Featured Blogs
Adult Voice-Service Apps on Google Play Japan Charge Users Without Notice
McAfee has reported on increasing fraudulent Android applications on Google Play in Japan this year, including one-click fraud applications and...
Malware Manipulates Procedure Prologue and Epilogue to Evade Security
Techniques used by malware developers to evade detection by security software have changed drastically in recent years. Encryption, packers, wrappers,...
New Zero-Day Attack Copies Earlier Flash Exploitation
Late on July 10, Microsoft released a blog post disclosing that they were aware of a zero-day attack in the...
Java Back Door Acts as Bot
The current threat landscape is often driven by web-based malware and exploit kits that are regularly updated with newly found...
Introducing App Reputation for Android Apps
McAfee has always been in the forefront of finding new ways to secure our customers against threats and risks posed...
Android Master-Key Malware Already Blocked by McAfee Mobile Security
The Android Master Key vulnerability, which was first reported by BlueBox Security, has been big news this month. McAfee explained...
Japanese One-Click Scammers Abuse Mobile Traffic Exchange Service
McAfee has been monitoring and reporting extensively on one-click-fraud malware for Android in Japan this year. These attacks, primarily on...
Bitcoin Miners Use AutoIt-Complied Programs With Antianalysis Code
Last year, my colleague Itai Liba blogged about the association between malware and AutoIt, a very convenient environment for malware...
Android App Contains Windows Worm
When developers are unaware of security they open the door to threats against their customers and users. We are not...
Cidox Trojan Spoofs HTTP Host Header to Avoid Detection
Lately, we have seen a good number of samples generating some interesting network traffic through our automated framework. The HTTP...
Andromeda Botnet Hides Behind AutoIt
Last month, I posted a blog about an increase in the use of AutoIt scripts by malware authors to carry...
Vertexnet Botnet Hides Behind AutoIt
Recently we found some new malware samples using AutoIt to hide themselves. On further analysis we found that those sample...
Hacking Summit Names Nations With Cyberwarfare Capabilities
In 2009, I read with great interest a paper published in the Journal of International Security Affairs titled The Art...
Ramnit Malware Creates FTP Network From Victims’ Computers
This blog post was written by Vikas Taneja. The Ramnit worm appeared in 2010. Within a year more than eight...
Quarian Group Targets Victims With Spearphishing Attacks
This blog post was written by Rahul Mohandas. The current generation of targeted attacks are getting more sophisticated and evasive....
Periodic Connections to Control Server Offer New Way to Detect Botnets
A number of recent botnets and advanced threats use HTTP as their primary communications channel with their control servers. McAfee...
McAfee Labs Detects Zero-Day Exploit Targeting Microsoft Office
Last Thursday morning (October 31), our Advanced Exploit Detection System (AEDS), which we discussed in an earlier post, detected a...
Solving the Mystery of the Office Zero-Day Exploit and DEP
On November 5 McAfee Labs blogged about a Microsoft Office zero-day attack that we spotted in the wild. In another...
In Memory of Peter Szor
Nov. 20: Update with details of memorial service at the end of this post. Earlier this week the security industry...
Japanese Chat App for Android Steals Phone Numbers
Update, December 5 The developer of the app Machin Chat has contacted McAfee and reported that the collection of phone...
JavaScript Apps on Google Play Steal Korean Phone Numbers
In a recent blog, McAfee Labs reported on suspicious JavaScript-based Android chat applications for Japanese users. These apps were found...
More Japanese Chat Apps on Google Play Steal Phone Numbers
In two recent blogs, McAfee Labs described Japanese and Korean Android apps on Google Play that steal a mobile device’s...
Analyzing the Recent Windows Zero-Day Escalation of Privilege Exploit
Recently we caught a malicious sample that exploits a PDF vulnerability–CVE-2013-3346, we believe–and executes after a use-after-free condition occurs. During...
Suspicious Apps on Google Play Leak Google Account IDs
The Google account ID (or account name), which in most cases is a Gmail address, is one of the key...
2014 Threats Predictions: Cloud Attacks Could Lead to Data Loss
This post is one in a series of articles that expand on the recently released McAfee Labs 2014 Threats Predictions. In...
Variant of Pony Botnet Pickpockets Bitcoin Users
Last month the Pony Botnet became a household name when it was revealed that it had stolen more than two...
2014 Threats Predictions: Software Defined Networking And More
This post is one in a series of articles that expand on the recently released McAfee Labs 2014 Threats Predictions....
