-------------------------------------------
From: All of PH AV Technical Marketing
Sent: Monday, March 29, 2010 11:27:36 AM
To: Newsbank; Marketing Writers
Subject: Malware Blog news pickups: March 20-26, 2010
Auto forwarded by a Rule
Pageviews to blog posts picked up
| | 20-Mar | 21-Mar | 22-Mar | 23-Mar | 24-Mar | 25-Mar | 26-Mar |
| Malware Blog | 1,491 | 1,810 | 2,361 | 2,573 | 3,838 | 4,158 | 2,170 |
| Search for News on Corey Haim’s Death Leads to FAKEAV | 3 | 7 | 8 | 2 | 4 | 2 | 3 |
| “Obama Accident” Instant Messages Used to Spread Malware | 14 | 17 | 13 | 9 | 10 | 4 | 0 |
| FAKEAV with LSP Routine | - | 5 | 112 | 59 | 108 | 41 | 3 |
| New ZBOT Variants Targeting European Banks | - | - | - | - | 286 | 148 | 13 |
| Anne Curtis’ “Nip-Slip” Leads to FAKEAV | - | - | - | - | 121 | 1,357 | 258 |
| Spam with “Pictures” Used to Spread ZBOT | - | - | - | - | 254 | 44 | 3 |
| Shanghai Expo Spam Carries Backdoor | - | - | - | - | - | 224 | 76 |
Search for News on Corey Haim’s Death Leads to FAKEAV
“Obama Accident” Instant Messages Used to Spread Malware
New ZBOT Variants Targeting European Banks
Anne Curtis’ “Nip-Slip” Leads to FAKEAV
Spam with “Pictures” Used to Spread ZBOT
Shanghai Expo Spam Carries Backdoor
ZBOT Trojan Targets European Banks
The New Internet, US – Mar 26
“At this point, we do have the data that show that these banks are indeed being currently targeted,” said Trend Micro’s advanced threats researcher Ivan Macalintal. “We are including some names of the banks here to make people aware.”
Malware in Fake Reports of President Obama’s Death
SPAMfighter, DK – Mar 26
The security researchers of Trend Micro have discovered a malware movement on the famous Internet Messaging (IM) service in the last few days which tries to dupe the users on harmful links that circulate malware. The security experts of the security firm, Loucif Kharouni, actually spotted the harmful messages, as per the blog post published by TrendLabs Malware Blog on March 16, 2010.
Journalists receive malware disguised as event notice
MXLogic Security News, US – Mar 26
"There seems to be a [definite] increase in sophisticated, targeted attacks coming out of China," Paul Ferguson, a researcher at Trend Micro, told the news provider in an instant message.
Anne Curtis’ 'nip-slip' leads to fake anti-virus
ABS-CBN News, PH - Mar 25
A Trend Micro security alert, meanwhile, said cybercriminals have jumped on the sudden popularity of searches for Anne Curtis by spreading new, fake antivirus variants. Using the usual blackhat search engine optimization (SEO) techniques, cybercriminals were able to make their malicious links the top-ranking results when users search for videos of the nip-slip incident.
Pictures Ruse Used to Spam Zeus/Zbot
About.com, US – Mar 25
Clicking the link loads a bogus 'photo archive' which is actually the Zbot trojan. According to threat researcher Ivan Macalintal of Trend Micro, the email sent is highly personalized, making it appear legitimate and potentially leading to a greater number of victims falling for the scam. Pictures of the email and the file downloads are available in this Trend Micro blog post.
ZeuS variant targets European banks
Help Net Security, US – Mar 25
UniCredit Group Subsidiary Bank of Rome; U.K.-based Abbey National; Germany’s FIDUCIA Group; France’s Crédit Mutuel; and Hong Kong’s HSBC are among the institutions targeted. TrendLabs' researchers revealed their names with the intention of warning users to be careful.
Cyber Miscreants Found Exploiting the News of Corey Haim’s Funeral
SPAMfighter, DK – Mar 25
Trend Micro alerts all the gullible users that while following these malicious links, a false window opens and shows that the user's system is flooded with malware, and therefore suggests him/her to download the anti-virus solution it offers.
Miscreants Riding on DTS Searches, Spreading Scareware
SPAMfighter, DK – Mar 24
To conclude, security experts from security purveyors Websense and Trend Micro independently alarm the users of similar schemes wherein Corey Haim's death was targeted, which occurred in the second week of March 2010. Corey was a former teen idol and a Canadian actor. Deaths of celebrities have unfortunately become common themes for cyber felons to execute BHSEO campaigns because they easily attract Internet users' attention.
New Scareware Leverages the Layered Service Provider
Softpedia News, US – Mar 23
"It will only allow the users access if the registry key, HKEY_CURRENT_USER\Software\IS2010, exists in their systems. However, the said key will only exist if the FAKEAV application Internet Security 2010 (aka TROJ_FAKEAL.SMDO, TROJ_FAKEAL.SMDP, or TROJ_FAKEINIT.BC), is present on the affected system," the Trend Micro researchers explain.
Fake AV "blocks" popular sites
Help Net Security, US – Mar 23
In a bid to create even more panic among the unfortunate users who have been tricked into downloading this fake AV solution and make them pay for a "full version", the latest rogue solution that TrendLabs is warning about contains also a .DLL file that gets inserted into the Layered Service Provider (LSP) chain.
.
沒有留言:
張貼留言