Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Author Archive - Karla Agregado (Fraud Analyst)

    The release of Google+ was dubbed another try by Google to take on Facebook, which is currently the most popular social networking site. Its launch was well-accepted by the public, so well in fact that Google had to disable sending invites to new users (signing up was initially only available by invitation) due to “insane demand.”

    We haven’t found any threat within Google+ but we recently encountered a website that leverages the recent demand for Google+ invites despite making the network open to everyone.

    The site claims to offer downloadable invites. Trying to do so leads to a list of surveys that the user must answer in order to get an invitation.

    Click for larger view Click for larger view
    Click for larger view Click for larger view

    Read the rest of this entry »


    The world was all ears when U.S. president Barack Obama announced that known terrorist Osama bin Laden was killed by the U.S. special forces in a gunfight that occurred in Abbottabad yesterday.

    Twitter posted a graph of the number of Tweets per second from the night Osama bin Laden was reportedly killed, which shows a continuous increase in Tweeting activity, the most seen so far. Such attention from users is not surprising due to the emotional relevance of the event, not only to people from the United States, but also from other countries.

    It is no longer surprising to see peaks in social media activity due to the occurrence of global events. Nor is it surprising to see how fast cybercriminals leverage newsworthy events as social engineering ploys. The same trend was seen with the recent Japan earthquake. We saw a series of attacks that all took advantage of the disastrous event.

    An event as big as the death of a globally known terrorist will definitely not go unnoticed and will certainly be used in cybercriminal attacks. We can expect several attacks to leverage this emotionally charged development. In fact, within hours after the announcement, we already saw blackhat search engine optimization (SEO) attacks spread FAKEAV variants. We also saw attacks targeting social network users, particularly in Facebook, through pages that claim to contain videos showing footages of Osama bin Laden’s death.

    Click for larger view Click for larger view

    The code that the users were asked to copy and paste into their Web browsers’ address bar in this attack led to a script detected as JS_OBFUS.AB, which posts links that lead to the Facebook page shown above.

    Read the rest of this entry »



    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice