-------------------------------------------
寄件者: All of PH AV Technical Marketing
傳送日期: Monday, August 16, 2010 2:17:59 PM
收件者: Newsbank; Marketing Writers
副本: Jocelyn Racoma (AV-PH)
主旨: Malware Blog news pickups: Aug 7-13, 2010
自動依照規則轉寄
Daily Pageviews to blog posts picked up
| | 7-Aug | 8-Aug | 9-Aug | 10-Aug | 11-Aug | 12-Aug | 13-Aug |
| 2,091 | 2,443 | 3,808 | 3,867 | 4,509 | 4,008 | 3,157 | |
| QuickTime Player Allows Movie Files to Trigger Malware Download | 13 | 23 | 28 | 43 | 21 | 19 | 12 |
| KOOBFACE Gang Now Tracking Visitors | 1 | 4 | 5 | 1 | 6 | 2 | 3 |
| Certificate Snatching—ZeuS Copies Kaspersky’s Digital Signature | 49 | 62 | 122 | 45 | 55 | 62 | 12 |
| Making a Million, Part One—Criminal Gangs, the Rogue Traffic Broker, and Stolen Clicks | - | - | 184 | 195 | 390 | 161 | 57 |
| First Android Trojan in the Wild | - | - | - | 308 | 317 | 116 | 53 |
| Bogus MSRT Leads to FAKEAV | - | - | - | - | 15 | 92 | 15 |
| BREDOLAB Spreading via Malicious Attachments | - | - | - | - | - | 9 | 5 |
Waledac zombie attacks rise from the grave
The Register, UK – Aug 13
Nonetheless, security watchers are monitoring the development anxiously. "Waledac is making a comeback of sorts even if its main C&C servers have been removed from the picture," writes Jonathan Leopando of Trend Micro. "Even if you can deal with one aspect of a threat, others can still cause problems down the road."
Fake Malicious Software Removal Tool peddles fake AV
Help Net Security, US – Aug 12
A fake Malicious Software Removal Tool using the actual icon of the legitimate software has been spotted by Trend Micro researchers. Even a first glimpse of the scanning alert looks pretty legitimate, but it's the "Software searching" screen which signals that something might be off:
Koobface Hackers Now Monitor Victims
SPAMfighter, DK – Aug 11
Joey Costoya, Advanced Threat Researcher at Trend Micro, disclosed that the new tracking code had been spotted on bogus YouTube pages identical with the bot that allowed the gang behind Koobface to examine the page hits, as reported by ITPRO on August 2, 2010.
Apple QuickTime Movie Player Installs Malware
SPAMfighter, DK – Aug 11
Benson Sy, Threat Research Engineer at Trend Micro, came across two .MOV files (001 Dvdrip Salt.mov and salt dvdrpi [btjunkie][xtrancex].mov) and both used the recent Angelina Jolie starrer movie 'Salt', as reported by TrendLabs on July 30, 2010. TrendLabs identified these two malicious movie files as TROJ_QUICKTM.A.
First Android SMS Trojan spotted in the wild
WebUser, US – Aug 11
"The malware disguises itself by using the Windows Media Player icon. It also attempts to send text messages to numbers such as 3353 or 3354 with the message string '798657' via the current default Short Message Service Center (SMSC)," said Bernadette Irinco of Trend Micro.
The Register, UK – Aug 11
David Sancho, a security researcher at Trend Micro's Labs, explained that the scam uses short-lived bots to redirect web traffic from compromised machines. Surfers seeking to visit Yahoo, for example, might be redirected via a third-party service before arriving at their destination, earning an unscrupulous broker a few cents in the process. In other cases surfers visiting the New York Times, for example, may be served ads from an ad-broker other than the licensed agent, Double Click.
Malware Stealing Digital Certificates Raises Security Concerns
eWeek.com, US – Aug 7
Researchers at Trend Micro recently found a variant of the Zeus Trojan that used a certificate belonging to Kaspersky Lab's ZbotKiller product, which ironically is designed to destroy Zeus. Though the certificate was expired, the idea was for the malware to use it to look legitimate.
.
沒有留言:
張貼留言