Featured Blogs
The Day of the Golden Jackal – The Next Tale in the Stuxnet Files: Duqu Updated
Stuxnet was possibly the most complex attack of this decade, and we expected that similar attacks would appear in the near future. One thing for sure is that the Stuxnet team is still active–as recent evidence has revealed. McAfee Labs received a kit from an independent team of researchers that ...
No Winners at QR Code Roulette
Last year a friend had a bright idea for a party game that involved a series of QR codes in a circle on paper. He called it QR Code Roulette. Unlike the gambling game, selecting the right 2D barcode did not make you a winner. It turned out that every ...
Rooting Exploit for Android Works Silently
In our last blog about Android malware, we discussed the expanding threat landscape for Android malware. Recently, we received an Android package in our collection and observed that this malicious application uses a rooting exploit that targets Android devices running OS Versions 2.3 or earlier to gain root privileges on ...
Spitmo vs Zitmo: Banking Trojans Target Android
SpyEye and Zeus are probably the most prevalent and active Trojan “banker” families seen in the wild. (Bankers steal bank passwords and other financial data.) At the beginning of the year there was a rumor about the “merger” of both toolkits into a new generation of banking Trojan. It is not ...
Why Does My Car Have Its Own Smartphone?
You would be surprised at the number of places you can find a GSM SIM card. Outside of your mobile phone, they can be found in power meters, water meters, vending machines, etc. These SIM cards (virtually identical to the one in your mobile phone) are used for machine-to-machine communication. Essentially ...
Dissecting Zeus for Android (or Is It Just SMS Spyware?)
Zeus, also known as ZBot, is one of best-known malware in the industry. The main purpose of this malware is to steal banking credentials, allowing attackers to commit electronic fraud. Until 2010, Zeus existed only for personal computers since this platform was (and still is) the principal medium for electronic ...
Responses to Cybercrime in Japan and France
This week the Sorbonne University and the French Department of Justice hosted a meeting, the World and Development Institute (IMODEV) International Cybercrime, CyberThreat and CyberFraud Seminar. The audience heard eminent speakers including Pierre Joxe, a Member of the French Constitutional Council and former socialist Minister of the Interior, and Jacques Godfrain, ...
Mac ‘Protector’: Another Fake-Alert in Disguise
It’s not breaking news that fake-alert Trojans infections are growing. But it’s worrying for Mac OS X users to find themselves a target for those attacks. As my colleague Tad Heppner mentioned in his post, a scareware called MacDefender was spotted in the wild. Mac users can be fooled by ...
Fake-Alert Scams Growing Again
Fake-alert Trojans, also known as scareware, fool consumers by claiming imaginary threats, and insisting its victims purchase a product to repair the “infected” systems. They exist in Windows and Macintosh environments. In my recent report explaining this threat, I included a table showing the approximate number of scareware products with ...
I Smell a RAT: Java Botnet Found in the Wild
Most of today’s malware works on Windows and its apps, because it can affect a lot of people around the world. However, other platforms are becoming more popular every day and attracting bad guys who are starting to create malicious code for other systems. (For a few examples, see BlackHoleRAT, ...
