Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Cyber Crime

Find and Remove SpyEye Banking Trojan

by Shanmuga
Thumbnail image for Find and Remove SpyEye Banking Trojan

SpyEye banking trojan first made its appearance about a year back as a competitor to what is till then known as the king of all bots Zeus/Zbot. Security researchers believe that both bots have now joined hands to prey upon online banking users world-wide.

Read the full article →

Crimeware: A new round of confrontation begins…

by Shanmuga

"The article examines the current state of malware attacks on clients of financial organizations, and methods for combating such attacks more effectively. More often than not, the attacks on clients of financial organizations follow a well-trodden path: the search for a suitable victim and the infection of their computer, the theft of their online banking

Read the full article →

ZeuS on the Hunt

by Shanmuga

"One of the most prolific threats to be found on computers around the world is the ZeuS Trojan. ZeuS became one of the most widespread and top-selling spyware programs on the Internet’s black market because using it to steal online data is so easy. The Trojan helps cybercriminals gain access to everything that the user

Read the full article →

The botnet ecosystem

by Shanmuga

"Botnets are networks of computers infected by malicious programs called bots.Bots allow cybercriminals to take control of a compromised machine and use its resources for their own goals – distributing spam, launching DDoS attacks, scams etc. Since the advent of botnets, the number of cybercrimes has increased enormously. However, botnets are not just a tool

Read the full article →

Security researchers continue hunt for Conficker authors

by Shanmuga

"There are several ongoing investigations attempting to find the authors of the Conficker botnet, one of the fastest spreading worms in history, but those responsible for the worm have proven elusive. Security expert Mikko Hyppönen, chief research officer at F-Secure Corp., said he is aware of several ongoing investigations, but was asked specifically not to

Read the full article →

Amazon EC2 Used as Botnet Command and Control

by Shanmuga

"Trend Micro released a report Dec. 9 highlighting what it expects to see as far as security threats in 2010. Among the more interesting predictions — attacks on cloud infrastructures will increase. Almost as if on cue, a report surfaced the same day that the Zeus Trojan was observed abusing the Amazon EC2 (Elastic Compute

Read the full article →

The Root of the Botnet Epidemic

by Shanmuga

"Over the course of a few days in February 2000, a lone hacker was able to bring some of the Web’s larger sites to their knees, using just a few dozen machines and some relatively primitive software to cripple Yahoo, eBay, E*trade, Amazon, ZDnet and others for hours at a time. No one knew it

Read the full article →

3 Basic Steps to Avoid Joining a Botnet

by Shanmuga

"Banging the drum for security awareness never gets old. As much as CSOs try to get folks to bone up on safe practices (both online and in the office), there are always going to be some who need reminding. Online, the biggest battle these days is against botnets: networks of infected computers which hackers can

Read the full article →

Recognizing phishing e-mails

by Shanmuga

"If you have received an e-mail from the Internal Revenue Service or the Federal Deposit Insurance Corporation, chances are it was a phishing attempt. If you received e-mail from your bank, PayPal, or Facebook urging you to immediately verify information or risk having your account suspended, it was undoubtedly phishing. Phishing attacks have spiked this

Read the full article →

The Gumblar system

by Shanmuga

"Analysis of some infected websites showed that the only way to inject the infection of Gumblar was by using FTP access, because those websites have no server-side scripting. Later this was proved by an analysis of FTP log files. The malicious code injection in HTML pages (which is a simple insertion of <script> tag in

Read the full article →

How a Botnet Gets Its Name

by Shanmuga

"Because the security industry lacks a uniform way to title botnets, the result is sometimes a long list of names for the same botnet that are used by different antivirus vendors and that can be confusing to customers. As it stands now, the infamous Conficker is also known as Downup, Downadup and Kido. The Srizbi

Read the full article →

Find and Remove Zeus (Zbot) Banking Trojan

by Shanmuga

According to Trusteer a security company, “Zeus is the #1 botnet, with 3.6 million PCs infected in the US alone (i.e. approximately 1% of the PCs in the US)…Zeus is a financial malware. It infects consumer PCs, waits for them to log onto a list of targeted banks and financial institutions, and then steals their

