In our previous FAKEAV whitepaper, we presented how Trend Micro researchers tracked down the evolution of FAKEAV and classified its development, behavior-wise, according to generations. One of the early generations listed in the paper can be recalled as the DLL-based FAKEAV (4th Generation) – a FAKEAV group that uses a DLL file to perform all [...]
26 April 2011
We first detected malware from globalpoweringgathering.com almost a month ago, and posted on our blog about it. But just on the last few days, we started to see a big increase in the number of sites infected with it.We were able to catalog a find almost 3 thousand sites with this malware and Google lists [...]
26 April 2011
Facebook Ads are all the rage right now in the business world because of how efficient they can be when it comes to targeted advertising. However, in a stellar display of how resourceful people can be, one Facebook user named Matt Simpson has found yet another innovative purpose for Facebook Ads. He doesn’t have money [...]
26 April 2011
Earlier the other day, I was browsing through the Yahoo! PH site and the Yahoo! Purple Hunt 2.0 ad caught my attention.Curious as I am, I clicked on the ad and surprisingly my browser downloaded a suspicious file named com.com.Apparently this ad redirected me to a randomly generated URL similar to the following which, unfortunately, [...]
25 April 2011
Google has released a video showing at least some of the security and data protection techniques used in its worldwide network of data centers.The video plays like a souped-up advertisement for the search giant and its Google Apps suite of online business applications – there are more than a few visual allusions to the Tom [...]
25 April 2011
An American citizen has admitted to stealing data for more than 676,000 payment cards from databases he hacked into and netting more than $100,000 by selling them in underground bazaars online.Rogelio Hackett, 26, of Lithonia, Georgia, pleaded guilty to one count of access device fraud and one count of aggravated identity theft. He admitted a [...]
25 April 2011
There are a couple of ways to locate Search Engine Poisoning networks: you can locate sites serving payloads (especially those of the Fake AV variety) and trace backwards to find the link-farm network that feeds them, or you can look for the link-farms and trace forward. (We use several variations on both methods.)Recently, as I [...]
25 April 2011
Reports surfaced late today that the Easter Bunny had a minor incident while hiding the last of his eggs during his traditional Easter mission.Every year the Easter Bunny travels the world hiding brightly colored eggs and baskets with goodies for children to discover on Easter morning.“It would be a tragedy if the locations of all [...]
25 April 2011
Facebook seems to be making quite a number of enemies these days with their decisions regarding censorship. First they made a bunch of breastfeeding mothers really angry by removing photos of breastfeeding babies and now they went ahead and made the gay community really angry by removing a relatively simple picture of two men kissing. [...]
25 April 2011
Scam Signature Message: My Top Profile ViewersScam Type: Survey Scam – Fake Event - Profile PeekerTrending: April 2011Why it’s a Scam:Clicking the wall post link takes you to the following page: Never, ever copy and paste code directly into your browser. You bypass security controls built into your web browser, and you totally expose your computer to the code creators. If [...]
25 April 2011
Scam Signature Message: See what you’ll look in the future!Scam Type: Survey Scam, Rogue ApplicationTrending: April 2011Why it’s a Scam:Clicking on the wall post link takes you directly to the survey scam shown below: Here we see the end game of a typical Facebook Survey Scam. Each time someone completes a survey, the scam creator gets a commission. The scam creator [...]
25 April 2011
Inspired by a post yesterday from Alasdair Allan and Pete Warden discussing how the iPhone records and stores geo-location data, I decided to poke around to see what other interesting security issues may be lurking among the iPhone backup files. I’ve been concerned for some time that we’re due for a flood of security issues in [...]
25 April 2011
The revolutions spreading across the Arab world have grabbed the attention of people across the globe, including cybercriminals: so-called ‘Nigerian’ spam emails have recently appeared claiming to be from a variety of “relatives” of Gaddafi and Mubarak. There’s absolutely nothing new about the messages they send: the ‘Nigerians’ don’t always introduce themselves as the solicitor [...]
25 April 2011
A carder and hacker that has been arrested in 2009 by the Secret Service for trying to sell 40 stolen card numbers to one of their undercover agents, has pleaded guilty to access device fraud and aggravated identity theft charges.The 26-year-old Georgian native Rogelio Hackett, Jr., has admitted that he has been selling credit card [...]
24 April 2011
Ah, Kate. When she isn’t waving at babies, mingling with the commoners or appearing on Tumblrs she likes to set down some thoughts on her blog located at katemiddleton997(dot)typepad(dot)com:Click to EnlargeShe also wants you to check out her movie clip. Unfortunately, this movie clip can’t be viewed unless you update your version of Flash. Alarm [...]
22 April 2011
Celebrities and Hollywood gossip sites. Can’t say I frequent them very much, but if I did, I’d probably see something similar to karibyron-hot(dot)cz(dot)cc.Click to EnlargeBesides the images of people walking away from explosions in slow motion and photographs of actors I’ve never heard of are videos lurking further down the page. What do you think [...]
22 April 2011
A little earlier as announced, Adobe released updated versions of Adobe Acrobat and Reader. These programs were vulnerable to the Flash Player zero-day-vulnerability as well, which was fixed last week already. As the vulnerability is rated critical, users of Acrobat and Reader should download and install the updates as soon as possible. The updated version [...]
22 April 2011
A new method of producing malicious PDF files has been discovered by the avast! Virus Lab team. The new method is more than a specific, patchable vulnerability; it is a trick that enables the makers of malicious PDF files to slide them past almost all AV scanners. Overall, PDF specifications allow many different filters (such [...]
22 April 2011
Another list of fake job domains relating to this long running scam and in addition to these recent ones. Solicitations are sent by spam are are attempting to recruit people for money laundering etc, so best avoided. australia-union.com europ-hire.com europ-union.com next-jobb.com usa-1job.com Registrant details (no doubt fake) are: Vilechka Pelka Email: rewerta12@yahoo.com [...]
22 April 2011
This scam has been around for years – basically, you get an unsolicited email from a company claiming to be a domain registrar in China (it is usually China) that says that someone is trying to register a domain similar to one that you already own. The idea is that the recipient will panic and [...]
22 April 2011
Several news services are reporting that the son of Eugene Kaspersky, founder of the Moscow-based security firm Kaspersky Labs, has been kidnapped for ransom in Russia. The reports, including one from BBC News, are based on unconfirmed stories reported in Russian newspapers about the alleged kidnapping. According to the reports, Ivan Kaspersky, 20, was on [...]
22 April 2011
A Twitter follower sent me this link to check out: www.hackfacebook.orgThis page promises to retrieve the Facebook password from your cheating girlfriend or if you just have an insatiable desire to know everything about a person.Are you ready for this? Let’s:But don’t get too excited just yet! You need to fill out a survey:Online surveys are just [...]
22 April 2011
Some time ago, a security researcher, Alex Levinson, found out the iPhone was keeping a SQLite database of the iPhone’s location (wifi-based location, cell-based or GPS) and a few other information. The file, located in /private/var/root/Library/Caches/locationd/consolidated.db, is easily accessible on jailbroken phones (ssh or any file transfer tool) and readable by any SQLite3 tool. This [...]
22 April 2011
Some time ago a new rootkit appeared which at first glance seemed more similar to initial variants of TDL3 than to the updated TDL4 variants we have seen this year. Like TDL3 it also parasitically infected a driver by inserting code in the resource directory of the PE file. In this case the name of [...]
21 April 2011
