PcsProtector
The creators of WiniGuard rogue security software have released their first clone of 2010. This new rogue is called PcsProtector.
-
-
One Y2010 bug surfaces – it could really fill the spam bucket
Mike Cardwell, an IT consultant in Nottingham, UK, reported on his blog finding a Y2010 bug in Spam Assassin. He found an error in a rule that Spam Assassin folks thought they fixed. “I think a lot of systems will be experiencing false positives on their ham because of this at the moment. It is…
-
Flash, Christmas and the new year
We see spam all the time. One of the most dependable things spammers do is to try and exploit various newsworthy events and holidays. Recently, we have seen spammers spreading malware using a combination of either or both flash updates andchristmas scams. Add one more to that list. Take for example, a spam I received…
-
Thrice Bitten, Not Shy
The one subset of malware which does not immediately seem motivated by financial incentives is the autorun worm. In fact the raison d’etre for this class of malware seems lodged in the annals of yesteryear; summarised in three words it could be “naive script-kiddy kudos”. Unlike the propagators of other classes of malware, ie professional…
-
Glike NOT
This is an interesting sample, caught by our honeypots. The file comes as a zip archive from qtpom{removed}.tripod.com/codec.zip, which once extracted looks like this: It is almost undetected. Virus Total report here. Truth be told, no blatant sign of malware activity is noticed at first until this: What the heck? This is not my Google…
-
Antivirus PC 2009
Antivirus PC 2009 is the latest rogue security software to hit the internet. Antivirus PC 2009 is a complete scam designed to harass PC users into buying the corrupt software. Antivirus PC 2009 will try to trick people into thinking that their PC is infected with malware and recommends purchase or registering the software to…
-
Fake Alert Uses McAfee-like Domain Name to Attract Victims
Cybercriminals love to use social engineering techniques to trick users into installing their malware. One of the latest fake-alert variants attempts to trick users into believing the software is related to or hosted by McAfee:mcafeevirusremover.com. The script hosted by the domain can attack the Windows browsers Internet Explorer, Mozilla Seamonkey, and Chrome. The script also…
-
No More Dragons: the 26th Chaos Communication Congress Ends
With a dazzling laser show, the 26th Chaos Communication Congress (26c3) in Berlin, the last big security conference of 2009, has ended. If you haven’t been here, you might have missed fewer of the sessions than people on site, thanks to the worldwide availablility of live streams (and recordings). What you did miss was meeting…
-
Seen in the wild: Specialty phishing
From a site that is hacked and serving phishes: What’s mildly interesting is the types of phishes — “speciality phishes” that are not your typical banking/finance scam. These are phishes that are highly targeted, in this case at email systems of tiny Hamiltom College (not the first time I’ve seen this), the religious site cfaith.com,…
-
2010 prediction roundup
It’s the time of year to make predictions. I only have one: in 2010, governments around the world will BEGIN to increase their efforts to do something about the massive malware threat that every Internet user on the planet faces. It’s going to be controversial and difficult legally and technically. It’s going to cost serious…