2010年3月28日 星期日

FW: Malware Blog news pickups: March 20-26, 2010


-------------------------------------------
From: All of PH AV Technical Marketing
Sent: Monday, March 29, 2010 11:27:36 AM
To: Newsbank; Marketing Writers
Subject: Malware Blog news pickups: March 20-26, 2010
Auto forwarded by a Rule


Pageviews to blog posts picked up

 

 

20-Mar

21-Mar

22-Mar

23-Mar

24-Mar

25-Mar

26-Mar

Malware Blog

1,491

1,810

2,361

2,573

3,838

4,158

2,170

Search for News on Corey Haim’s Death Leads to FAKEAV
by Sheryll Tiauzon

3

7

8

2

4

2

3

“Obama Accident” Instant Messages Used to Spread Malware
by Jonathan Leopando

14

17

13

9

10

4

0

FAKEAV with LSP Routine
by Kathleen Notario

-

5

112

59

108

41

3

New ZBOT Variants Targeting European Banks
by Loucif Kharouni

-

-

-

-

286

148

13

Anne Curtis’ “Nip-Slip” Leads to FAKEAV
by Carolyn Guevarra

-

-

-

-

121

1,357

258

Spam with “Pictures” Used to Spread ZBOT
by Jonathan Leopando

-

-

-

-

254

44

3

Shanghai Expo Spam Carries Backdoor
by Jonathan Leopando

-

-

-

-

-

224

76

Search for News on Corey Haim’s Death Leads to FAKEAV

“Obama Accident” Instant Messages Used to Spread Malware

FAKEAV with LSP Routine

New ZBOT Variants Targeting European Banks

Anne Curtis’ “Nip-Slip” Leads to FAKEAV

Spam with “Pictures” Used to Spread ZBOT

Shanghai Expo Spam Carries Backdoor

 

 

ZBOT Trojan Targets European Banks

The New Internet, US – Mar 26

“At this point, we do have the data that show that these banks are indeed being currently targeted,” said Trend Micro’s advanced threats researcher Ivan Macalintal. “We are including some names of the banks here to make people aware.”

 

Malware in Fake Reports of President Obama’s Death

SPAMfighter, DK – Mar 26

The security researchers of Trend Micro have discovered a malware movement on the famous Internet Messaging (IM) service in the last few days which tries to dupe the users on harmful links that circulate malware. The security experts of the security firm, Loucif Kharouni, actually spotted the harmful messages, as per the blog post published by TrendLabs Malware Blog on March 16, 2010.

 

Journalists receive malware disguised as event notice

MXLogic Security News, US – Mar 26

"There seems to be a [definite] increase in sophisticated, targeted attacks coming out of China," Paul Ferguson, a researcher at Trend Micro, told the news provider in an instant message.

 

Anne Curtis’ 'nip-slip' leads to fake anti-virus

ABS-CBN News, PH - Mar 25

A Trend Micro security alert, meanwhile, said cybercriminals have jumped on the sudden popularity of searches for Anne Curtis by spreading new, fake antivirus variants. Using the usual blackhat search engine optimization (SEO) techniques, cybercriminals were able to make their malicious links the top-ranking results when users search for videos of the nip-slip incident.

 

Pictures Ruse Used to Spam Zeus/Zbot

About.com, US – Mar 25

Clicking the link loads a bogus 'photo archive' which is actually the Zbot trojan. According to threat researcher Ivan Macalintal of Trend Micro, the email sent is highly personalized, making it appear legitimate and potentially leading to a greater number of victims falling for the scam. Pictures of the email and the file downloads are available in this Trend Micro blog post.

 

ZeuS variant targets European banks

Help Net Security, US – Mar 25

UniCredit Group Subsidiary Bank of Rome; U.K.-based Abbey National; Germany’s FIDUCIA Group; France’s Crédit Mutuel; and Hong Kong’s HSBC are among the institutions targeted. TrendLabs' researchers revealed their names with the intention of warning users to be careful.

 

Cyber Miscreants Found Exploiting the News of Corey Haim’s Funeral

SPAMfighter, DK – Mar 25

Trend Micro alerts all the gullible users that while following these malicious links, a false window opens and shows that the user's system is flooded with malware, and therefore suggests him/her to download the anti-virus solution it offers.

 

Miscreants Riding on DTS Searches, Spreading Scareware

SPAMfighter, DK – Mar 24

To conclude, security experts from security purveyors Websense and Trend Micro independently alarm the users of similar schemes wherein Corey Haim's death was targeted, which occurred in the second week of March 2010. Corey was a former teen idol and a Canadian actor. Deaths of celebrities have unfortunately become common themes for cyber felons to execute BHSEO campaigns because they easily attract Internet users' attention.

 

New Scareware Leverages the Layered Service Provider

Softpedia News, US – Mar  23

"It will only allow the users access if the registry key, HKEY_CURRENT_USER\Software\IS2010,  exists in their systems. However, the said key will only exist if the FAKEAV application Internet Security 2010 (aka TROJ_FAKEAL.SMDO, TROJ_FAKEAL.SMDP, or TROJ_FAKEINIT.BC), is present on the affected system," the Trend Micro researchers explain.

 

Fake AV "blocks" popular sites

Help Net Security, US – Mar 23

In a bid to create even more panic among the unfortunate users who have been tricked into downloading this fake AV solution and make them pay for a "full version", the latest rogue solution that TrendLabs  is warning about contains also a .DLL file that gets inserted into the Layered Service Provider (LSP) chain.

 

.

 

沒有留言: