Have you ever wondered about the ads you might have seen being shown on the desktop or in the browser during web browsing sessions at Internet cafes? One of our Analysts, Wayne, certainly did. He recently analyzed a sample (SHA1: c8c643df81df5f60d5cd8cf46cb3902c5f630e96) that gave him an interesting answer. The sample was a rootkit named in its […]
Recently, we discovered a threat that abuses the Encrypting File System (EFS), which Symantec detects as Backdoor.Tranwos. Not only is it trivial for program code to use EFS, it’s also very effective at preventing forensic analysis from accessing the contents of the file.The threat creates the folder %Temp%\s[RANDOM ASCII CHARACTERS] and then calls the EncryptFileW […]
In the quarterly McAfee Threats Reports we offer our readers some charts on the prevalence of messaging botnets. For the last quarter of 2012, we announced the continuing decline in global messaging botnet infections as well as in former leaders Festi and Cutwail (see page 23).In this blog, I will detail the evolution of the […]
Latest Comments