Featured Blogs
Android Malware Promises Video While Stealing Contacts
Recently we discovered a new Android Trojan in the official Google Play market that displays a video downloaded from the...
Hacker Leaves Online Trail, Loses Anonymity
Since March 20, the @Anonw0rmer Twitter account has been silent. Its owner, w0rmer, is known as a member of the...
Digging Into the Nitol DDoS Botnet
Nitol is a distributed denial of service (DDoS) botnet that seems to be small and not widely known. It mostly...
Latest SpyEye Botnet Active and Cheaper
On April 16, we found a Pastebin entry selling the latest version of the infamous SpyEye botnet (Version 1.3.48) for...
CVE-2012-0158 Exploit in the Wild
Since last week, we have seen many specially crafted files exploiting CVE-2012-0158, a vulnerability in MSCOMCTL.OCX in Microsoft Office and...
Pastebin Shares Botnet Source Code
Few days back, we found another Pastebin entry that contains a source which looks to be malicious botnet code. As...
‘Android/NotCompatible’ Looks Like Piece of PC Botnet
A lot of recent attacks on Android users are attributed to fake websites of popular applications such as Cut the...
Evolution of Android Malware: IRCBot Joins the Party
We all know how fast the smart phone market is growing. Along with it, the complexity and the numbers of...
Jumping Into the Flames of Skywiper
There has been quite a bit of analysis and speculation about the Flamer/Skywiper threat. As we started to analyze this...
‘Bioskits’ Join Ranks of Stealth Malware
We have seen many discussions of the MyBios “Bioskit” discovered at the end of 2011. MyBios was the first malware...
Spreading the Flame: Skywiper Employs ‘Windows Update’
Microsoft has issued Security Advisory 2718704, in which the company disclosed that it recently became aware of the Flamer/Skywiper threat,...
Operation High Roller Raises Financial Fraud Stakes
Earlier today Guardian Analytics and McAfee released the joint report “Dissecting Operation High Roller,” which describes a new breed of...
Combating Malware and Advanced Persistent Threats
In the past decade, the security industry has seen a constant rise in the volume of malware and attacks associated...
Facebook Bot Spreads Through Chat Messengers [Updated]
Update from Facebook: The Facebook security team been actively tracking this botnet and providing McAfee AV to the victims (via...
‘Police Ransomware’ Preys on Guilty Consciences
“Police ransomware” is big business, generating millions of euros for organized criminal groups. In May, at Europol’s headquarters in The...
NGRBot Spreads Via Chat
NGRBot is a worm that propagates through chat messengers, the Internet Relay Chat channel, social networking sites etc. It steals...
Multiplatform Fake AV Uses Different GUIs
Since the beginning of October we have seen a variant of fake antivirus malware that belongs to the FakeRean family...
Update: NGRBot Posing as Skype Drops Ransomware With Fake McAfee Logo
This blog was updated on October 15. See the end of this file. We recently received a sample of the...
A Quick Analysis of the Flash Player Opcode-Verifying Code Execution Vulnerability
On October 12, McAfee Labs learned of proof-of-concept code exploiting a newly patched Flash Player vulnerability. Adobe had patched this...
Narilam Trojan Targets Iranian Financial Software
Iranian infrastructure has been on the radar of cyberattackers for a couple of years. We have already witnessed organized and...
New Labs Report: ‘Analyzing Project Blitzkrieg’
Project Blitzkrieg, a current attack on US financial institutions, got a lot of media attention following a blog posting by...
YouTube Video Scam Targets Facebook Users
Be advised cybercriminals are at it again, leveraging the popularity of Facebook and YouTube to scam consumers.We have seen several...
If You Deploy Only Antivirus, It Will Cost You More and Make You Less Secure
Everyone’s looking to shave their IT budgets, manage fewer vendors and streamline. The plethora of low cost and sometimes free...
Java Zero-Day Vulnerability Pushes Out Crimeware
This blog was updated on January 14. See the end of the file. A new Java zero-day vulnerability is spreading...
The Future of Hacktivism and Anonymous
After the publication of the 2013 Threats Predictions from McAfee Labs, I have received many queries regarding our expectation of...
Botnet Control Servers Span the Globe
McAfee Labs has long monitored botnet activities and their control servers as they plague the Internet. With millions of McAfee endpoints...
IPS Countermeasures Fight Obfuscation, Evasion
Before the advent of intrusion detection systems (IDS) and intrusion prevention systems (IPS), firewalls served as the primary technology to...
