The story of the mysterious malware detected by ESET as Win32/Rootkit.Avatar began in February 2013 when some adverts for this rootkit leaked from Russian cybercrime forums (http://pastebin.com/maPY7SS8). This information produced some heated discussions in the malware research community, however a sample of the Avatar rootkit was not found and published, until now. In this blog […]
Ran across a quite interesting infection today. I visited a site that prompted me a security warning about a “Microsoft” application from an unknown publisher. The site is actually pretending to be a Gmail Attachment Viewer. Microsoft+Gmail? Fail. After allowing the application to run, it redirects to a Cisco Foundation invitation while downloading a malware […]
Spam is nothing new, but a recent site we were reviewing was a bit different. After a bit of analysis, we found a file called tracks.php that was generating spam with the following code on it: <?php // Any reproduction of this document in part or in whole is strictly prohibited. For educational purposes only. […]
Latest Comments