VB Blog

WireLurker malware infects iOS devices through OS X

Posted by   Virus Bulletin on   Nov 6, 2014

Non-jailbroken devices infected via enterprise provisioning program.

Read more  

VB2014 paper: DMARC - how to use it to improve your email reputation

Posted by   Virus Bulletin on   Nov 6, 2014

Terry Zink presents case study in which he describes setting a DMARC policy for Microsoft.

Read more  

VB2014 Paper: Well, that escalated quickly. From penny-stealing malware to multi-million-dollar heists, a quick overview of the Bitcoin bonanza in the digital era

Posted by   Virus Bulletin on   Nov 4, 2014

Santiago Pontiroli takes us on a rollercoaster ride through cryptocurrency land.

Read more  

The VB2014 presentation you never saw. Early launch Android malware: your phone is 0wned

Posted by   Virus Bulletin on   Oct 31, 2014

Malicious apps may have more privileges than security software.

Read more  

CVE-2012-0158 continues to be used in targeted attacks

Posted by   Virus Bulletin on   Oct 31, 2014

30-month old vulnerability still a popular way to infect systems.

Read more  

Paper: Invading the core: iWorm's infection vector and persistence mechanism

Posted by   Virus Bulletin on   Oct 30, 2014

Malware spreads through infected torrent, then maintains persistence on the system.

Read more  

New IcoScript variant uses Gmail drafts for C&C communication

Posted by   Virus Bulletin on   Oct 29, 2014

Switch likely to make modular malware even stealthier.

Read more  

VB2014 paper: Hiding the network behind the network. Botnet proxy business model

Posted by   Virus Bulletin on   Oct 28, 2014

Cristina Vatamanu and her colleagues describe how botherders keep their C&C servers hidden.

Read more  

VB2014 paper: Methods of malware persistence on Mac OS X

Posted by   Virus Bulletin on   Oct 27, 2014

'KnockKnock' tool made available to the public.

Read more  

Tor exit node found to turn downloaded binaries into malware

Posted by   Virus Bulletin on   Oct 24, 2014

Tor provides anonymity, not security, hence using HTTPS is essential.

Read more  

Search blog

VB2016 paper: Modern attacks on Russian financial institutions

Today, we publish the VB2016 paper and presentation (recording) by ESET researchers Jean-Ian Boutin and Anton Cherepanov, in which they look at sophisticated attacks against Russian financial institutions.
Today, we publish the VB2016 paper "Modern attacks on Russian financial institutions" (here in HTML format and here in PDF format) by ESET researchers Jean-Ian Boutin and Anton… https://www.virusbulletin.com/blog/2016/december/vb2016-paper-modern-attacks-russian-financial-institutions/

Grum botnet's command-and-control servers shut down

Spam-sending botnet believed to be third largest in the world.
Spam-sending botnet believed to be third largest in the world. International co-operation between a number of parties has led to all command-and-control servers of the 'Grum'… https://www.virusbulletin.com/blog/2012/07/grum-botnet-s-command-and-control-servers-shut-down/

Cybercriminals frustrated with botnet trackers

Drastic measures discussed by users of online forum.
Drastic measures discussed by users of online forum. Russian cybercriminals are willing to go to great lengths to frustrate services that hinder botnets created with the ZeuS and… https://www.virusbulletin.com/blog/2011/03/cybercriminals-frustrated-botnet-trackers/

Spammers move from China to Russia

Stricter rules on registering .cn domains leads to increase in malicious .ru domains.
Stricter rules on registering .cn domains leads to increase in malicious .ru domains. A change in the rules of the organization responsible for registering .cn domains has resulted… https://www.virusbulletin.com/blog/2010/02/spammers-move-china-russia/

Russian Business Network leaves Russia

Leading cybercrime hosting hub moves business to fresh pastures.
Leading cybercrime hosting hub moves business to fresh pastures. The notorious Russian Business Network (RBN), recently making headlines for the massive amounts of malicious and… https://www.virusbulletin.com/blog/2007/11/russian-business-network-leaves-russia/

St. Petersburg US Consulate website hacked

Malware served by official government site.
Malware served by official government site. Web-watchers at Sophos have reported spotting malware hosted on the website of the US Consulate in St. Petersburg, using obfuscated… https://www.virusbulletin.com/blog/2007/09/st-petersburg-us-consulate-website-hacked/

Estonian websites suffer wave of DoS attacks

Baltic republic accuses Russia of cyber-warfare.
Baltic republic accuses Russia of cyber-warfare. A wave of denial of service (DoS) attacks on Estonian websites has prompted the Estonian government to accuse its neighbour of… https://www.virusbulletin.com/blog/2007/05/estonian-websites-suffer-wave-dos-attacks/

DoS attacks support political unrest

Estonia rioting backed up by attacks on government websites.
Estonia rioting backed up by attacks on government websites. Severe rioting in Estonia, sparked by anger over the removal of a Russian monument from a prominent war memorial, has… https://www.virusbulletin.com/blog/2007/05/dos-attacks-support-political-unrest/

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.