VB Blog

Necurs pump-and-dump spam campaign pushes obscure cryptocurrency

Posted by Martijn Grooten on Jan 16, 2018

A Necurs pump-and-dump spam campaign pushing the lesser known Swisscoin botnet is mostly background noise for the Internet.

Posted by Martijn Grooten on Jan 11, 2018

A 28-year old man from Ohio has been arrested on suspicion of having created the mysterious FruitFly malware that targeted macOS and used it to spy on its victims.

Posted by Martijn Grooten on Jan 10, 2018

At the start of the new year, Virus Bulletin looks back at the threats seen in the 2017 and at the security products that are available to help mitigate them.

Posted by Martijn Grooten on Jan 9, 2018

Spamhaus's annual report on botnet activity shows that botherders tend to use popular, legitimate hosting providers, domain registrars and top-level domains when setting up command-and-control servers.

Posted by Martijn Grooten on Jan 5, 2018

As tech support scammers continue to target the computer illiterate through cold calling, VB's Martijn Grooten uses his own experience to share some advice on how to investigate such scams.

Posted by Martijn Grooten on Jan 4, 2018

Just four days into the new year, two serious attacks in modern processors, dubbed Meltdown and Spectre, have been discovered. The attacks can be mitigated by patches to the operating system, but anti-virus software vendors need to make sure their products are compatible with the patches.

Posted by Martijn Grooten on Dec 22, 2017

Martijn Grooten reports on the 20th AVAR conference, which took place earlier in December in Beijing, China.

Posted by Virus Bulletin on Dec 22, 2017

Virus Bulletin researchers report back from a very interesting fifth edition of Botconf, the botnet fighting conference.

Posted by Martijn Grooten on Dec 21, 2017

(In)security is a global issue that affects countries around the world, but in recent years none has been so badly hit as Ukraine. Today, we publish the videos of two VB2017 talks about attacks that hit Ukraine particularly badly: a talk by Alexander Adamov (NioGuard) on (Not)Petya and related attacks, and another by Robert Lipovsky and Anton Cherepanov (ESET) on Industroyer.

Posted by Martijn Grooten on Dec 21, 2017

On its website, Facebook now shows which emails it has sent you recently, thus helping you to determine which emails are real, and which should be discarded as phishing.

Previous1...2526272829...215Next

Search blog

Storm mails bring spoof World War 3 news

US-Iran war story used as hook for malware barrage.
US-Iran war story used as hook for malware barrage. The Storm botnet has been spamming in force again in the past week, with its expected run targeting 4th of July celebrations in… https://www.virusbulletin.com/blog/2008/07/storm-mails-bring-spoof-world-war-3-news/

Macs under attack from trojan double whammy

Two new threats in a week spark worries of approaching Mac malware era.
Two new threats in a week spark worries of approaching Mac malware era. Users of Apple Mac systems, who have so far only suffered from minimal attention from malware creators, may… https://www.virusbulletin.com/blog/2008/06/macs-under-attack-trojan-double-whammy/

Trojan-to-worm automation tool spotted

GUI gizmo adds extra spreading menace to any malware.
GUI gizmo adds extra spreading menace to any malware. Researchers at Panda have discovered a simple and colourful graphical application designed to add basic worm techniques to… https://www.virusbulletin.com/blog/2008/06/trojan-worm-automation-tool-spotted/

File encryption blackmail scam returns

Kaspersky warns of new and nasty data-ransom trojan.
Kaspersky warns of new and nasty data-ransom trojan. Malware analysts at Kaspersky Lab have warned of the return of the 'Gpcoder' trojan, a nasty piece of 'ransomware' which… https://www.virusbulletin.com/blog/2008/06/file-encryption-blackmail-scam-returns/

Flash exploit used to steal gaming passwords

Despite initial panic, threat no longer believed to a zero-day exploit.
Despite initial panic, threat no longer believed to a zero-day exploit. In the past few days, thousands of websites have indirectly been serving malicious Adobe Flash (.SWF) files.… https://www.virusbulletin.com/blog/2008/05/flash-exploit-used-steal-gaming-passwords/

'Kraken' monster botnet causing controversy

As latest botnet scare debated, Storm keeps on blowing.
As latest botnet scare debated, Storm keeps on blowing. Recent reports of a massive botnet, apparently sneaking its trojans past security software and far outnumbering better-known… https://www.virusbulletin.com/blog/2008/04/kraken-monster-botnet-causing-controversy/

HP ships infected USB keys

Autorun worms found on batch of server setup devices.
Autorun worms found on batch of server setup devices. A batch of USB thumb drives containing software intended to assist in the setup of servers have been found to contain some… https://www.virusbulletin.com/blog/2008/04/hp-ships-infected-usb-keys/

