Featured Blogs
YouTube Video Scam Targets Facebook Users
Be advised cybercriminals are at it again, leveraging the popularity of Facebook and YouTube to scam consumers.We have seen several...
New Labs Report: ‘Analyzing Project Blitzkrieg’
Project Blitzkrieg, a current attack on US financial institutions, got a lot of media attention following a blog posting by...
Narilam Trojan Targets Iranian Financial Software
Iranian infrastructure has been on the radar of cyberattackers for a couple of years. We have already witnessed organized and...
A Quick Analysis of the Flash Player Opcode-Verifying Code Execution Vulnerability
On October 12, McAfee Labs learned of proof-of-concept code exploiting a newly patched Flash Player vulnerability. Adobe had patched this...
Update: NGRBot Posing as Skype Drops Ransomware With Fake McAfee Logo
This blog was updated on October 15. See the end of this file. We recently received a sample of the...
Multiplatform Fake AV Uses Different GUIs
Since the beginning of October we have seen a variant of fake antivirus malware that belongs to the FakeRean family...
NGRBot Spreads Via Chat
NGRBot is a worm that propagates through chat messengers, the Internet Relay Chat channel, social networking sites etc. It steals...
‘Police Ransomware’ Preys on Guilty Consciences
“Police ransomware” is big business, generating millions of euros for organized criminal groups. In May, at Europol’s headquarters in The...
Facebook Bot Spreads Through Chat Messengers [Updated]
Update from Facebook: The Facebook security team been actively tracking this botnet and providing McAfee AV to the victims (via...
AutoIt and Malware: What’s the Connection?
During the last couple of weeks I’ve come across three malware samples packed using compiled AutoIt scripts, so I decided...
Combating Malware and Advanced Persistent Threats
In the past decade, the security industry has seen a constant rise in the volume of malware and attacks associated...
Operation High Roller Raises Financial Fraud Stakes
Earlier today Guardian Analytics and McAfee released the joint report “Dissecting Operation High Roller,” which describes a new breed of...
‘Bioskits’ Join Ranks of Stealth Malware
We have seen many discussions of the MyBios “Bioskit” discovered at the end of 2011. MyBios was the first malware...
Spreading the Flame: Skywiper Employs ‘Windows Update’
Microsoft has issued Security Advisory 2718704, in which the company disclosed that it recently became aware of the Flamer/Skywiper threat,...
Jumping Into the Flames of Skywiper
There has been quite a bit of analysis and speculation about the Flamer/Skywiper threat. As we started to analyze this...
Evolution of Android Malware: IRCBot Joins the Party
We all know how fast the smart phone market is growing. Along with it, the complexity and the numbers of...
‘Android/NotCompatible’ Looks Like Piece of PC Botnet
A lot of recent attacks on Android users are attributed to fake websites of popular applications such as Cut the...
Pastebin Shares Botnet Source Code
Few days back, we found another Pastebin entry that contains a source which looks to be malicious botnet code. As...
CVE-2012-0158 Exploit in the Wild
Since last week, we have seen many specially crafted files exploiting CVE-2012-0158, a vulnerability in MSCOMCTL.OCX in Microsoft Office and...
Latest SpyEye Botnet Active and Cheaper
On April 16, we found a Pastebin entry selling the latest version of the infamous SpyEye botnet (Version 1.3.48) for...
Digging Into the Nitol DDoS Botnet
Nitol is a distributed denial of service (DDoS) botnet that seems to be small and not widely known. It mostly...
Hacker Leaves Online Trail, Loses Anonymity
Since March 20, the @Anonw0rmer Twitter account has been silent. Its owner, w0rmer, is known as a member of the...
Android Malware Promises Video While Stealing Contacts
Recently we discovered a new Android Trojan in the official Google Play market that displays a video downloaded from the...
Darkshell DDOS Botnet Evolves With Variants
Darkshell is a distributed denial of service (DDoS) botnet targeting Chinese websites. It was found in 2011 and was first...
Android Malware Pairs Man-in-the-Middle With Remote-Controlled Banking Trojan
Based on the Android malware that we’ve seen so far, one of the principal motivations to develop and spread malware...
Google Code Projects Host Android Malware
[March 1: See update at end] Google Code is a well-known platform that provides a collaborative environment for developers working...
Android DIY DoS App Boosts Hacktivism in South America
Hacktivism has become very popular in recent years; one of its leading agents is the online community Anonymous. Hacktivist groups...
