We've recently encountered malware that grabs MS Word and Excel files from users' infected systems and then uploads them to the file hosting site sendspace.com. Sendspace is a file hosting website that offers file hosting to enable users to "send, receive, track and share your big files."
Sendspace was recently used for dropping stolen data but wasn't done automatically by malware. As reported late last year, hackers used Sendspace for rounding up and uploading stolen data.
However, this is the first time we're ...
Last year, the security industry was plagued by a series of APT reports, which included the "Nitro Attack". The backdoor used here is known as PoisonIvy or BKDR_POISON. Its builder is available online. Security vendors have then taken measures to counter this threat to help customers battle against similar infections in the future. However, a recent discovery of the downloader's stealth mechanism proved that the fight is not yet over.
We thought that there was nothing much to see when we ...
We already knew that more and more people are becoming tablet and smartphone owners, but two new surveys that were released just this week reinforced that. A Google/Ipsos poll found that smartphone use was growing in all 5 surveyed countries. In the US, smartphone ownership rose from 31% to 38% of the population by September/October 2011. Over the holiday, a separate Pew poll found that ownership of eBook readers and tablets doubled.
Increasingly, threats to users are "going mobile" - and ...
Last week we came across a report about a Plankton variant embedded in various apps emerging in the Android Market. One of the samples we inspected is a puzzle game called Sexy Ladies-2.apk, which is detected as ANDROIDOS_PLANKTON.P along with many other apps related to it.
Other external reports tell of the millions of app downloads with similar suspect code, which led to coining it as the "largest Android malware outbreak ever". In that report, the analyzed application is a puzzle game. It ...
It's never too early to get ready for Valentine's day, it seems, even when it comes to malicious attacks. Recently, I came across a scam in Facebook that leverages the upcoming occasion.
The said attack begins with a post on affected users' wall inviting other users to install a Valentine's theme into their Facebook profile.
Once users click on this post, they are redirected to another page that urges them to install the said theme. Note that this attack only works on ...
