April 13, 2011 - After writing my last blog about the Epsilon breach and discussing how criminals may use those stolen email addresses to go phishing, I was thinking about how imbedded links can be the downfall of many a pc. I (continue reading...) Read more
June 4, 2010 - What do the “FIFA World Cup” and Gaza attack have in common? They are both currently being used as social engineering ploys by a couple of malware campaigns seen on Twitter. TrendLabsSM senior threat researcher Ivan Macalintal spotted several malicious (continue reading...) Read more
June 2, 2010 - While conducting blackhat search engine optimization (SEO) investigations, I stumbled upon an SEO attempt hosted in the popular document-sharing site Scribd. The document that contains the SEO strings and links was (continue reading...) Read more
April 22, 2010 - We regularly blog about how cybercriminals misuse newsworthy events in order to gain profit for themselves. In the past 24 hours, TrendLabsSM has tracked multiple FAKEAV attacks that try and trick users searching for help following the recent McAfee update 5958 incident. This (continue reading...) Read more
April 19, 2010 - Cybercriminals employ different but complementary techniques when it comes to propagating FAKEAV. Ultimately, however, their goal is to entice users to click malicious links that led to the download of different FAKEAV variants. (continue reading...) Read more
April 13, 2010 - In recent years, the music and movie industries have become more aggressive in suing users accused of illegally sharing content. Large-scale mass lawsuits, previously used largely in Britain and Germany, have now made their way to the U.S. shores. Given (continue reading...) Read more
April 11, 2010 - Mass compromises have not been in the news of late but a new wave recently hit the headlines. According to news reports, users running the popular blogging platform WordPress have been hit (continue reading...) Read more
April 7, 2010 - TrandLabs engineers recently discovered that cybercriminals now use shortened URLs to spam malware via instant-messaging (IM) applications like Yahoo! Instant Messenger and MSN. As we all know, URL-shortening services are used to compress long and unreadable URLs into short, bite-sized (continue reading...) Read more
March 29, 2010 - News of a twin bombing attack in Russia shocked the world on Monday morning as two female suicide bombers blew themselves up in Moscow subway stations. According to news reports, the attacks killed at least 38 and wounded more than (continue reading...) Read more
March 24, 2010 - Advanced threats researcher Ivan Macalintal spotted a fresh wave of spammed messages that were used to spread another ZBOT variant of the infamous ZeuS botnet. These messages warned users that a “jerk” posted photos of them and contained a link (continue reading...) Read more
March 21, 2010 - TrendLabs observed an increase in malicious medical advertisements spammed to users’ e-mail inboxes. Two of the samples our engineers obtained looked legitimate, even had professional-looking graphics (see Figures 1 and 2). Another was just the normal, everyday, plain-text spam (see (continue reading...) Read more
March 21, 2010 - Trend Micro came across a new FAKEAV variant that does not only perform the usual fake alert routine, but also downloads an additional component—a .DLL file that is inserted into the Layered Service Provider (LSP) chain. By inserting itself into the (continue reading...) Read more
March 16, 2010 - TrendLabs researchers recently received a report on malvertisements that appeared while a user was browsing through a popular Web-based email service. At first glance, the ads may seem like the typical Web browser nuisance. However, random ads were proven to be (continue reading...) Read more
March 14, 2010 - The Saturday night boxing match between Manny Pacquiao and Joshua Clottey was one of the most awaited sports events of 2010. It should not be a surprise then that cybercriminals took advantage of it to spread malware. Another blackhat search (continue reading...) Read more
March 9, 2010 - It seems that fans around the world are not the only ones who are hooked on the Oscars. Just a day after this year’s Academy Awards, Trend Micro threat researchers found FAKEAV variants topbilling the search pages. (continue reading...) Read more
March 3, 2010 - As the security industry evolves, underground cybercriminals are constantly looking for ways to counter the technology challenges presented to them. I recently found out that the bad guys have begun offering services to track the blacklisting of domain names through reputation checks. (continue reading...) Read more
March 1, 2010 - A new KOOBFACE variant is again making the rounds in the social-networking scene. According to Trend Micro researcher, Norman Ingal, the malware employs Facebook’s Private Message feature to proliferate. The threat arrives as a Facebook private message that does not bear (continue reading...) Read more
February 28, 2010 - News of a performer killer whale allegedly killing its trainer made the headlines this week. Dawn Branchaeu, an animal trainer in SeaWorld Florida, was attacked by one of the trained killer whales last Wednesday. This sad event, unfortunately, paved the (continue reading...) Read more
February 24, 2010 - A new Twitter worm is making the rounds. If you receive a direct message from a “friend” that contains the following message: “This you????” It is likely malicious. Clicking the link, http://twitter.login.{BLOCKED}home.org/login/, will redirect you to a sub page of the said (continue reading...) Read more
February 22, 2010 - Trend Micro’s Web Reputation Services (WRS) Operations Team recently received a phishing email claiming to be from Blogger (see Figure 1), a free blog publishing tool from Google. The spammed (continue reading...) Read more