A few weeks ago, we have been alerted by our colleagues from Korea to a specially crafted Hangul Word Processor document (.hwp) that exploits an application vulnerability in the Hancom Office word processing software. The file extension .HWP is a popular Korean word processor file format – just the right format for targeting Korean prospective…
Read MoreDuring my investigation of mobile threats in the wild, I discovered a spytool, which is currently available on Google Play, that is actively being discussed on certain hacker forums. This tool’s beta version is available on the site since March 11. An estimated 500 – 1000 users have already downloaded the said spytool, which Trend…
Read MoreThe continuing increase in visitors to the Pinterest site may be a primary reason why it’s becoming a hit for cybercriminals’ scams and schemes. In March, we spotted scammers using popular brands to lure users into “pinning” fake posts that led to surveys scams. This new wave of survey scams I found came from my…
Read MoreRecently, Trend Micro researchers encountered a potential vulnerability that affected users of Yahoo! Mail. We discovered several emails used in targeted attacks that contained JavaScript in the “From” field that attempted to launch a Document Object Model (DOM)-based cross-site scripting attack against the recipients of the email. However, we were not able to replicate the…
Read MoreWe recently received reports about private messages found on Facebook and distributing a link, which is a shortened URL pointing to an archive file “May09-Picture18.JPG_www.facebook.com.zip”. This archive contains a malicious file named “May09-Picture18.JPG_www.facebook.com” and uses the extension “.COM”. Once executed, this malware (detected as WORM_STEKCT.EVL) terminates services and processes related to antivirus (AV) software, effectively…
Read More