-
- SophosLabs: 4 yrs jail for man who masterminded Bredolab botnet of 30 million computers http://t.co/yq2q5tkG #huzzah!10 minutes ago
- SophosLabs: Learn more about analog computing - and Bob Moog! http://t.co/B0dQjMdk31 minutes ago
- gcluley: DDoS attack brings down UK webhosting firm 123-reg http://t.co/kMwKEhRS (via @regvulture)about 1 hour ago
- gcluley: Bredolab: Jail for man who masterminded botnet of 30 million computers http://t.co/Sr9Ea3EYabout 3 hours ago
- gcluley: Rock-and-roll Google celebrates analog computing - and Bob Moog http://t.co/Ftd8ouN2about 7 hours ago
Articles by James Wyke
Digging Deeper on the TechCrunch Zbot
Last week the website belonging to TechCrunch Europe had malicious code planted on it, the payload of which was a variant of Zbot - Troj/Zbot-YP. There are several interesting aspects of this variant that are worth exploring in a little Read more…
Why won't my sample run?
Here at SophosLabs we have recently been seeing samples of Zbot (also known as the Zeus crimeware kit) that refuse to execute on any of our testing machines. Often when this happens it is because the sample is corrupt or will Read more…
Fake Car Tax Malware
Sometimes malware authors make it really easy to spot a scam. Today's email attachment campaign is a fake car tax update. Apparently the "Ministry of Transport" has made some sort of change to my car tax and details are in the attached Read more…
Miscellaneous Poisoning Blasts Off
Search terms for the recent shuttle launch and the Southern Entertainment Rap awards are currently the targets of SEO poisoning campaigns. Unprotected users who take the bait will become infected with FakeAV. Searching for combinations of these and other popular trend Read more…
Tiger's play too rough on Valentines Day
While most sane people around the world are enjoying a romantic Valentine's Day today, we at SophosLabs remain vigilant on the front line of the war against malware. This year, Valentines Day coincides with the Chinese New Year as well Read more…
Tiger still hot stuff
Despite talk of Tiger Woods' sponsors "limiting his role" in their advertising campaigns, he is still very much hot stuff when it comes to search engine queries which means he's still a viable target for the malware writers. We can Read more…
There's Malware on Elm Street this Halloween ... with pumpkins!
It appears that this Halloween the malware writers preferred choice of infection vector is by using SEO (Search Engine Optimization) techniques to poison popular search terms. We at SophosLabs have seen relatively few email campaigns that exploit Halloween this year, but there have been Read more…
Your Funds Will Be Transfered
This morning while monitoring our spam traps I was greeted with the following proposition: Added to the suspiciously poor spelling and grammar, the message also has an attachment named "WU Money Sent.exe." By this point any sane person would have Read more…
You don't have a job? Get a Govt Grant
While monitoring SophosLabs' spam traps this morning I came across a proposition with the following subject: You don't have a job? Get a Govt Grant Several things stand out from this email that make me think it is something other than Read more…
Sality Goes EPO
One of the more active families of file infecting viruses, Sality, has this week received a major overhaul in its infection method. Sality has been a major headache to AV companies and their customers due to constant changes in its Read more…
Not So Safe Girls
On a quiet Sunday here at SophosLabs, I was looking through our spam systems and noticed an interesting campaign. The email arrives with the message body along the lines of the following: hey cutie, are you stilll single? this is lydia Read more…
Thumbing a Lift
I was analysing a cheeky little Visual Basic Script Worm the other day, and noticed that it used a method of ensuring its persistence on the infected system that I had not come across before. VBS/AutoRun-UC copies itself using the filename Thumb.db, clearly designed Read more…
McColo shutdown lightens malware load
Not only has the take down of McColo last week (link, link) caused a massive drop in worldwide spam levels, but it would also appear to have resulted in a big drop in the level of malware being spammed out Read more…
Why even malware writers need anti-virus
One of the many interesting types of malware samples that we see at SophosLabs is malware that does rather more than its author intended it to do. We will receive a sample that typically has been packed with one of Read more…
To Junk Or Not To Junk
Following on from my colleague's post here concerning broken Sality infections, it is quite interesting to look at modern day polymorphic viruses and whether their propensity to junk files is wholly by accident or whether there is the occassional element of intent Read more…