Read the full article →

Microsoft sues scareware scammers

by Shanmuga

"Microsoft filed lawsuits against five companies Thursday, accusing them of using malicious advertisements to trick victims into installing software on their computers. The company is suing DirectAd Solutions, Soft Solutions, qiweroqw.com, ote2008.info and ITmeter, saying that these companies have used ads…

Read the full article →

Is your PC part of a Zombie Botnet? Check now!

by Shanmuga

Bots, Botnets and Botmaster A malicious bot short for a RoBOT or a zombie is a computer that allows someone other than the actual owner to gain complete control over itself. The attacker takes control of the target computer by infecting it with malicious code designed for the purpose. A virtual network of such compromised

Read the full article →

Defying Experts, Rogue Computer Code Still Lurks

by Shanmuga

"Like a ghost ship, a rogue software program that glided onto the Internet last November has confounded the efforts of top security experts to eradicate the program and trace its origins and purpose, exposing serious weaknesses in the world’s digital infrastructure.

Read the full article →

Phishers cut bait, slip on trojans instead

by Shanmuga

"Security researchers have noticed a decline in phishing e-mails so far in 2009, which some attribute to users getting savvier about bogus e-mails. This may just be one side of the story, though, as the bad guys are turning to trojans and other malware to accomplish the same ends.

Read the full article →

How Hackers Snatch Real-Time Security ID Numbers

by Shanmuga

"The world’s savviest hackers are on to the “real-time Web” and using it to devilish effect. The real-time Web is the fire hose of information coming from services like Twitter. The latest generation of Trojans — nasty little programs that hacking gangs use to burrow onto your computer — sends a Twitter-like stream of updates

Read the full article →

Botnets: 4 Reasons It’s Getting Harder to Find and Fight Them

by Shanmuga

"The perpetual proliferation of botnets is hardly surprising when one considers just how easy it is for the bad guys to hijack computers without tipping off the users. Botnets have long used a variety of configurations, in part to disguise their control mechanisms.

Read the full article →

Tim Berners-Lee admits to falling for online scam

by Shanmuga

"Berners-Lee, who is widely credited with inventing the web when working at the European Organisation for Nuclear Research (Cern) in the 1980s and early 1990s, told The Daily Telegraph that a site he visited to buy a Christmas present turned out to be a fake.

Read the full article →

Tenuous trail leads from GhostNet to hacker

by Shanmuga

"A telltale e-mail address in the GhostNet report led two researchers to the online home of a seemingly low-level Chinese hacker, according to an analysis posted on Thursday, but an author of the original report stressed that the cyber criminal is likely only related to a lesser piece of malware.

Read the full article →

Inside BBC’s Chimera botnet

by Shanmuga

"the controversial BBC purchase of a botnet and modifying the infected hosts in the name of “public interest” sparked a lot of debate on the pros and cons of their action. Condemned by certain security vendors, and naturally, at least from guerrilla PR perspective, applauded and encouraged as a awareness raising tactic by others, the

Read the full article →

Conficker and April 1st: Q and A

by Shanmuga

" Q: I heard something really bad is going to happen on the Internet on April 1st! Will it? A: No, not really. Q: Seriously, the Conficker worm is going to do something bad on April 1st, right? A: The Conficker aka Downadup worm is going to change it’s operation a bit, but that’s unlikely

Read the full article →

Conficker Removal Instructions and Tools

by Shanmuga

This week SANS Internet Storm Center updated their page on mitigating Conficker. They provide links to Conficker removal instructions from Microsoft, Kaspersky, BitDefender, TrendMicro and Sophos. Conficker removal tools from Microsoft MSRT, F-Secure, AhnLab, Symantec, McAfee, ESET, BitDefender, Kaspersky, Kaspersky and Sophos.

Read the full article →