Some malware are more persistent than others – like WORM_VOBFUS. This recent heap of WORM_VOBFUS variants seen spreading on Facebook does not exhibit new routines, but it is a good reminder for users about well-known but easily forgotten safe computing practices. Based on our initial analysis, these WORM_VOBFUS variants that do not show any advanced…
Read MoreWe received inquiries about the Gauss attack, which garnered significant media attention as it drew comparisons to Flame. Gauss was designed to steal system-related information and gather banking, social networking, email and instant messaging (IM) credentials. Researchers also surmised that this is possibly the latest among the strings of state-sponsored attacks, which gathered awareness with…
Read MoreWe have recently analyzed a series of emails sent to specific users that leverage a certain prominent socio-political issue. One of these messages is about the supposed statement from the German Chancellor regarding the protests in Lhasa, Tibet. The From field indicates that it came from a key officer from the ATC or Australian Tibet…
Read MoreAs expected, criminals are now taking advantage of the notoriety of Stuxnet as a mechanism to deploy malicious code. Senior Threats Researcher Ivan Macalintal found poisoned search results that leveraged on this notorious malware threat. Some of the search strings used in this blackhat SEO campaign include “stuxnet SCADA,” “stuxnet removal tool,” “stuxnet cleanup,” “stuxnet…
Read MoreBusy day in TrendLabs today, first the full analysis of and news on ZeuS and SALITY, which are exploiting the Windows shortcut vulnerability. Now we’ve identified a ton of compromised websites leading to an “online pharmacy.” We’re currently seeing a wave of fake pharma spam that do not directly advertise the URL of the fake…
Read More