Tag: malware

  1. Forged spam from the FTC contains keylogger.

    31 October 2007

    Someone out there apparently takes a dim view of the US Federal Trade Commission going after spammers (when it gets around to it) because they're sending spam forged from the FTC with malware attached. The spam takes the form of a complaint against the recipient, and asks them to open a document attached to the message. It's actually a keystroke logger that, when installed, records everything the user types from then on and sends it off periodically to someplace on the net. Understandably, they're not pleased with this stunt, and they're asking usres to forward copies of the e-mail (malware …

    Read more...

  2. First weekend update in a while.

    15 October 2007

    For the past couple of weeks, my weekends have been busy enough that there hasn't been much of interest to write about. Not that they weren't interesting interesting, but to be frank talking about driving around all over the place running errands, going to appointments, and things like that doesn't make for terribly gripping reading. This weekend, however, stands out in memory because it was the first really laid back weekend that we'd had in a long while.

    On Friday night Lyssa and I went shopping to get the stuff to make a lamb stew, some of which we'd be …

    Read more...

  3. There once was a BBS tagline that read...

    06 April 2007

    .."Old virus detected - contact your hacker for an update." It seems that malware authors have taken this joke seriously, and are offering subscriptions to website operators that make use of their software. Malware tends to evolve fairly rapidly to get around the cleaner software, which means that sites that deliberately infect web browsers have to keep up to date to keep as many systems as possible infected. Prices tend to start around $66us and climb from there, depending upon how many systems a particular website is able to infect.

    It has become apparent that it is possible to not only …

    Read more...

  4. Just when you thought it was safe to run IIS...

    15 March 2007

    Maybe CERT-FI is following in the footsteps of US-CERT (free tip for you guys: 300 bps is obsolete!), which is why it's taken them eight months to say anything about this, but there is a particularly interesting worm that attacks Windows crawling around on the Net called Allaple-A which is remarkably subtle for an infectious agent. First of all, it's polymorphic, meaning that it rewrites parts of itself whenever it spreads, which makes it difficult for antivirus software to find and kill it. At first, it spread by bruteforcing passwords against the Radmin service and open network shares, but there …

    Read more...

  5. Malware infestations can be bad, but this takes the taco.

    23 January 2007

    I was wrong, things can get more weird. Malware researcher Joe Stewart has been working on a new infective agent called SpamThru, and discovered some very unusual things about it: It goes to incredible lengths to ensure that it is the only infection on the machine in question, namely, it downloads and installs a pirated copy of Kaspersky Antivirus, hacks it so that it doesn't check for a valid license key, and scans the infected machine to get rid of every other piece of malware that isn't SpamThru. Control of zombied machines is done with a peer-to-peer protocol that can …

    Read more...

2 / 2