Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:


  • Recent Posts

  • Calendar

    July 2015
    S M T W T F S
    « Jun    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • Email Subscription

  • About Us


    Archive for the ‘Botnets’ Category




    In our monitoring of the GAMARUE malware family, we found a variant that used the online code repository SourceForge to host malicious files. This finding is the latest development we've seen since the increase in infection counts observed last month. SourceForge is a leading code repository for many open-source projects, which gives developers a free site that allows them to host and manage their projects online. It is currently home to more than 324,000 projects and serves more than 4 million ...




    Last March, I blogged about the Andromeda, a well-known botnet that surfaced in 2011 and is making a comeback this year. Just months after my report, we are still seeing notable activities from the said botnet, in particular a sudden boost of GAMARUE variants last week. The Andromeda botnet is a spam botnet that delivers GAMARUE variants, which are known backdoors and have a noteworthy way of propagating via removable drives. We’re keeping track of the GAMARUE infection for the ...

    Posted in Botnets, Malware | Comments Off on Keeping Up With the Andromeda Botnet



    Recent incidents highlight how frequently - and creatively - cybercriminals try to steal data. From "homemade browsers" to million-user data breaches, to the daily theft carried out every day by infostealers and phishing attacks, every day. All this stolen information ends up for sale in the underground to the highest bidder. From there, it can be used in many uniformly illegal ways - from identity theft, to credit card fraud, to launching attacks on other users. They can also be used to ...




    The Andromeda botnet - first spotted in late 2011 - has recently resurfaced. This threat arrives via a familiar means: spammed messages with malicious attachments or links to compromised websites hosting Blackhole Exploit Kit (BHEK) code. Here is one spam message we saw recently: Figure 1. Sample spammed message Andromeda itself is highly modular, and can incorporate various modules, such as: Keyloggers Form grabbers SOCKS4 proxy module Rootkits As is typical of backdoors, it can download and execute other files like ZeuS, as well as update and ...

    Posted in Botnets, Malware | Comments Off on Andromeda Botnet Resurfaces


    Mar4
    7:12 am (UTC-7)   |    by

    While spam botnets are well-known for sending out unwanted ads, especially for “rogue” pharmaceutical companies, they are also an integral component of malware distribution. In addition to sending out their own malware so that they can increase the size of their botnet, the miscreants behind these operations also earn revenue by installing additional malware supplied by Pay-Per-Install (PPI) affiliates, or “partnerkas”. We have examined the operations of the infamous Asprox spam botnet in some detail. Asprox is known for sending spam ...

    Posted in Botnets, Malware, Spam | Comments Off on Asprox Reborn


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice