VisualBee Toolbar

Posted: April 29, 2013 | Category: Browser Hijackers | Threat Level: 5/10
VisualBee Toolbar is a mischievous toolbar and internet search add-on. Most times VisualBee Toolbar is installed without the computer user’s knowledge through bundled software or an installation app. After it is installed, VisualBee Toolbar will display a toolbar and change internet settings to load a new default search engine or home page. Through the VisualBee Toolbar searches you may be redirected to unwanted sites or have manipulated results returned. The complete removal of VisualBee Toolbar may require deleting extensions or add-ons within Google Chrome, Internet Explorer and...

50 Million Emails, Names, Encrypted Passwords Leaked in LivingSocial Hacking Ordeal

Posted: April 28, 2013 | Category: Internet Security
LivingSocial, one of the largest daily deals company, only second to Groupon, has succumb to a hacking incident that reportedly leaked 50 million emails, names, and encrypted passwords. At the hands of mischievous hackers, LivingSocial was attacked by hackers who have yet to be identified. LivingSocial says that the database containing customer credit card information along with a separate database with merchant info was affected in the attack. Unfortunately, this isn't the first time we have witnessed a large online company to capitulate to a hacker attack where customer data...

Posted: April 27, 2013 | Category: Browser Hijackers currently is an online but empty website (except for a generic hosting message that confirms that the domain is working properly) that, so far, has shown no signs of being used to host PC threats or cause any harm to visiting computers. However, also has been used in browser-hijacking attacks that redirect your browser to without your permission, and malware researchers always rate such attacks as potentially dangerous – even when the sites that they promote, like, are not especially hostile. If your browser starts...

‘Disk Drive C is being deleted’ Fake Message

Posted: April 27, 2013 | Category: Fake Warning Messages
An example of one of the many fraudulent warnings that can be created by the scamware Securebit Technologies, the 'Disk Drive C is being deleted' fake message displays automatically in an attempt to convince you that your entire hard drive is being erased. However, malware experts' currently gathered information on Securebit Technologies leads them to believe that Securebit Technologies actually doesn't delete any files on your computer, let alone your entire C drive's contents. Since the 'Disk Drive C is being deleted' fake message is associated with rogue anti-malware...

Creators of RedKit Exploit Kit Secretly Express Disgust Towards Security Expert Brian Krebs

Posted: April 27, 2013 | Category: Malware News
The RedKit Exploit Kit has been brightly shining on the radar screen of many security experts especially Brian Krebs, the author of and cybercriminal adversary. In recent findings of RedKit Exploit Kit, known for being a package of exploitation tools used by cybercrooks to install malicious software onto computers without alerting the user, security experts from Sophos identified a string in the source code of the kit related specifically to Brian Krebs. Embedded within the malicious code of the RedKit Exploit Kit is a string reading "Crebs, its your fault."...


Posted: April 26, 2013 | Category: Trojans | Threat Level: 9/10
Disguised as a fake Internet Explorer file that's installed by an e-mail-distributed Trojan dropper, TROJ_NAIKON.A is a backdoor Trojan that injects itself into the real Internet Explorer's memory process, afterward contacting a C&C server from which TROJ_NAIKON.A can receive attack instructions, upload stolen information or download malicious files. At this time, TROJ_NAIKON.A's C&C server currently is down, limiting the damage that TROJ_NAIKON.A can do to your PC. However, this state of affairs may not remain intact indefinitely, and TROJ_NAIKON.A with access to a functional Command &...


Posted: April 26, 2013 | Category: Trojans | Threat Level: 9/10
TROJ_MDROP.ATP is a Trojan that is included in a targeted attack campaign, which hides behind SSL communication. Using encrypted communication like 'Secure Sockets Layers (SSL)' along with the reasonable use of recent news item as a social engineering lure is the perfect combination to infiltrate and remain in a targeted entity's infrastructure. TROJ_MDROP.ATP propagates via a spam email related to the Boston Marathon bombing, which includes a malicious attachment named 'The Prayer.DOC', encouraging target recipients to pray for the victims of the Boston Marathon. The malicious attachment...