Google Groups and Blogspot used to serve malware

Company finds own IP address to be serving most malware.
Company finds own IP address to be serving most malware.Malware writers have created thousands of Google Groups with the sole purpose of serving malware, Sunbelt reports. On the… https://www.virusbulletin.com/blog/2008/04/google-groups-and-blogspot-used-serve-malware/

Legitimate program becomes trojan downloader

Website of FlashGet attacked; malicious 'update' automatically downloaded.
Website of FlashGet attacked; malicious 'update' automatically downloaded. By hacking into the website of popular Windows download manager FlashGet, cybercriminals have managed to… https://www.virusbulletin.com/blog/2008/03/legitimate-program-becomes-trojan-downloader/

Habbo trojan steals passwords

Extension decorates your room... with malware.
Extension decorates your room... with malware. A trojan has been discovered that masquerades as an extension to social networking site Habbo, formerly known as Habbo Hotel. The… https://www.virusbulletin.com/blog/2008/02/habbo-trojan-steals-passwords/

More PDF exploits seen in wild

Adobe Reader and Acrobat flaws open way for further document attacks.
Adobe Reader and Acrobat flaws open way for further document attacks. A string of vulnerabilities in Adobe's PDF viewing and editing software, disclosed late last week by Adobe and… https://www.virusbulletin.com/blog/2008/02/more-pdf-exploits-seen-wild/

Fake security blogs lead to malware

Blogger sites play on fears to draw victims to porn, trojans.
Blogger sites play on fears to draw victims to porn, trojans. According to a report from Aladdin, numerous fake security blogs have been set up on the Google-owned Blogger blogging… https://www.virusbulletin.com/blog/2008/02/fake-security-blogs-lead-malware/

Phishing danger increases as Storm botnet is hired out

Smart new trojan and Storm diversification add to online banking risk.
Smart new trojan and Storm diversification add to online banking risk. The dangers of banking online grew significantly in past weeks, as portions of the ever-expanding Storm… https://www.virusbulletin.com/blog/2008/01/phishing-danger-increases-storm-botnet-hired-out/

Hundreds of legitimate websites being hacked into

New mass infection leaves security researchers puzzled.
New mass infection leaves security researchers puzzled. Web security company ScanSafe has reported a new mass infection of websites, which it claims accounts for 15% of the web… https://www.virusbulletin.com/blog/2008/01/hundreds-legitimate-websites-being-hacked/

Usual fare for holiday season

Storm ecards and social site spyware mark unsurprising year end.
Storm ecards and social site spyware mark unsurprising year end. With large portions of the globe celebrating various festivals over the past few weeks, an expected upsurge in… https://www.virusbulletin.com/blog/2008/01/usual-fare-holiday-season/

Cyber attackers breach defences at secret US labs

Spearphishing and trojans penetrate research lab security.
Spearphishing and trojans penetrate research lab security. At least one major US science lab, used to handle highly classified government and military material, has had its… https://www.virusbulletin.com/blog/2007/12/cyber-attackers-breach-defences-secret-us-labs/

Infected Seagate hard drives sold in Taiwan

External Maxtor disks shipped carrying autorun datastealer.
External Maxtor disks shipped carrying autorun datastealer. A shipment of Maxtor external hard drives, produced in Thailand by US-based Seagate and sold in Taiwan, has been found… https://www.virusbulletin.com/blog/2007/11/infected-seagate-hard-drives-sold-taiwan/

Phishing trojan targets Mac OSX

DNS hijack disguised as codec threatens Apple systems.
DNS hijack disguised as codec threatens Apple systems. A new trojan affecting Apple's Mac OSX operating system - a relative rarity in the malware world - has been seen in the wild.… https://www.virusbulletin.com/blog/2007/11/phishing-trojan-targets-mac-osx/

Melissa has users CAPTCHA'd

Spammers offer strip show for correctly completed CAPTCHAs.
Spammers offer strip show for correctly completed CAPTCHAs. Spammers have spotted a new opportunity for getting humans to help them get past the CAPTCHA tests put in place to… https://www.virusbulletin.com/blog/2007/11/melissa-has-users-captcha-d/

Storm spams promise spooky Halloween

Tricks not treats as skeleton game emails link to attack.
Tricks not treats as skeleton game emails link to attack. The 'Storm' attack has once again taken advantage of a popular cultural occasion to spam out the latest wave of links to… https://www.virusbulletin.com/blog/2007/10/storm-spams-promise-spooky-halloween/

« Previous 12345 Next »