Featured Blogs
Android Malware Promises Video While Stealing Contacts
Recently we discovered a new Android Trojan in the official Google Play market that displays a video downloaded from the...
Hacker Leaves Online Trail, Loses Anonymity
Since March 20, the @Anonw0rmer Twitter account has been silent. Its owner, w0rmer, is known as a member of the...
Digging Into the Nitol DDoS Botnet
Nitol is a distributed denial of service (DDoS) botnet that seems to be small and not widely known. It mostly...
Latest SpyEye Botnet Active and Cheaper
On April 16, we found a Pastebin entry selling the latest version of the infamous SpyEye botnet (Version 1.3.48) for...
CVE-2012-0158 Exploit in the Wild
Since last week, we have seen many specially crafted files exploiting CVE-2012-0158, a vulnerability in MSCOMCTL.OCX in Microsoft Office and...
Pastebin Shares Botnet Source Code
Few days back, we found another Pastebin entry that contains a source which looks to be malicious botnet code. As...
‘Android/NotCompatible’ Looks Like Piece of PC Botnet
A lot of recent attacks on Android users are attributed to fake websites of popular applications such as Cut the...
Evolution of Android Malware: IRCBot Joins the Party
We all know how fast the smart phone market is growing. Along with it, the complexity and the numbers of...
Jumping Into the Flames of Skywiper
There has been quite a bit of analysis and speculation about the Flamer/Skywiper threat. As we started to analyze this...
‘Bioskits’ Join Ranks of Stealth Malware
We have seen many discussions of the MyBios “Bioskit” discovered at the end of 2011. MyBios was the first malware...
Spreading the Flame: Skywiper Employs ‘Windows Update’
Microsoft has issued Security Advisory 2718704, in which the company disclosed that it recently became aware of the Flamer/Skywiper threat,...
Operation High Roller Raises Financial Fraud Stakes
Earlier today Guardian Analytics and McAfee released the joint report “Dissecting Operation High Roller,” which describes a new breed of...
Combating Malware and Advanced Persistent Threats
In the past decade, the security industry has seen a constant rise in the volume of malware and attacks associated...
Facebook Bot Spreads Through Chat Messengers [Updated]
Update from Facebook: The Facebook security team been actively tracking this botnet and providing McAfee AV to the victims (via...
‘Police Ransomware’ Preys on Guilty Consciences
“Police ransomware” is big business, generating millions of euros for organized criminal groups. In May, at Europol’s headquarters in The...
NGRBot Spreads Via Chat
NGRBot is a worm that propagates through chat messengers, the Internet Relay Chat channel, social networking sites etc. It steals...
Multiplatform Fake AV Uses Different GUIs
Since the beginning of October we have seen a variant of fake antivirus malware that belongs to the FakeRean family...
Update: NGRBot Posing as Skype Drops Ransomware With Fake McAfee Logo
This blog was updated on October 15. See the end of this file. We recently received a sample of the...
