Tag Archives: Malware

Android botnet sends SMS spam through Android phones

Source: Computerworld by Jeremy Kirk In this article “In a new twist, spammers have built a botnet that sends SMS spam through infected Android phones, shifting the potentially pricey cost of sending spam to victims. The trend, spotted by security vendor Cloudmark, poses a new challenge for operators. Victims whose phones are sending the SMS spam often do… Read More »

The “hidden” backdoor – VirTool:WinNT/Exforel.A

Source: Microsoft Malware Protection Center by Chung Feng In this article “Recently we discovered an advanced backdoor sample – VirTool:WinNT/Exforel.A. Unlike traditional backdoor samples, this backdoor is implemented at the NDIS (Network Driver Interface Specification) level. VirTool:WinNT/Exforel.A implements a simple private TCP/IP stack and hooks NDIS_OPEN_BLOCK for the TCP/IP protocol, as shown in Figure 1.”  

Reversal of fortune: Attempts to disguise file names

Source: Microsoft Malware Protection Center by Raymond Roberts In this article “Social engineering tactics are vast and varied, and we see all sorts of methods being used on a daily basis by malware authors, in their attempts to compromise your machine. One such method that we see often is malware being distributed as an alluring or enticing link or… Read More »

Rogue WhatsApp Facebook apps harvest info, lead to malware

Source: Help Net Security In this article “Rogue Facebook apps still occasionally pop up, even though they are not nearly as ubiquitous as they used to be. More often than not they supposedly show users who has been viewing their profile, but these latest ones pose as legitimate WhatsApp Messenger apps. WhatsApp Messenger is a popular cross-platform instant… Read More »

Mahdi Malware Makers Push Anti-American Update

Source: Information Week by  Mathew J. Schwartz In this article “Mounting evidence suggests that the Mahdi malware was built by Iranians, for the primary purpose of spying on people inside Iran. Notably, while the four command-and-control (C&C) servers controlling Mahdi-infected PCs are based in Canada, the oldest sample of the Mahdi malware discovered thus far–dating from December 2011–interfaced with a C&C… Read More »