February 10, 2012 - We have continued monitoring the massive campaign involving SMS Fraud on the mobile platform for a while now as new activities are constantly taking place. New domains are created practically every day and new variants are being released consistently. Most (continue reading...) Read more
February 10, 2012 - Recently there have been several reports about the re-emergence of a botnet variant (Kelihos), which Symantec detects as W32.Waledac.C. The Waledac family is a threat that has been monitored by Symantec for many years and was featured (continue reading...) Read more
February 9, 2012 - Contribution: Takayoshi Nakayama I was going through some files we acquired related to targeted attacks the other day and an unusual set of files caught my eyes. We did some analysis on the files and it turns out a pair of (continue reading...) Read more
February 8, 2012 - Upwards of 20,000 stolen archives have been uploaded to a third party file-sharing site from hosts infected with a new threat called Infostealer.Offsupload. The following heatmap indicates the U.S. is the primary target of infection, however, only a few countries (continue reading...) Read more
February 8, 2012 - Thanks to Eric Chien for his assistance with this research. Introduction We recently came across a new piece of Android malware, first highlighted by NC State’s Xuxian Jiang, and began investigating the command-and-control (C&C) servers associated with the threat. The (continue reading...) Read more
February 1, 2012 - For quite some time, we have observed the technique of server-side polymorphism being used to infect Windows computers around the world. What this means is that every time a file is downloaded, a unique version of the file is created (continue reading...) Read more
January 30, 2012 - Last week, we posted a blog informing Android users of the discovery of new versions of Android.Tonclank, which we have named Android.Counterclank. The blog generated a bit of discussion over whether these new versions should be a concern (continue reading...) Read more
January 27, 2012 - Symantec Security Response is aware of in-the-wild malware exploiting the Microsoft Windows Media Player 'winmm.dll' MIDI File Parsing Remote Buffer Overflow Vulnerability (BID 51292). Microsoft has already issued a patch against this vulnerability in the monthly patch release (continue reading...) Read more
January 27, 2012 - Symantec has identified multiple publisher IDs on the Android Market that are being used to push out Android.Counterclank. This is a minor modification of Android.Tonclank, a bot-like threat that can receive commands to carry out certain actions, as (continue reading...) Read more
January 26, 2012 - The Sykipot campaign has been persistent in the past few months targeting various industries, the majority of which belong to the defense industry. Each campaign is marked with a unique identifier comprised of a few letters followed by a (continue reading...) Read more
January 25, 2012 - Spam levels always rise when a holiday or special event approaches. Symantec researchers are observing a surge of spam as Valentine’s Day gets closer and closer. Unbelievable discounts on jewelry, dinners, and expensive gift articles are the key themes for (continue reading...) Read more
January 24, 2012 - Contributor: Masaki Suenaga We certainly are! It is American football season and the Super Bowl is right around the corner. Apparently, so are the malware authors. It would not be the first time they took advantage of this sporting event. Back (continue reading...) Read more
January 23, 2012 - Recently, I came across a scam email that is trying to take advantage of the hype surrounding the yet-to-be-released iPad 3. The release date of the iPad 3 is still unknown but spammers are already jumping on the bandwagon in (continue reading...) Read more
January 18, 2012 - Rootkit stories show up in the mainstream media on a regular basis these days. While these stories raise public awareness about what the bad guys are doing, they usually leave readers wondering what they can do to protect themselves from (continue reading...) Read more
January 17, 2012 - Facebook scams have become a common propagation vector for scammers to earn commissions. But once in a while, something interesting happens that makes security researchers sit up and take notice. One such case is a scam that is currently fooling (continue reading...) Read more
January 12, 2012 - During the summer of 2011, one-click fraud targeting smartphones was discovered. One-click fraud has now become so common that doing a quick search for certain keywords on the Internet using a smartphone leads to a high possibility of coming across (continue reading...) Read more
January 10, 2012 - Hello, welcome to this month’s blog on the Microsoft patch release. This is a smaller month—the vendor is releasing seven bulletins covering a total of eight vulnerabilities. Only one of this month's issues is rated 'Critical' and it affects Windows Media. (continue reading...) Read more
January 9, 2012 - Contributors: Conor Murray, Paul Mangan. Fraudulent apps appearing on the official Android marketplace is an ongoing issue and one that we have blogged about in the past. Today we received reports of yet more fraudulent apps capitalizing on popular game (continue reading...) Read more
December 29, 2011 - Recently, we discovered malware in the wild in the form of document files, such as PDF and Word, using password protection. The malware are used as attachments in email in limited, targeted attacks. Passwords for document files are commonly used to (continue reading...) Read more
December 23, 2011 - Adobe Systems released a security update for Adobe Acrobat and Reader 9.x for Windows on December 16, 2011, in order to fix a zero-day vulnerability. As Vikram Thakur reported recently, there have been zero-day attacks using this PDF (continue reading...) Read more