The TrustedSource Research Team is now part of McAfee Research organization. Our researchers will continue to provide insightful blogs here on
www.trustedsource.org and also at
www.avertlabs.com/research/blog/.
Either site will provide you with all the latest blogs from all the global security experts at McAfee Research teams.
July 29th, 2010Posted by Ugur Sahsi
We have just noticed a cluster of fraudulent websites that attempt to mislead consumers. They use a common pattern: offering counterfeit products cheaper than the original to get consumers to send money. We expect consumers to try to get the best product or greatest utility for their money. Due to this desire, some consumers can [...]
More
July 28th, 2010Posted by Toralv DirroIsn’t it just everybody’s dream: to walk up to an ATM, swipe your card, get a flashy screen reading “We Have A Winner,” and watch the machine spew out all its money? That dream just became reality. At least in a great presentation from Barnaby Jack at the Black Hat Briefings in Las Vegas. “Jackpotting Automated [...]
More
July 27th, 2010Posted by Pedro BuenoFirst of all, this is not a sales pitch. McAfee offers several of its products for a trial period. However, we want you to know that we have just found a brand new variant of the Bredolab Trojan that is spreading by email with the following characteristics: Subject: “McAfee VirusScan Plus” Message body: “Download a [...]
More
July 27th, 2010Posted by Felix Martinez
We have noticed two frequent types of spam-phishing attacks targeting Amazon users. These messages at first appear to be legitimate, and the fake Amazon links end in a format such as this: <domain /index.php?pid=14>. Every link in the email goes to the same malicious page. One of these emails appears to be an order confirmation from amazon.com [...]
More
July 26th, 2010Posted by Guilherme Venere
As McAfee Labs predicted in a previous blog post regarding the Microsoft Windows Shell .LNK vulnerability, it was just a matter of time before malware started using Exploit-CVE2010-2568 to take advantage of this new Microsoft zero-day flaw. The flaw is described in CVE-2010-2568. First, there was talk about PWS-Zbot (a.k.a. Zeus) using the vulnerability in [...]
More
July 20th, 2010Posted by Rahul KashyapToday Microsoft updated the security advisory that was initially published last Friday (July 16), stating that they’re working on issuing a security patch for this vulnerability. Earlier, malware exploiting this issue was found in the wild. Researchers at McAfee Labs have been busy tracking this issue over the weekend and we have come up with [...]
More
July 16th, 2010Posted by Felix Martinez
McAfee Labs researchers have seen a noticeable spike in URLs leading to Koobface malware. (Koobface is an anagram of Facebook.) The latest, unexpected Koobface campaign spreads by tricking Facebook users into downloading and running links with the following characteristic: URL format: <Domain/variable/setup.exe> All of these have been found in the same MD5: 9cac65b88d2288fb16f8a356c3563604. Koobface malware, since its first appearance in [...]
More
July 16th, 2010Posted by Craig Schmugar
The Koobface worm has been one of the top malicious threats to Facebook users since 2008. Like most threats, Koobface has morphed over time, adding and changing malicious payloads, while maintaining the ability to propagate, or spread, from one system to another. A common misconception is that viruses often delete files or cause irrevocable system damage. There certainly [...]
More
July 12nd, 2010Posted by David MarcusSocial networking sites and technologies are among the hottest happenings on the Internet. However, in this case every benefit comes with an equal danger: These sites and technologies are also huge targets for cybercriminals. One of McAfee Labs senior researchers, Anthony Bettini, has written an excellent whitepaper on the subject. Social Networking Apps Pose Surprising [...]
More
July 9th, 2010Posted by Francois Paget
Since the end of June, the media have been talking about a possible new magazine distributed by Al-Qaeda and promoted on various Islamic websites. One reason I was interested by this document was a message I read in some extremist forums saying it could contain viruses and spyware. In searching I found two documents. Each had [...]
More
July 7th, 2010Posted by Francois Paget
Now that we’ve reached the middle of the year, it’s time to take a look at our malware collection. During the first half of the year, 10 million samples entered in our database. That’s certainly no decrease compared with last year. With approximately 54,800 new samples arriving per day, the total size of our collection [...]
More
July 7th, 2010Posted by Paras Gupta
Name any famous or popular website, they all seem to have become the prime targets on spammers lists. Researchers at McAfee Labs have seen an increasing trend wherein famous websites like Amazon, Ebay, Youtube, Wordpress, Wikipedia, Godaddy, Eventful.com, and many more are abused by spammers to provide a legitimate appearance for the email and ultimately [...]
More
July 7th, 2010Posted by Igor MuttikThe Anti-Malware Testing Standards Organization (AMTSO) is a coalition of security professionals, including many anti-malware product vendors, product testing organizations and publishers, and some interested individuals. Given the highly technical nature of its activities, it is inevitable that the organization owes some of its authority to the expertise of the security specialists within its ranks, [...]
More
June 30th, 2010Posted by James Duldulao
We just noticed a new wave of fake resume spam that redirects users to a malicious site. We see the resume pages were uploaded to innocent sites in top-level domains of various countries, perhaps in an attempt to internationalize the spam campaign. The pages contain a small piece of obfuscated JavaScript code that translates into a [...]
More
June 30th, 2010Posted by Meirgen Krehs
It has been a little while since we heard something new from the pharmacy spam corner, but right on time at the end of Q2, they are back–and with reinforcements! Our researchers have found an enormous number of spam URLs, and they are all related to some well-known malicious IPs ranges–194.xx.xx.x2 and 194.xx.xx.x4. The first IP range [...]
More
