Featured Blogs
Phishing Attack Replaces Android Banking Apps With Malware
Mobile devices are also increasingly being used to manage a critical and important asset for all of us: our money....
Delving Deeply Into a Bitcoin Botnet
Bitcoin is a virtual decentralized currency that was created in 2009 by developer Satoshi Nakamoto, who described the currency in...
Bank Account Logins for Sale, Courtesy of Citadel Botnet
Financial theft is one of the most lucrative forms of cybercrime. Malware authors continue to deliver sophisticated tools and techniques...
Travnet Botnet Controls Victims With Remote Admin Tool
The malicious binary behind the Travnet botnet has been updated. The new code has a new compression algorithm, steals the...
Emerging ‘Stack Pivoting’ Exploits Bypass Common Security
[This blog was primarily written by Xiaoning Li of McAfee Labs, with assistance from Peter Szor of McAfee Labs.] In...
Tracking PDF Usage Poses a Security Problem
Update on May 2 Adobe has confirmed this vulnerability and has scheduled a patch release for May 14. Looking...
Travnet Botnet Steals Huge Amount of Sensitive Data
In a McAfee Labs blog by my colleague Vikas Taneja last month, he discussed high-level functioning in the malware Travnet....
One-Click Fraud Variant on Google Play in Japan Steals User Data
Last week McAfee Labs reported a series of “one-click fraud” malware on Google Play in Japan. We have been monitoring...
Turkish ‘Delete Virus’ Targets Facebook Users
Facebook continues to be a favorite target for attackers to spread fake wall-post messages or fake scams. Most of the...
Phishing Threat Uses UTF-8 BOM in ZIP Signature to Evade Detection
This blog was written by Sanchit Karve. Last week, we noticed thousands of malware files in the wild that employ...
Multiple Java Exploits Hide in a Jar (File)
Exploits of the Java Runtime Environment (JRE) have been extensively used in drive-by-download toolkits such as Blackhole and Red Kit....
VSkimmer Botnet Targets Credit Card Payment Terminals
April 2 This blog has been updated with McAfee’s NSP detection. See end of blog. While monitoring a Russian underground...
Travnet Trojan Could Be Part of APT Campaign
This blog post was written by Vikas Taneja. Attackers use all kinds of attack vectors to steal sensitive information from...
An Overview of Messaging Botnets
In the quarterly McAfee Threats Reports we offer our readers some charts on the prevalence of messaging botnets. For the...
Android Malware Goes Bollywood
We already know that mobile malware is growing at a fantastic rate, but we now see a new trend that...
Malware Behaves Oddly in Automated Analysis Environment
While testing malware recently, we got some logs from our automated analysis system showing a few samples that are only...
Digging Into the Sandbox-Escape Technique of the Recent PDF Exploit
As promised in our previous blog entry for the recent Adobe Reader PDF zero-day attack, we now offer more technical...
Analyzing the First ROP-Only, Sandbox-Escaping PDF Exploit
The winter of 2013 seems to be “zero-day” season. Right after my colleague Haifei Li analyzed the powerful Flash zero...
Fake Cleaning Apps in Google Play: an AutoRun Attack and More
Almost exactly one year ago, Google announced the addition of a “new layer to Android security,” a service codenamed Bouncer...
Evasion Techniques: Encoded JavaScript Attacks PDF Files
Last week I kicked off a series of blogs with a discussion of how an effective IPS solution can fight...
Labs Paper Looks ‘Inside the World of the Citadel Trojan’
Zeus “banking” malware and its variants have been making headlines in recent months. One variant, the Citadel Trojan, has now...
IPS Countermeasures Fight Obfuscation, Evasion
Before the advent of intrusion detection systems (IDS) and intrusion prevention systems (IPS), firewalls served as the primary technology to...
Botnet Control Servers Span the Globe
McAfee Labs has long monitored botnet activities and their control servers as they plague the Internet. With millions of McAfee endpoints...
The Future of Hacktivism and Anonymous
After the publication of the 2013 Threats Predictions from McAfee Labs, I have received many queries regarding our expectation of...
Java Zero-Day Vulnerability Pushes Out Crimeware
This blog was updated on January 14. See the end of the file. A new Java zero-day vulnerability is spreading...
Red Kit an Emerging Exploit Pack
Exploit kits are toolkits that are used to build malware components such as binaries and scripts. They automate the exploitation...
If You Deploy Only Antivirus, It Will Cost You More and Make You Less Secure
Everyone’s looking to shave their IT budgets, manage fewer vendors and streamline. The plethora of low cost and sometimes free...
