New type of audio malware transmits through speakers and microphones

Tuesday, December 3rd, 2013

A few weeks ago, security researcher Dragos Ruiu publicly claimed that computers in his lab were being infected by some sort of stealthy over-the-air transmission method that relied on ordinary speakers and microphones to transmit the malware payload from system to system. Ruiu nicknamed this bug “badBIOS,” and research into ...

Virus can attack ‘any bank anywhere’

Friday, November 29th, 2013

Kaspersky Lab has recorded several thousand attempts to infect computers used for online banking with a malicious programme that its creators claim can attack “any bank in any country”. The Neverquest Trojan banker supports just about every possible trick used to bypass online banking security systems: web injection, remote system access, ...

JPEG Files Used For Targeted Attack Malware

Friday, November 29th, 2013

We recently came across some malware of the SOGOMOT and MIRYAGO families that update themselves in an unusual way: they download JPEG files that contain encrypted configuration files/binaries. Not only that, we believe that this activity has been ongoing since at least the middle of 2010. A notable detail of the malware ...

Exploit Targeting Windows Zero-Day Vulnerability Spotted

Thursday, November 28th, 2013

Trend Micro came across samples of an exploit targeting the recently announced zero-day vulnerability affecting Windows XP and Server 2003. This is an elevation of privilege vulnerability, which may allow a threat actor to gain certain privileges that enable him to do varied activities, including deleting or viewing data, installing programs, or ...

Ransomware demands additional payment to delete ‘criminal records’

Wednesday, November 13th, 2013

Back in July 2013, we had discovered a new method of spreading the infamous FBI ransomware by using JavaScript code and iframes to create an illusion that the victim’s browser was locked. After several months, the threat is still very much alive hopping from one domain name to the next. The message is still ...