicious activity. Security researchers have noticed a significant increase in the quantity of spam sent with malicious attachments since the beginning of August; however, they are unclear about the goal of these campaigns. The campaigns, which we wrote about last month, started to appear…