Articles by Prashant Kumar

Free online (Fake) AV scanner

Default image

I have seen many, many applications masquerade themselves as legitimate Anti-Virus software. Today I saw another version of a Fake online AV scanner Normally, FakeAV comes as an executable, which in turn downloads its other components. Then the executable starts Read more…

Do u want a wallpaper with your Fake AV?

Default image

Generally Fake Antivirus software mention all sorts of messages on the users computer to encourage/scare them into buying their product. This could be fake warnings, fake intrusion/infiltration reports, security warnings about certain executables or maybe simple dropping random "fake" malware files Read more…

Dumb messages from dumber malware authors

darks-assembly

From time to time we get some malware in which the authors have put in their own stupid messages. This one we got recently looks like an another attempt by a malware author to get some cheap publicity. Sophos detects this malware Read more…

FakeAV, now with sounds

Default image

Recently, creators of Fake Anti Virus software have been getting quite creative and somewhat "professional" in designing the look and feel of their fake software. Today I came across one with sounds. Whenever the malware does a fake scan and Read more…

Scam of the day - Bredos targeting Facebook

Default image

Today we have seen a surge in emails pretending to be from the social networking site Facebook. The message suggests that Facebook has modified the user's password to enhance user safety and that the new password is in a attached document. The Read more…

IMF money-making scam

IMF money-making scam

I have seen a lot of these lately. This one currently doing the rounds tries to dupe the reader into thinking that the International Monetary Fund (IMF) wants to use their accounts to transfer money meant for charity.   In the Read more…

Flash, Christmas and the new year

Image (1) use_1.jpg for post 20037

We see spam all the time. One of the most dependable things spammers do is to try and exploit various newsworthy events and holidays. Recently, we have seen spammers spreading malware using a combination of either or both flash updates and christmas Read more…

Christmas Bo(g)us

Image (1) christmas2.jpg for post 24887

Well, it didn't take long for the Christmas E-Card scams to start. Recently we have seen email messages pretending to be from Hallmark, suggesting that you have received an E-card from a friend. The complete email message looks like this: You Read more…

Flash, Large Hadron Collider and Malware

Flash, Large Hadron Collider and Malware

You must be wondering what these three have in common. They all appeared together in a special spam message today, in the latest incarnation of malware masquerading itself as a flash player plug-in. This message appears very dodgy from the start: Wow, Read more…

Fedex and the world of malware

Default image

Today while trawling through spam, I came across another variation of the good ol' FedEx scam. This version looks like this: Subject: FedEx Tracking N5421062126 Date: Tue, 20 Oct 2009 08:44:11 +0100 Unfortunately we were not able to deliver postal package Read more…

A Zimbabwean plea?

Default image

The Nigerian scams generally make very interesting reading. The stories created by the scammers seem too good to be true (and generally are as well). Here we see a member of Robert Mugabe's personal staff writing to some random person about how Read more…

Relationships 101: Don't write malware for Girlfriend !!

Image (1) honey_poem.jpg for post 24111

All, Today I saw what seems to be another dumb effort by some script kiddie to please his girlfriend. The author attempts to show off his soft side, by dedicating the Japanese band l'Arc-en-Ciel's hit song "Honey" to his partner. He Read more…

Are fake anti-virus writers getting lazy?

Image (2) 3_p.jpg for post 23853

I have seen Fake Anti Virus software before. In fact, SophosLabs have been seeing them in various of different forms, like 2. What stood out about today's sample (Protection System), was how easily it seems to have been created. Virus names Read more…

Italian Phishing scam

Image (1) italian.jpg for post 23789

Phishing attacks are no longer a new topic in the cyber world. Recently, one of the major Australian banks have been the target of a phishing attack. It seems like there are no geographical boundaries to these phishing scams, they Read more…

Call a Commonwealth phish?

Image (1) comm_new.jpg for post 23693

Recently we have seen a surge in phishes targeting Commonwealth Bank of Australia. Following on from last week (2), today we have seen a 'phone phish'. The phone number listed is a valid Australian number which can be dialed. Once dialed, Read more…

Stupid way to end piracy

Image (1) piracy.jpg for post 23681

Here in SophosLabs, we are quite used to seeing popular musician's images and names being used to spread malware. But this piece of malware I saw today attempts to stop global music piracy, which incidentally seems to be on the rise Read more…

Common Fish

Common Fish

Today I came across a phish, nothing new there but it was targeted at one of Australia's biggest banks, Commonwealth Bank.  The phish claims to be from the Commonwealth Bank, and looks like this -------------------------------------------------------------------------------------------------------------------------------- Dear Member, Your Online banking Read more…

Baby Malware

Image (1) bancos.gif for post 23646

The old ecard trick to spread malware never gets old, does it? In the past, we have seen ecards during neighbours. Now we have a cute little child trying to tell us that a secret admirer has sent us a Read more…

Mother's Day Scam

Image (1) momsday.jpg for post 23624

Here I am, working on a Sunday looking at all the different kinds of spam flowing into our spamtraps. It also happens to be Mother's Day, which means only one thing. Thats right ... a Mother's Day scam. This one pretends Read more…

Send malware the easy way...

Send malware the easy way...

Today while looking at the spam queue, I came across a very small message sent to multiple email addresses. The message was a simple link to a website like so.. The link mentioned in the message goes to a page Read more…