Browsing Category: Malware

Microsoft .NET Plug-In Exposes Firefox Users to Malware Attacks

Categories: Malware

Remember that Microsoft .NET Framework Assistant add-on that Microsoft sneaked into Firefox without explicit permission from end users?
Well, the code in that add-on has a serious code execution vulnerability that exposes Firefox users to the “browse and you’re owned” attacks that are typically used in drive-by malware downloads.

Read more...

Outlook Web Access Attack Using Pushdo Botnet

Categories: Malware

By Sergey Golovanov
Here are some technical details on the Outlook Web Access phishing scheme.
1. The Spam
According to our preliminary research, the spam emails which attacked OWA users, including Kaspersky, were sent using the pushdo botnet – which is based on malware from the Backdoor.Win32.NewRes family. These Trojans spread via spam, social networks (in conjunction with the Koobface family) and through hacked websites.

Read more...

Inside the Pay-Per-Install Malware Economy

Categories: Malware

Secureworks researcher Kevin Stevens has written a must-read article on the Pay-Per-Install business model (PPI) that is used primarily to spread spyware and malware. 
The article discusses the way the affiliate system works, with layers of files and software programs that power the installation of malware on hijacked Windows computers.

Read more...

Botnet Caught Red Handed Stealing From Google

Categories: Malware

A recently discovered botnet has been caught siphoning ad revenue away from Google, Yahoo! and Bing and funneling it to smaller networks.

According to researchers at Click Forensics, computers that are part of the so-called Bahama Botnet are infected with malware that sends them to counterfeit search pages instead of the real thing. They look authentic, and with the help of DNS poisoning routines, they even display google.com yahoo.com or bing.com in the address bar.  Read the full story [The Register/Dan Goodin]

Read more...

The Malware Cash Factory

Categories: Malware

Over on our sister site Viruslist.com, researchers Sergey Golovanov and Igor Soumenkov have published an article that studies a single spam e-mail and  illustrates the methods used by cyber criminals to create botnets and conduct mass spam mailings. The methods and techniques used are clearly illegal in nature and have a single aim: to make cyber criminals rich.  Read the full story [viruslist.com]

Read more...

Malware Flea Market Pays Hackers to Hijack PCs

Categories: Malware

Among a slew of online cybercrime forums, Pay-Per-Install.org stands out as a malware flea market where shadowy pushers of Trojan downloaders and tools for evading detection are bargaining with thousands of would-be “affiliates” willing to compromise victims’ computers globally and get paid for it.
Top dollar goes to anyone who can compromise computers in the United States. Those who do the dirty work are paid $140 for every 1,000 U.S. computers they seed with bits of malware, to ready these victims’ computers for other types of criminal assaults such as stealing financial data, sending spam or pushing fake antivirus software.  Read the full story [Network World/Ellen Messmer]

Read more...