Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    August 2015
    S M T W T F S
    « Jul    
  • Email Subscription

  • About Us

    Author Archive - David Perry (Global Director of Education)

    Today we have a confluence of several mixed signals, amounting to a bit of confusion and a potential threat. Suppose you were searching Microsoft BingTM for a download of the popular browser, Google Chrome. You may get a screen like this:

    Click for larger view

    And that is just as you would expect it to look. Most people would click the very top link, which is, as it says right on the page, a paid advertisement. You would get redirected to a download page where you could get an immediate connection to download Chrome. This is where that link would take you.

    Click for larger view

    Read the rest of this entry »


    Each summer when the weather is hottest, I pack my bags and head out to Las Vegas, Nevada. Why would I leave my nice home by the ocean and go to a blistering desert? Only one thing would make me and that is DEFCON. DEFCON and its more professional compatriot, Black Hat, is what amounts to the leading hacking conference in the world. Now, this might sound like it is less than legitimate in nature and, in some ways, it is. Blackhat hackers (the bad guys) are joined by whitehats (aka security researchers) and grayhats. What color is my hat? At a gathering like this, I wear strictly Mickey Mouse ears and I use them to listen to everyone else.

    A massive range of topics is discussed during such a conference, which has grown to include thousands of people interested in wireless and ATM security, lock picking, Web hacking, and more. More than 100 lectures, workshops, hacking competitions, and a computing museum may give you a basic idea on what goes on at DEFCON. This was DEFCON 18, the 18th annual conference. There will be other DEFCON conferences in Asia and Europe and, soon, South America and the Middle East as well.

    But Vegas is the daddy of them all. More than 10,000 hackers attended this years DEFCON and there I learned some startling facts.

    • WPA2, the current standard in wireless security, is broken.
    • Vulnerabilities have been found in nearly everything (too many to list here).
    • An ATM can actually be hacked to spit out money just like in the movies!

    I will write more about the specific issues I saw this year later. Until then, if you have a professional or personal interest in computer security, you should join the government agents, system administrators, doctoral candidates, future angels and demons of the Internet, and me at DEFCON 19 next year. Im easy to spot, I will be the one listening in. You can find out more at DEFCONs official site.

    Posted in Bad Sites | Comments Off on Thoughts from DEFCON 18

    May 4, 2000 hit the world with what was then the biggest ever computer virus. It was important that this, along with all other email viruses, was right out in the open, visible to everyone. Each user could see the email in question and after a couple of days, every user knew it was a virus and everyone clicked it anyway. It ran up into the millions and got a ton of media coverage.

    The LOVEBUG or VBS_LOVELETTER was a regular email-borne virus. What made it successful at the time was the fact that it used the best social engineering technique ever—using I love you as subject, knowing that everyone wanted to be loved.

    The email attachment was a Visual Basic script (.VBS) file disguised by having a double extension. The full name of the file was actually LOVE-LETTER-FOR-YOU.TXT.vbs . Windows hid the second extension by default so it appeared to be a regular .TXT file. While not actually vital to the code process, this default hidden extension procedure enabled thousands of viruses in the early 21st century to proliferate.

    Click for larger view

    VBS_LOVELETTER overwrote existing system files with copies of itself. It also transformed music, multimedia, and other files into relaunch points to avoid removal. Furthermore, it used the victim’s mailbox as a means to proliferate, as the sender would appear to be someone recipients knew.

    Its success even resulted in reports of email systems having to be shut down just to get rid of the worm. Though VBS_LOVELETTER variants did not infect email servers nor did they infect email clients in victims’ systems, they did infect client systems. As such, VBS_LOVELETTER proved to doubters worldwide that viruses actually existed, as many still doubted the claims we made because almost all of the malware we saw then were “invisible.”

    It has been a full decade since the “love bug” caught everyone, including security experts by surprise. After causing panic worldwide, this mass-mailing virus still serves as a constant reminder for security experts and malware authors that malware will constantly evolve and the number of samples increase.

    These days, threats have morphed into tools used by criminals to steal money, data, and information.  Security has evolved, too, but Trend Micro continues to block millions of threats everyday!



    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice