Russian anti-virus company Doctor Web is warning users about another malicious program of the BackDoor.BlackEnergy family. In July 2012 many mass media outlets reported on the shutting down of the main BlackEnergy servers, but the botnet ceased to operate completely only in autumn 2012. And a new modification of the threat emerged in January 2013. […]
The current wave of Mac OS X FakeAV infection follows a three-step process. To those familiar with Windows-based FakeAV, the pattern in this infection chain is quite familiar. Displays a “scanning page” from poisoned Google searches Prompts a download of a .ZIP which contains a .PKG installer. This installer installs a downloader. The downloader downloads […]
In 1999, a new virus, Win32/Crypto, was discovered. It was using brute-force attacks against its encryption key to decrypt its body. Today, in 2011, variants of Win32/Alureon are bringing this old-school technique back to life, with some extra naughtiness, as you will see below. While working recently on different Win32/Alureon samples, we noticed some behaviour […]
Latest Comments