We have been fighting the W32.Changeup family of worms for a long time and have written about it many times Figure 1. W32.Changeup prevalence One characteristic of W32.Changeup is that it is written in Microsoft Visual Basic 6.0 and the viral part of its program code is seen in the program file, but […]
We discussed much of the unfolding Duqu attack in our previous post. Some new light has recently illuminated some missing pieces to this interesting attack. Researchers at CrySys Labs in Hungary have disclosed information about a Word document that is purported to be the installer file for the Duqu attacks. The document loads a kernel […]
There’s a WinRAR file floating around in the Internet named “2012????.rar”* (SHA1: 889cf7076d4c08637e8aeedf7a90dc4a3808f991), which can be downloaded or may be sent out as an attachment in an email message, that contains a program that claims to display beautiful snowflakes on your desktop. If you run the executable contained in the archive (file name “????.exe” – […]
Latest Comments