Posted: April 26, 2013 | Category: Backdoors | Threat Level: 6/10
BKDR_PLUGX.AQT is a member of the PlugX family of backdoor Trojans, a group of Trojans related to e-mail-based PoisonIvy attack campaigns in Asia. Along with some traditional backdoor features that allow criminals to compromise your computer easily, BKDR_PLUGX.AQT is structured in such a way as to force legitimate McAfee software to load BKDR_PLUGX.AQT automatically – a malicious DLL-loading tactic that's a hallmark of the PlugX family. Because BKDR_PLUGX.AQT is well-disguised as a component of a legitimate program, malware experts suggest using anti-malware products...


Posted: April 26, 2013 | Category: Backdoors | Threat Level: 6/10
BKDR_PLUGX.AI is a backdoor Trojan that attacks legitimate applications involving Microsoft, Lenovo, and McAfee. BKDR_PLUGX.AI uses normal applications to load its harmful .DLL components on the victimized computer system. BKDR_PLUGX.AI is able to use any executable file and known programs. BKDR_PLUGX.AI also uses a certain vulnerability found in an executable when .DLLs are loaded, particularly on how executable files load the first .DLL file in a particular folder. BKDR_PLUGX.DMI uses a variety of legal files to load its harmful components on the corrupted PC. BKDR_PLUGX.AI uses...


Posted: April 26, 2013 | Category: Backdoors | Threat Level: 6/10
BKDR_PLUGX.DMI is a backdoor Trojan that affects legitimate applications including Microsoft, Lenovo, and McAfee. BKDR_PLUGX.DMI uses normal applications to load its malicious .DLL components on the infected computer system. This .DLL hijacking technique is not new and was initially discussed by last July 2010 by Mandiant here. BKDR_PLUGX.DMI is able to use any executable file and known applications. BKDR_PLUGX.DMI also uses a certain vulnerability found in an executable when .DLLs are loaded, particularly on how executable files load the first .DLL file in a certain folder....


Posted: April 26, 2013 | Category: Backdoors | Threat Level: 6/10
Based on the same template as BKDR_VERNOT.A, BKDR_VERNOT.B is a backdoor Trojan that, like its close relative, uses a benign company's online data storage-based services to obfuscate the C&C server attacks, allowing BKDR_VERNOT.B to steal information and receive attack instructions with a minimal chance of being detected. In terms of the attacks that BKDR_VERNOT.B may launch against your PC, BKDR_VERNOT.B is as dangerous as any other backdoor Trojan, and malware researchers heavily encourage using a trustworthy anti-malware application to delete BKDR_VERNOT.B before any...


Posted: April 26, 2013 | Category: Trojans | Threat Level: 9/10
Trojan.Dropper.PWS is a Trojan dropper that exploits legitimate WinPcap-based libraries in order to steal confidential information (such as the passwords for your personal accounts) along with the contents of any accessible Bitcoin wallets. Given its e-mail-based spambotting capabilities, Trojan.Dropper.PWS most likely is distributed through e-mail spam in either links or file attachments. Given its ability to compromise extremely private data, Trojan.Dropper.PWS and components related to Trojan.Dropper.PWS always should be removed quickly, but anti-malware applications may be required to...


Posted: April 26, 2013 | Category: Trojans | Threat Level: 9/10
Troj/FakeAV-GNL is a Trojan that is a part of a spam malware campaign. Troj/FakeAV-GNL is distributed via malicious fax and email messages. The spam email that spreads Troj/FakeAV-GNL declares to have been sent by an online fax service called 'DuoFax'. However, the sender's email address has been forged, and 'DuoFax' is not associated with these messages. Attached to the unsolicited emails is a file called 'fax[random number].zip', which itself includes an executable file called 'fax01001_DIGIT[5]_.exe'. The .EXE file is detected as Troj/FakeAV-GNL. If an affected PC user opens a harmful...


