Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Malware

SaveKeeper Analysis and Removal

by Shanmuga

The Savekeeper is one among the latest of the family of rogue security applications. I have observed this scareware being downloaded and prompted to install by the Fake Windows Security Center rogue. This needs to be manually installed. This also installs a bunch of random named exe, dll, bin, cpl and ocx files in the […]

Read the full article →

Safety Center Analysis and Removal

by Shanmuga

Safety Center…a rogue security software, mimics Windows Security Center and tries to passes itself as a legitimate security suite. In addition to the various popups it also uses fake voice alerts and desktop hijack to scare the user to buy the bogus application. It uses a combination of animated images which gives the impression of […]

Read the full article →

Compromised Computers Host an Average of 3 Malware Families

by Shanmuga

"According to security company ESET, the average compromised machine is home to 13 infected files as well as malicious programs from three different malware families. ESET based its findings on scans of more than a half-million PCs using the free online scanner on the company’s Website. In their own way, the results may demonstrate the […]

Read the full article →

Is your PC part of a Zombie Botnet? Check now!

by Shanmuga

Bots, Botnets and Botmaster A malicious bot short for a RoBOT or a zombie is a computer that allows someone other than the actual owner to gain complete control over itself. The attacker takes control of the target computer by infecting it with malicious code designed for the purpose. A virtual network of such compromised […]

Read the full article →

Phishers cut bait, slip on trojans instead

by Shanmuga

"Security researchers have noticed a decline in phishing e-mails so far in 2009, which some attribute to users getting savvier about bogus e-mails. This may just be one side of the story, though, as the bad guys are turning to trojans and other malware to accomplish the same ends.

Read the full article →

Malware Writers: Will That Be OS X, or W?

by Shanmuga

"Trend Micro researcher Ivan Macalintal recently found a new variant of the dreaded DNS changer Trojan that checks to see which operating system the visitor’s Web browser appears to be riding on, and then offers the appropriate Windows- or Mac-based installer. The malware was masquerading as a pirated version of Foxit Reader and several anti-virus […]

Read the full article →

Security holes, malware spike in 2008

by Shanmuga

"If you worry that the Internet is a scary place full of digital pickpockets and online identity thieves, your fears will be bolstered by the latest Symantec Internet Security Threat Report released Tuesday. The report finds huge increases in the number of security holes in software and the number of Internet threats, particularly attacks in […]

Read the full article →

Do I own my machine?

by Shanmuga

"The built-in Webcam light is on. It shouldn’t be on. I’m not using any recording, video-conferencing or photo applications. Why is it on? Is someone watching me? It’s at times like this I get the eerie feeling that I don’t actually, fully and completely own my machine. Turns out it was a driver problem, all […]

Read the full article →

Vast Spy System Loots Computers in 103 Countries

by Shanmuga

"…The malware is remarkable both for its sweep — in computer jargon, it has not been merely “phishing” for random consumers’ information, but “whaling” for particular important targets — and for its Big Brother-style capacities. It can, for example, turn on the camera and audio-recording functions of an infected computer, enabling monitors to see and […]

Read the full article →

Malware Is Getting Formidable, but So Are Your Defenses

by Shanmuga

"…You can think of Conficker as being the state of the art in conventional malware. It not only uses an important vulnerability, but it’s a sophisticated blended attack, using a wide variety of mechanisms to spread: pseudo-random domains, dictionary attacks on weakly-protected network shares, USB drives and more. You can admire the work that went […]

Read the full article →

The lifecycle of a trojan horse

by Shanmuga

carrumba over at Megapanzer gives a good overview of the lifecycle of a trojan horse, he writes "What a trojan horse needs first are its configuration settings. The information it knows what to do once it is executed on the target system. At this point we have to know the trojan horse is divided into […]

Read the full article →

Google developer site being used to distribute malware

by Shanmuga

"Google’s free code-hosting Web site for developers is being used to distribute malware, a security researcher said on Friday. Google Code is a place where programmers can host projects and code.

Read the full article →

VirusTrigger Analysis and Removal

by Shanmuga

VirusTrigger is a new entrant to the ever growing family of rogue security software products. A clone of the rouge Antivirus Lab, the software and their Website is very professional in design and uses a variety of aggressive scare messages about non-existent malware infections.

Read the full article →

WinDefender 2009 Analysis and Removal

by Shanmuga

WinDefender 2009 is one of the recent rogue security software. A variant of the rogue IE Defender and Total Secure it deceptively looks similar to Windows Defender, a legitimate Microsoft anti-malware program. A rogue security software belongs to a family of software products that call themselves as antivirus, antispyware or registry cleaners and often use […]

Read the full article →

Malware Detection Goes Hybrid

by Shanmuga

"What do we do about malware? The long term solution, at least for managed networks like enterprises, may be whitelisting. But in the meantime we’re still drowning in new variants every day. In the 2009 generation of their products Symantec is trying a new approach: file reputation.

Read the full article →

Microsoft Security Intelligence Report Volume 5 released

by Shanmuga

The half-yearly Microsoft Security Intelligence Report provides an analysis of data collected by Windows Malicious Software Removal Tool and other Microsoft security products. It provides trends in software vulnerability disclosures, E-Mail Threats, Spam and Phishing and malicious and potentially unwanted software. Some of the interesting trends noticed in Malicious and Potentially Unwanted Software are: In […]

Read the full article →

New Malware Family Took Off in October

by Shanmuga

"According to Sunbelt Software’s monthly listing of the most ubiquitous malware and spyware attacks, an entirely new family of threats emerged rapidly during October.

Read the full article →

Get Free Anti-virus and Free Anti-spyware!

by Shanmuga

Norton Security Scan is a free antivirus tool provided by Symantec, the makers of Norton Anti Virus line of software products. Norton Security Scan provides on-demand scanning (must be manually run) and removal or repair of Viruses, Trojan horses and Hack tools like keyloggers, etc.

Read the full article →

Spyware then and now

by Shanmuga

Google brought back its oldest available index from the year 2001 on the occasion of its 10th birthday. It brought back certain nostalgic memories…I was into my second PC, a Compaq. That was the year I first got the internet connection at home through a 56kbps dial-up connection and that was the year I truly […]

Read the full article →

XP/Vista Antivirus 2008 Analysis and Removal

by Shanmuga

This rogue anti-malware application mostly installs via encoded re-directs from hacked web pages. When you happen to visit a hacked web page on a otherwise legitimate website your browser is automatically redirected to a rogue ware hosting website which shows a popup with a the text “Your computer is running slower than normal, maybe it […]

Read the full article →

McAfee’s Artemis Putting Malware Signatures in the Cloud

by Shanmuga

"Essentially the idea is to offload some malware checks to an online database. When the software detects a program or file as being suspicious, probably through behavior checks, it takes some form of hash of the files involved and submits it in a database query to their most updated malware database. If a hit is […]

Read the full article →

Celebrity Malicious Spam Analysis and Removal

by Shanmuga

Recently my inbox was filled with spam containing subject lines "Re: Offical Update 2008" and number of catchy celebrity themed storm worm lines… I opened one of the spam mail with the paris hilton subject line and clicked on the single link which promised to let me view a previously unseen video of the celebrity.

Read the full article →

Researchers Build Malicious Facebook Application

by Shanmuga

"The researchers developed an application called "Photo of the Day," which serves up a new National Geographic photo daily. But in the background, every time the application is clicked, it sends a 600 K-byte HTTP request for images to a victim’s Web site.

Read the full article →