malware

The FBI is willing to pay top dollar to download some malware

The Federal Bureau of Investigation is willing to pay top dollar for the malicious, infectious software the rest of us pay to keep out of our computers, according to the Federal Business Opportunities website. A Monday price quote request by the Investigative Analysis Unit of the agency’s Operational Technology Division is asking computer security developers …

The FBI is willing to pay top dollar to download some malware Read More »

Boston Marathon Bombing Links May Hide Java-Based Exploits

PCMag: My social media accounts and email inbox are full of links to stories about the horrific incident in Boston earlier this week. I am reading about the victims, the bystanders and first responders that rushed to help, and looking for updates on the investigation. It turns out I should be careful about what links …

Boston Marathon Bombing Links May Hide Java-Based Exploits Read More »

Backdoor Uses Evernote as Command-and-Control Server

With its rich functionality and accessibility, Evernote is a popular note-taking tool for its many users. Unfortunately, it may also provide the perfect cover for cybercriminals’ tracks. We recently uncovered a malware that appears to be using Evernote as a communication and control (C&C) server. The malware attempts to connect to Evernote via https://evernote.com/intl/zh-cn, which …

Backdoor Uses Evernote as Command-and-Control Server Read More »

Turkish FlashPlayer? no! It’s malware

I recently came across the file “FlashPlayer.exe” during the course of regular research. The file had been distributed with the file name FlashPlayer.exe and not surprisingly, when executed, it shows the following GUI, partly written in Turkish: Obviously, it’s disguised as an Adobe Flash Player 11 installer. Here is more info about the file: File …

Turkish FlashPlayer? no! It’s malware Read More »

Stuxnet Missing Link Found, Resolves Some Mysteries Around the Cyberweapon

Cross-posted from WIRED. As Iran met in Kazakhstan this week with members of the UN Security Council to discuss its nuclear program, researchers announced that a new variant of the sophisticated cyberweapon known as Stuxnet had been found, which predates other known versions of the malicious code that were reportedly unleashed by the U.S. and …

Stuxnet Missing Link Found, Resolves Some Mysteries Around the Cyberweapon Read More »

Dorkbot worm lurks on Skype and MSN Messenger again

The Dorkbot/Rodpicom worm, which spreads via messaging applications and leads to additional malware infections, is currently doing rounds on Skype and MSN Messenger, warns Fortinet. The vicious circle starts with potential victims receiving a direct message from a contact, asking “LOL is this your new profile pic? http://goo.gl/[removed]”. Those who follow the link land on …

Dorkbot worm lurks on Skype and MSN Messenger again Read More »

Narilam Worm manipulates databases in Iran

h-Online: Security firm Symantec has discovered a specialised worm called W32.Narilam that can compromise SQL databases. Symantec reports that the malware “speaks” Persian and Arabic and appears to target mainly companies in Iran. Narilam is, therefore, reminiscent of Stuxnet and its variants. Narilam spreads via USB flash drives and network shares. Once inside the system, …

Narilam Worm manipulates databases in Iran Read More »

Crisis malware infects VMware virtual machines

v3.co.uk: The Windows version of the Crisis Trojan is far more dangerous than first thought, being capable of infecting VMware virtual machine images, Windows Mobile devices and removable USB drives, research has revealed. Crisis was originally uncovered targeting businesses with social engineering attacks that trick users into running a malicious Java applet in July. Symantec …

Crisis malware infects VMware virtual machines Read More »

Bogus anti-hacking tool targets Syrian activists

h-online: Syrian activists, journalists and opposition group members are reportedly under attack by malware claiming to be a security tool that will help protect them against hackers. The fake “AntiHacker” tool is being spread through targeted phishing emails and via sites such as Facebook, and claims to provide “Auto-Protect & Auto-Detect & Security & Quick …

Bogus anti-hacking tool targets Syrian activists Read More »