The first variants of Win32/VBDoc worm appeared about half year ago, and this worm has been active since. The description of Win32/VBDoc.H is available on Total Defense Labs Encyclopedia.Many variants of this worm are known, they are released quite frequently by one or more malware writers. When older variant becomes known and detected by antiviruses, […]
Last week, our friends at Sucuri sent us a modified version of an Apache webserver redirecting some of its requests to the infamous Blackhole exploit packs. Sucuri has published a blog post on this attack. Our analysis of this malware, dubbed Linux/Cdorked.A, reveals that it is a sophisticated and stealthy backdoor meant to drive traffic […]
In previous post, my colleague talked about new way to inject virus codes into other normal processes in order to bypass firewall’s detection. During the continuous research of ZeroAccess, we found there’re some improvements for this series of anti-detection and anti-debug methods. And what’s most interesting is ZeroAccess seems to really like lsass.exe. It often […]
Latest Comments