Spoofing – whether in the form of DNS, legitimate email notification, IP, address bar – is a common part of Web threats. We’ve seen its several incarnations in the past, but we recently found a technique known as header spoofing, which puts a different spin on evading detection.Header spoofing is when a URL appears to […]
A novel spam, in this case leading to a fake pharmacy on carewelhealth.com.. but it could just as easily be malware. Date: Sun, 22 Apr 2012 16:09:12 +0000 From: MediaWiki Mail [[email protected]] Subject: Account details on Wikipedia Wikipedia Someone (probably you, from IP address 105.191.258.285) requested a reminder of your account details […]
We did a quick post yesterday about a DroidKungfu sample that appeared to use a novel infection vector. Now, as promised, more technical details. The application we’ve been analyzing is called com.ps.keepaccount, and a quick check into its content reveals a couple of findings. The original application (SHA-1: 5e2fb0bef9048f56e461c746b6a644762f0b0b54) does not show any trace of […]
Latest Comments