An unusual attack has been spotted in the wild, using an unexpected combination of threats. This attack used exploit kits (in particular Java and PDF exploits) to deliver file infectors onto vulnerable systems. Interestingly, these file infectors have information theft routines, which is a behavior not usually found among file infectors. These malware are part […]
Typically users archive file to lump several files together into a single file for convenience or to simply save storage space. However, we uncovered a worm that creates copies of itself even on password-protected archived files. We acquired a sample of a worm (detected as WORM_PIZZER.A) that propagates using a particular WINRAR command line (see […]
?We added three new families to this month’s Malicious Software Removal Tool (MSRT): Win32/FakeDef, Win32/Vicenor, and Win32/Kexqoud. In this blog, we will talk about the rogue antivirus family Win32/FakeDef. It’s not a big player in rogues’ world, but it holds its own unique characteristics. We found this family in the wild in December 2012. Initially […]
Latest Comments