February 10, 2012 - We have continued monitoring the massive campaign involving SMS Fraud on the mobile platform for a while now as new activities are constantly taking place. New domains are created practically every day and new variants are being released consistently. Most (continue reading...) Read more
February 10, 2012 - Recently there have been several reports about the re-emergence of a botnet variant (Kelihos), which Symantec detects as W32.Waledac.C. The Waledac family is a threat that has been monitored by Symantec for many years and was featured (continue reading...) Read more
February 9, 2012 - Contribution: Takayoshi Nakayama I was going through some files we acquired related to targeted attacks the other day and an unusual set of files caught my eyes. We did some analysis on the files and it turns out a pair of (continue reading...) Read more
February 8, 2012 - Upwards of 20,000 stolen archives have been uploaded to a third party file-sharing site from hosts infected with a new threat called Infostealer.Offsupload. The following heatmap indicates the U.S. is the primary target of infection, however, only a few countries (continue reading...) Read more
February 8, 2012 - Thanks to Eric Chien for his assistance with this research. Introduction We recently came across a new piece of Android malware, first highlighted by NC State’s Xuxian Jiang, and began investigating the command-and-control (C&C) servers associated with the threat. The (continue reading...) Read more
February 8, 2012 - Thanks to Anand Muralidharan for their assistance with this research. Televison channels across the world are set to be at the 14th International Exhibition and Forum, World Content Show, held Feb 7- 9, 2012, in Russia. The exhibition showcases the latest (continue reading...) Read more
February 7, 2012 - At 3 AM, on February 6, 2012, Symantec Security Response observed spam carrying malicious links which target the upcoming tax season. The spam volume spiked between 6 AM and 1 PM, identifying over 200 unique URLs which lead to a (continue reading...) Read more
February 4, 2012 - You may not need pills to watch the super bowl but spammers feel that this definitely is an occasion to do so! The most exciting annual championship of the NFL - the Super Bowl XLVI - starts tomorrow. And as (continue reading...) Read more
February 1, 2012 - For quite some time, we have observed the technique of server-side polymorphism being used to infect Windows computers around the world. What this means is that every time a file is downloaded, a unique version of the file is created (continue reading...) Read more
January 31, 2012 - Nothing can be more enticing than to be chosen for some free goodies—be it mementos, a cash prize, or a ticket to watch a game. It gets even more interesting if you are from a cricket crazy continent and suddenly, (continue reading...) Read more
January 30, 2012 - Last week, we posted a blog informing Android users of the discovery of new versions of Android.Tonclank, which we have named Android.Counterclank. The blog generated a bit of discussion over whether these new versions should be a concern (continue reading...) Read more
January 30, 2012 - Malware is often embedded in email as compressed attachments (such as .zip, .rar, etc.). Recently, however, Symantec has noticed an increase in malicious email attacks with .htm (HTML) attachments. Here is what the message looks like in your inbox: (continue reading...) Read more
January 27, 2012 - Symantec Security Response is aware of in-the-wild malware exploiting the Microsoft Windows Media Player 'winmm.dll' MIDI File Parsing Remote Buffer Overflow Vulnerability (BID 51292). Microsoft has already issued a patch against this vulnerability in the monthly patch release (continue reading...) Read more
January 27, 2012 - Symantec has identified multiple publisher IDs on the Android Market that are being used to push out Android.Counterclank. This is a minor modification of Android.Tonclank, a bot-like threat that can receive commands to carry out certain actions, as (continue reading...) Read more
January 26, 2012 - The Sykipot campaign has been persistent in the past few months targeting various industries, the majority of which belong to the defense industry. Each campaign is marked with a unique identifier comprised of a few letters followed by a (continue reading...) Read more
January 25, 2012 - Spam levels always rise when a holiday or special event approaches. Symantec researchers are observing a surge of spam as Valentine’s Day gets closer and closer. Unbelievable discounts on jewelry, dinners, and expensive gift articles are the key themes for (continue reading...) Read more
January 24, 2012 - Contributor: Masaki Suenaga We certainly are! It is American football season and the Super Bowl is right around the corner. Apparently, so are the malware authors. It would not be the first time they took advantage of this sporting event. Back (continue reading...) Read more
January 23, 2012 - Recently, I came across a scam email that is trying to take advantage of the hype surrounding the yet-to-be-released iPad 3. The release date of the iPad 3 is still unknown but spammers are already jumping on the bandwagon in (continue reading...) Read more
January 18, 2012 - Rootkit stories show up in the mainstream media on a regular basis these days. While these stories raise public awareness about what the bad guys are doing, they usually leave readers wondering what they can do to protect themselves from (continue reading...) Read more
January 17, 2012 - Facebook scams have become a common propagation vector for scammers to earn commissions. But once in a while, something interesting happens that makes security researchers sit up and take notice. One such case is a scam that is currently fooling (continue reading...) Read more