Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    November 2012
    S M T W T F S
    « Oct   Dec »
  • Email Subscription

  • About Us

    Archive for November 23rd, 2012

    This part of the year is a popular time for people to buy their electronic gadgets, including smartphones. With this in mind, three major smartphone platforms – iOS, Android, and Windows Phone – have all been updated with new versions for this year’s shopping season.

    To give users an overview of this development, this month’s Monthly Mobile Review focuses on the new security features in each of these updates – namely, iOS 6, Android 4.2 (Jelly Bean), and Windows Phone 8.

    Apple’s iOS 6 primarily focuses on improvements to the user’s personal data, with settings that control which apps have access to your information, and can even control what kind of information each app has access to. Similarly, Jelly Bean’s security improvements include an integrated scanner for malicious apps, as well as improvements in how Android displays the permissions an app is asking for. Not to be outdone, Windows 8 for mobile offers a multi-layer protection and boasts three key security features.

    In addition to looking at the mobile platforms, we also examined the security of using near-field communication (NFC) and discussed tips that consumers can follow to use NFC securely.

    Posted in Mobile | Comments Off on Evolving Mobile Platforms: How Secure Are They?

    Recently, the website “Hoax Slayer” pointed us to a spammed email message that warns users of a Tsunami and encourages them to click on a link to watch a video. The article, which the cybercriminals made to look like it came from “”, claims that experts have predicted that a Tsunami will hit Australia on New Year’s Eve.

    The “watch now” link connects to {BLOCKED} and downloads a file that pretends to be an AVI in a ZIP archive. In actual, “sunami_australian_agency_of_volcanology_and_seismology.avi.pif is a malicious file which Trend Micro detects as BKDR_DOKSTORMC.A.

    Based on our analysis, this backdoor connects to {BLOCKED}, which resolved to {BLOCKED}.{BLOCKED}.13.114 (but currently resolves to {BLOCKED}{BLOCKED}.116.223). It remains unclear who is behind the attack and what the motivation may be.

    The malware is a Remote Access Trojan (RAT), known as Arcom RAT, and it is sold on underground forums for $2000.00. However, there are many forum posts complaining that the said RAT is overpriced. There are also free cracked versions available for download from a variety of sources.

    Arcom RAT was reportedly authored by “princeali” who has been actively coding RATs and malware for about a decade. The alias “princeali” is connected to a group known as NuclearWinterCrew which created the infamous NuclearRAT.

    Read the rest of this entry »

    Posted in Malware | Comments Off on Tsunami Warning Leads to Arcom RAT


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice