Botnet
Point of sale devices and Canadian banks targeted by Citadel malware variant
A new variant of the prevalent Citadel crimeware kit has been discovered to target Point of Sale (POS) devices. Find out more, in this analysis from SophosLabs expert James Wyke.
Bank-raiding Gozi malware - three men charged in New York
The DoJ has published five "charging documents" filed in New York yesterday against three men accused of operating a bank-raiding malware enterprise.
The documents give a fascinating insight into a cybercrime operation...
Polish CERT acts against Virut malware with domain takedowns
CERT Polska has announced takedown action against web properties associated with a huge botnet known as Virut.
Paul Ducklin takes a look at takedowns, and why they are important even if their effectiveness is often short-lived...
How a regular IT guy helped catch a botnet cybercriminal
Veteran cybercrime investigator Bob Burls looks back on a case where the diligence of an IT professional helped convict a botmaster who had made tens of thousands of dollars.
Suspected gang behind the $850 million Butterfly botnet arrested
Facebook helps the FBI arrest 10 suspected members of an $850 million botnet gang.
The Citadel crimeware kit - under the microscope
Ever since the source code of Zeus/Zbot leaked in May 2011, many new variants have appeared.
One particularly prevalent example is Citadel.
James Wyke of SophosLabs puts it under the microscope....
Sophos Security Threat Report 2013 - the safest and riskiest countries revealed
Download the free Sophos Security Threat Report, looking back over 2012 and exploring what security threats and trends we will all be facing tomorrow.
W32/VBNA-X worm spreads quickly through networks and removable media
A new particularly virulent version of the malware family known as W32/VBNA (also SillyFDC/Autorun) is spreading very quickly. It takes advantage of Windows Autorun and some very clever social engineering techniques to plant banking Trojans on victim computers.
Counterattack! Suspected hacker caught on HIS WEBCAM, while spying on Georgia
The Georgian government's CERT (Computer Emergency Response Team) claims it has linked an internet attack to Russia's security services, and even turned the tables on a hacker it believes was involved by secretly taking over his computer and taking video footage of him.
Are you ready for International Kill A Zombie Day, 2012?
Forget trick-or-treating, use the excuse of Halloween to exterminate some zombie computers instead!
India spews more spam than ever before, report finds
You can thank India for one out of six spam messages in your inbox, up from one in 10 when SophosLabs last put out its list of the Dirty Dozen top spam-relaying countries. The UK has upped its spam output as well, meaning it's rejoined the dirty dozen after an 18-month hiatus.
Skype worm spreads, using LOL trick to infect unwary users
Skype users are warned to be on their guard, regarding malicious instant messages that have been sent through the service, designed to infect Windows computers.
Microsoft settles lawsuit against 3322 dot org, reveals scale of Nitol botnet in China
Just over two weeks ago, we wrote enthusiastically about Microsoft's legal action against 3322 dot org.
That lawsuit has now been settled, with 3322 dot org's operator agreeing to a range of security-related conditions to get his domain back.
How Earth Day could save both the planet... and the internet
Earth Day really did make a difference - at least in the world of internet security.
That's one of the conclusions revealed in a paper presented today at the Virus Bulletin (VB2012) conference in Dallas, Texas.
SSCC 98 - RSA keys, Blackhole exploits, Nitol botnets and Apache takes potshots at Microsoft
Duck joins Chet to take on the latest security news.
As usual, they don't mince their words, so take a listen and enjoy a quarter-hour mix of news, opinion, advice and research..
Microsoft gets control of zombie domain, warns about malware "in the supply chain"
Microsoft has announced, with perfectly rightful excitement, that a court in Virginia, USA, has given it control over the domain 3322 dot org.
This is one of the most prevalent call-home locations used by the Nitol malware - a family with tens of thousands of known variants.
Suspected Mariposa botnet mastermind goes on trial
A hacker, believed to have created the Mariposa botnet which compromised millions of computers across the globe, has gone on trial in Slovenia.
Indian computers the worst for flooding the internet with spam, report discovers
SophosLabs reports on the top twelve spam relaying countries for April - June 2012.
Android spam bots? What we know for sure
There is quite a lot of debate out there about Android devices participating in spamming botnets. Chet Wisniewski tries to clear the air about what we are seeing in SophosLabs.
Android botnet wants to sell you Viagra, penny stocks and e-cards
Criminals have created a botnet of Android phones to send spam messages using Yahoo! mail. The malware problems on Android continue to grow and mimic their Windows cousins.