Posted: April 25, 2013 | Category: Trojans | Threat Level: 9/10
Trojan.Win32.agent.AXCS is a Trojan that propagates through the network and affects PC users while they browse the web inappropriately. When installed, Trojan.Win32.agent.AXCS changes system files and registry entries to exploit vulnerabilities of the targeted computer system. Trojan.Win32.agent.AXCS slows down the computer system's performance and results in loss of Internet connection. Trojan.Win32.agent.AXCS also causes data loss and computer freezing problems. Trojan.Win32.agent.AXCS blocks anti-virus software to avoid detection and removal from the infected computer.


Posted: April 25, 2013 | Category: Trojans | Threat Level: 9/10
Infostealer.Somabix is a Trojan that steals information from the targeted computer. When Infostealer.Somabix is executed, it creates the malevolent files on the infected computer. Infostealer.Somabix creates a service with the specific properties. Infostealer.Somabix then creates the registry subkey to register the service. Infostealer.Somabix then adds the registry entry. Infostealer.Somabix then also modifies the registry entries. Infostealer.Somabix then collects information from the affected computer and transfers it to the particular remote locations.


Posted: April 25, 2013 | Category: Trojans | Threat Level: 9/10
Infostealer.Nemim is a Trojan that steals information from the affected computer. When Infostealer.Nemim is executed, it collects the specific information from the corrupted PC including computer name, user name, Windows version and service pack details, network card information, CPU information and USB information. Infostealer.Nemim then transfers the stolen information to the specific locations. It may also connect to the specific web addresses.


Posted: April 25, 2013 | Category: Backdoors | Threat Level: 6/10
Backdoor.Jabeefit is a Trojan that opens a back door and steals information from the affected computer. When Backdoor.Jabeefit is executed, it creates a copy of itself to the specific locations of the compromised PC. Backdoor.Jabeefit then adds the malevolent files. Backdoor.Jabeefit creates the registry entry so that it can run automatically every time Windows is started. Backdoor.Jabeefit then opens a back door on the infected computer, and connects to the specific URL. Backdoor.Jabeefit creates new processes, stops processes and downloads files on the attacked PC. Backdoor.Jabeefit...

Posted: April 25, 2013 | Category: Browser Hijackers is a search engine that appears to display irrelevant links instead of search query-related results. Currently, hasn't been found to be a host for malicious scripted content or other PC threats that are often found on suspicious websites, and is not likely to harm your computer in any direct way. However, some browser hijackers have been known to redirect their victims' web browsers to automatically. Such problems can be resolved, as always, by the dutiful application of a solid anti-malware product, which will remove the...

Fake Windows Firewall

Posted: April 25, 2013 | Category: Malware
Often associated with rogue system-scanning products, the Fake Windows Firewall is a fraudulent firewall utility that doesn't provide any actual protection for your PC – instead of performing real firewall functions, the Fake Windows Firewall, will, at best, block legitimate programs while the Fake Windows Firewall delivers fake pop-up warnings about various unrelated PC threats that supposedly are attacking your computer. Although a Fake Windows Firewall sometimes is found alone, usually a Fake Windows Firewall's purpose is to encourage you to buy an associated rogue anti-malware or...


Posted: April 24, 2013 | Category: Trojans
Also known as Beebus, Mutter is a comprehensively-equipped backdoor Trojan that is being used to gather government data related to unmanned drone operations. Although Mutter's place in its attack operation appears to have been substituted by a pair of brand-new backdoor Trojans, malware experts warn that Mutter still is capable of harming computers that are infected with Mutter and grants a high level of access to the criminals using its C&C server. Since Mutter primarily is a concern for business and government PCs that are used to process highly confidential data,...
previous  320  321  322  323  324  325  326  327  328  329  330  331  332  333  334  335  336  337  338  339  340  next     total items: 20712
Home "Articles"