Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    February 2013
    S M T W T F S
    « Jan   Mar »
     12
    3456789
    10111213141516
    17181920212223
    2425262728  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for February 14th, 2013




    Note:

    Some of the apps discussed in this blog entry were developed with an older adware SDK that did not contain opt-in provisions, particularly regarding the ability to collect information and display ads outside of the original app. The adware SDK has since been updated to this capability to comply with Google’s developer policies; apps that use this newer version are no longer considered high-risk.

    More details about this change can be found in our December 2012 Monthly Mobile Review: The Hidden Risk Behind Mobile Ad Networks.

    Valentine’s Day is here, and once again, we remind users to be careful online during this special occasion, whether or not you have a reason to celebrate it. Several entries in this blog should have already established Valentine’s Day (or love in general) as a favorite topic used by cybercriminals, and this year is no exception. Granted, with today’s more digitally connected lives, other love- and relationship-related issues come to mind—online privacy and reputation management (do you share passwords with your loved ones?) and inappropriate content (sexting), to name a few—but looking at the data gathered through the global sensors of our Smart Protection Network™, the more, shall we say, “old-school” web threats are still getting some traction.

    Below is a 30-day snapshot of hits to malicious sites and detected files with keyword “valentine” in it:

    Malicious-URLs-2013

    Figure 1. Malicious URL hits related to “valentine” from January to Feb. 14

    Malware-Valentines-2013

    Figure 2. Malware detections related to “valentine” from January to Feb. 14

    The increasing trend as February 14 approaches is not surprising. Nor does the correlation between the file and web reputation; indeed, it seems that majority of the Valentine-related threats that affected users are Trojans that usually arrive via malicious sites. We can assume here that these users were searching for something Valentine-related, clicked a link, and the Trojan was downloaded automatically.

    But what are these users actually looking for? “My Bloody Valentine” (which refers to pirated copies of both the movie and the music band) aside, several of the URL keywords we’ve seen still reflect the commercial side of Valentine’s Day. These range from coupons, to e-cards, to “last-minute gift ideas.” What is more interesting to note, though, is that some of these keywords reflect the user’s “post-PC” behavior: terms like “free download happy valentine day 2012 love quotes funny sms text” and the several “wallpaper backgrounds” or “animated gifs” were seen, indicating the shift of user behavior towards something more social (posting images and gifs in Facebook or Tumblr) and mobile (sending texts, MMS, etc.).

    Read the rest of this entry »

     



    The new zero-day vulnerability in Adobe Reader may have some people wondering if there’s a way to use Portable Document Format (PDF) files more safely. The answer is yes: you can reduce your risk in using PDF files. Here’s how.

    First of all – and this can’t be stressed enough – keep your PDF reader up to date. Many popular PDF readers incorporate some sort of autoupdate function to make this easier for you. Be careful about downloading “updates” from unknown download sites, as frequently these turn out to be malicious. Use the built-in autoupdate feature or download directly from the developer’s website instead.

    In addition, we won’t mention the usual bits of advice like don’t open suspicious files or websites, etcetera. Let’s assume that if an attack does occur, it will be by a reasonably non-obvious method, like Blackhole spam runs.

    You can be exposed to malicious PDF files in many ways, but broadly speaking they can be categorized as either in the browser or out of it. In the browser attacks are just that – PDF files opened within browsers using either external add-ons or the browser’s own capabilities. Exploit kits are an example of how users can be exposed to PDF files in their browser.

    By contrast, here is an example of out of the browser attacks: files which are saved onto the computer from a mail client or the browser and then opened in the PDF reader itself.

    What you can do in the first case is reduce your usage of plug-ins to open PDF files. Both Google Chrome and Mozilla Firefox can use integrated PDF readers that make relying on external apps unnecessary. (For Chrome, it comes built-in; for Firefox it has to be downloaded as a separate add-on. To use these, it may be necessary to disable any plugins installed by PDF readers. The way to do this differs from browser to browser.

    Read the rest of this entry »

     


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice