Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Archive for 2012

    Nowadays, we no longer use just our computers to connect to the Internet. We have our smartphones and our tablets that pretty much put the Internet right into our pockets. We are so connected to it, to the point that even gadgets that used to be “offline” can now be connected to the web. Gadgets such as media centers, game consoles, TVs, home automation systems, surveillance cameras, digital cameras, and the like are now Internet-enabled, making it easier than ever to connect. Very convenient, yes, but now we face this very important question: how safe is it to connect these devices to the Internet?

    In our recently released 2013 predictions, Raimund mentioned that we will see more security threats appear in unexpected places. I find this forecast valid. Recent history has showed to us that the infrastructure used for new Internet-enabled devices can be accessed by third parties. We’ve seen researchers prove that they can gain unauthorized access to Internet-enabled devices such as printers, heart devices, and even coffee makers. A more recent example of this is a vulnerability found in Samsung’s Smart TV which can be abused to steal information and even “root” the TV.

    So far, the focus of research around this is on locating vulnerabilities. However, while part of the research is done to provide better security for the end users, the other part accounts for research in order to identify new ways to steal money and information.

    Read the rest of this entry »

    Posted in Bad Sites | Comments Off on New Gadget + the Internet = New Threat

    Deviating from its usual window-style interface, Microsoft’s Windows 8 operating system (OS) has excited customers with its tiled design and its promise of built-in security. The company released its new OS before November started, just in time to generate buzz before Black Friday and Cyber Monday. As a result, we saw Windows 8 devices making it to best deal offers from Sony, Costco, and Best Buy.

    Now that Windows 8 is out in the market, the discourse turns from what’s new to why bother. What’s new is that Windows 8 offers a sleek computing experience while it answers longtime security problems, syncs to the well-loved cloud, and allows for easy sharing, among others. Some critics however find that many customers might not see the worth in shifting to the new OS, especially after they’ve grown to love Windows 7.

    Still, security features in Windows 8 may just change the mind of many. We saw the platform offer several key security improvements, which, though mostly unseen by users, can be very effective in warding off threats. Our CTO Raimund Genes also mentioned this in his 2013 predictions, although he also noted that the improved security will be enjoyed mostly by consumers, since adopting to a new operating system is something that enterprises are known to have difficulty handling.

    Read the rest of this entry »


    The perpetrators behind the police ransomware are no longer just using the reputation of law enforcement to build credibility for their schemes — they’re using those of security vendors as well.

    We’ve spotted a police ransomware variant which tells of a supposed “treaty” between the law enforcement and antivirus vendors. It even has icons of these security vendors to appear legitimate. Trend Micro detects this new ransomware variant as TROJ_REVETON.IT.

    According to our findings, the .DLL file in the malware variant contains a lock screen image which contains logos of various antivirus companies such as Trend Micro, Symantec, McAfee, Sophos, and Microsoft among others. The text goes on to say, “To make the work of the Police more effective, on December 04, 2012 the International Treaty was signed between the companies who developes anti-virus software for identification of cyber-criminals.”  Of course, this is merely a ruse to trick people into believing its legitimacy. Once the malware is executed, it locks users’ computers and displays the fake message that says “Your computer has been locked. You have broken the law, your actions are illegal and will lead to criminal liability.”

    Read the rest of this entry »


    Experts are predicting this holiday season will be the biggest holiday season for mobile devices yet. Whether it’s Android or iOS, phones or tablets, odds are good that you or someone in your family will be unwrapping and using a new device this holiday season.

    But once you unwrap your new device and turn it on before you do anything else, you should take some time to secure your device properly. Installing security software, configuring settings on the device to protect your security and privacy: these are all things you should do next after turning it on.

    In our new infographic “Unwrapping Mobile Security,” our experts step you through some things you can and should do to make sure your devices and your kids’ devices are set up to help better protect them.

    Take a few minutes to check it out and have a safe and fun holiday season.

    Posted in Mobile | Comments Off on [Infographic] Unwrapping Mobile Security During the Holidays

    Since data is the new digital currency, it is not uncommon to read about data stealers designed to collect users’ personally identifiable information (PPI) like credit cards, etc. So the entry of ‘Dexter’ in the threat picture comes as no surprise, especially as the holiday season draws near.

    There are reports of a malware that targets point-of-sale (POS) systems used to store payment card data. Point-of-sale (like checkout counters) is typically where payment for goods and services occur. Given the wealth of data found on these payment hubs, it’s expected that these are the next targets of cybercriminal activities.

    Dubbed ‘Dexter’ (Trend Micro detection BKDR_DEXTR.A), the malware was reportedly found in (POS) systems of popular establishments, hotels, and other businesses. Currently, the arrival infector remains undetermined. However, it is unlikely that the malware is downloaded from malicious sites, as the POS systems are typically not used for web browsing.

    Based on our analysis of the malware, BKDR_DEXTR.A downloads files, sends information, and checks memory for information among others. But the centerpiece of the malware is its ability to collect and send certain information to a remote server. Some of the possible data that can be stolen from POS systems include such as username, hostname, key to decrypt the sent information, OS information, and list of running processes. These data are then presumably duplicated by remote malicious users.

    Read the rest of this entry »

    Posted in Malware | 1 TrackBack »


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice