-
- ChetWisniewski: Fancy some geeky tech-puzzle fun? Try our latest #sophospuzzle (and win a NERF gun) http://t.co/9k3pr1Qaabout 3 hours ago
- ChetWisniewski: Looks like no #Canadians have solved the latest #sophospuzzle yet - c'mon, let's give'r http://t.co/9k3pr1Qaabout 4 hours ago
- SophosLabs: Sophos just released a beta of its free Android anti-virus scanner (does other things too). Get it here http://t.co/9ankUHxhabout 4 hours ago
- gcluley: Technical paper - Fake anti-virus: The journey from Trojan to a persistent threat http://t.co/8pyjNEbGabout 5 hours ago
Monthly Archives: April 2008
Blood Bank left under a malware cloud by website designer
SophosLabs has numerous automated systems that help analysts with day-to-day tasks. Everyday Fraser and I get emailed a list of infected websites. This morning one in particular piqued my interest. It was for a Blood Bank in Asia my thoughts Read more…
Former Miss Croatia's - Nina Moric - image abused
Today SophosLabs saw the image of the former Miss Croatia - Nina Moric - abused by malware. Nina isn't the first celebrity to be abused by malware and won't be the last. Troj/Srizbi-A uses the image to mask its activities. Read more…
An end of phishing?
Early last week I received a new toy security enhancement from my bank. The card reader is to provide an extra level of security for online banking. Will it be an end to phishing? and other bank fraud? It should Read more…
The [not so] Invisible Recycled Malware
In this modern age of GUIs, one-click-shopping, dragging-n-dropping and all things eye-candy, I still hang onto my trusty console window for sanity -- and with good reason. Microsoft Windows Explorer might make things look nice and easy to do, yet Read more…
From SecureCode to Verified by Visa
Approximately two weeks ago, we mentioned a phishing attempt targeting the Mastercard's SecureCode service [1]. We expected to see similar attempts targeting Visa's counterpart service, Verified by Visa. Today, we received one of the first samples: The email came with Read more…
You've been subpoenaed ...
We've been hearing about some very targeted emails relating to federal subpoenas, sent specifically to CEOs - a variation on a theme we've seen before. This sort of targeted malware attack has a lot in common with spear phishing, which Read more…
Another Day Another Worm With A Love Message
Being on the "other" side of the world, the Australian Lab virus analysts sometimes get the odd-looking malware in our time zone. Just because we're standing upside down (just kidding!) on this side of the planet compared with our North Read more…
Quality versus Quantity
A certain blockbuster movie would have us believe that, at the ancient battle of Thermopylae, 300 Spartans managed to hold off over 1 million Persians. Not quite the whole story, but it made for a good evening's entertainment. Meanwhile, how Read more…
OLE2 a popular malware delivery mechanism?
OLE2 (Object Linking and Embedding v2) is a Microsoft container file format which can hold objects of various types in a similar fashion to that files on in a file system. Due to the complex nature of this document format Read more…
The word of the day is drive-by
Drive-by: as in drive-by download the act of malware being installed on a computer while browsing hacked sites. Earlier this month we saw reports of a dictionary publishers website (Cambridge University Press) having being compromised with Troj/Badsrc-A. We were alerted Read more…
Wow - 1,122,311 threats out there
Browsing the BBC website this morning I came across this reference to how many malicious code threats are out there. Apparently the number is 1,122,311. Now that's a pretty big number by anyone's standards but this is the number officially Read more…
Plug-n-pray
The recent news of yet another storage device being shipped with "˜pre-loaded' malware raises the question on what level of trust we can assign to a fresh out of box device. In the most recent incident, HP shipped USB keys Read more…
Yours, Secretary of State for Health. Part III
Nearly a year ago SophosLabs blogged about am amusing Nigerian scam. We followed up the post with another showing some errors in the email messages. Yesterday, the Register posted about a similar scam. SophosLabs saw two slightly different variants of Read more…
Fake out
Recently, I was analyzing a file that had come in, and at first it looked like a standard downloading Trojan. Not very interesting, right? But instead of immediately writing a detection and moving on, I let it continue to run Read more…
Excel exploit squashed by BOPS
After receiving a few queries regarding the recent unspecified Microsoft Excel vulnerability (CVE-2008-0081) recently patched as part of MS08-014 I finally managed to receive a sample this week. As is usually the case with exploits we seem to have received Read more…
Unsubtle Storm
Today's new wave of Storm-related spam continues the love-based theme they started to use recently (subjects include "Somebody loves you", "I Wanna Be With You" and "I belong to you", message bodies proclaim "My heart was stolen", "For you...Sweetheart!", "Fallen Read more…
Kraken: a giant squid or a wet squib?
Yesterday I read a couple of news articles about the Kraken botnet - supposedly twice the size as that for Storm (aka Dorf) [1,2]. Interesting, and potentially worrying, especially when I read the references to low rates of AV detection Read more…
Add an extra layer of credit card security with SecureCode... or not...
Usually, bank account phishers ask users to confirm their accounts due to supposed maintenance, database corruption, or possible compromise of the users' accounts. Today we came across a phish of a different sort. Today's sample entices users to add security Read more…
Learning Wales gets you infected
Last month we reported a high profile site infected with Troj/Badsrc-A. Looking through the feedback we get from the WS1000 web appliance, we have seen some more high profile infected sites. As I write the website is still infected. SophosLabs Read more…
BBC TV identity fraud documentary now online
BBC One has now broadcast the TV documentary we told you about yesterday examining the problem of identity fraud. We've received a number of emails from viewers either asking questions about how they can better protect themselves online, or who just enjoyed Read more…
