Trend Micro security experts received email messages that supposedly came from Facebook. It asks recipients to update their login credentials for security purposes. It then instructs them to click the URL provided in the email message. When the user clicks the URL, it points them to a spoofed Facebook website where they are required to input their password only as their email address has been automatically filled up. Once the users hit the ‘Login’ button, it will redirect them to another ...

Anyone who has ever played a video game—whether in an arcade, using a gaming console, or on a PC—knows how a good kill can get one all excited and pumped up. Games that involve killing certain entities give us the thrill of being in such an exhilarating situation, without suffering any serious consequence. A certain Mac OS X game called Lose/Lose has been getting attention for its rather controversial effects. The game, created by Zach Gage, somewhat resembles the format of ...

Worm Exploits MS08-067 Bug DOWNAD, also known as the Conficker worm, was first seen in the wild taking advantage of the MS08-067 vulnerability. True to form, it propagated via shared networks. Like its predecesors—the Sasser and Nimda worms—it also raised security concerns with regard to a spike in port 445 activity. A few days after its appearance, reports suggested that the threat had spread. More than 500,000 unique hosts spread across networks in the United States, China, India, the Middle East, Europe, and ...

A few days ago, I got access to the source code of the well-known Elite Loader for free. Yes. It was published on one of the Russian underground forums. It even had a detailed description and screenshots showing how to use the application's command and control (C&C) server. Apart from dropping malicious files on infected machines, Elite Loader also allows malicious users to upload additional software to targeted systems to steal passwords or deploy spam or distributed denial of service (DDoS) modules ...

When BREDOLAB entered the threat landscape several months ago, it was initially thought of as a common downloader (that downloads executable files) designed for malware infection only. However, Trend Micro researchers noticed a sudden increase in its activities in August 2009. This pushed our researchers to delve more into the inner workings and behaviors of BREDOLAB. Our analysis then observed BREDOLAB’s connections to two notorious malware families, FAKEAV and ZBOT/ZeuS. The samples always include the aforementioned malware in its download repertoire. Adding BREDOLAB to their ...