FBI: Operation Ghost Click
A US court has indicted seven men (6 Estonians and 1 Russian) as part of the US Federal Bureau of Investigation's Operation Ghost Click. Estonian authorities have made 6 arrests, the Russian defendant...
View ArticleMalware Signed With a Governmental Signing Key
Certificates and CAs continue to be a hot topic (think Stuxnet, Duqu, Comodogate, Diginotar, et cetera).Every now and then we run into malware that has been signed with a code signing certificate....
View ArticleAnother Cousin of Spitmo: SymbOS/ConBot
Analysts on our Threat Research team recently discovered OpFake, a premium rate SMS trojan that shares code with Spitmo. And this week, our automation flagged a new sample. The guys have completed...
View ArticleDuqu: Questions and Answers
Due to its complexity, case Duqu is challenging to understand. Here are some questions and answers that we hope will help.Q: What is Duqu?A: Because of the news and ongoing developments surrounding...
View ArticleBackdoor:OSX/Tsunami.A
Our description for Backdoor:OSX/Tsunami.A is now online. Tsunami is a Mac OS X backdoor with bot functionality.The bot is capable of participating in DDoS attacks, and in fact, one variant attempts...
View ArticleTrojan:SymbOS/OpFake.A
Here's the technical analysis related to yesterday's post on Trojan:SymbOS/OpFake.A.OpFake.A arrives as a supposed Opera Mini updater using file names such as OperaUpdater.sisx and Update6.1.sisx. The...
View ArticleOpFake: Premium Rate SMS Trojan That Shares Code w/ Spitmo
One of the more interesting cases we've analyzed this year is Spitmo, short for SpyEye in the mobile.When some versions of SpyEye, an infamous banking trojan, encounter mTANs, a mobile-based defense...
View ArticleLaptop Stickers 2011/2012
Time for another Laptop Stickers contest! See here, here, here, here, here and here (lots o' links) for past examples.We started collecting suggestions on our F-Secure Community pages and from Twitter...
View ArticleDuqu Attack's Installer Discovered
Hungarian security firm CrySyS Lab has located the installer for Duqu, which is now well known for its connection to the infamous Stuxnet. The installer arrived via e-mail as a document which then...
View ArticleBackdoor:OSX/DevilRobber.A
We recently analyzed DevilRobber.A, a Mac OS X malware that has both backdoor and trojan-like capabilities. All the samples we've collected so far were from torrents uploaded by a single user account...
View ArticleDevilRobber Gets An Updated Version
We found an updated version of Backdoor:OSX/DevilRobber, which we posted about earlier.The updated version uses the same technique as its predecessor to disguise itself as a legitimate application,...
View ArticleBusy, Busy "Anonymous"
The Internet Collective known as Anonymous had a busy "Guy Fawkes Weekend".Here are a few highlights on their recent activities.Mexico: OpCartel is nixed. Anonymous claims the Zetas, a very dangerous...
View ArticleRunning Windows Server 2008? Patch.
This month's Microsoft Updates includes an interesting vulnerability:Microsoft Security Bulletin MS11-083"This security update resolves a privately reported vulnerability in Microsoft Windows. The...
View ArticleDroidKungFu Utilizes an Update Attack
We did a quick post yesterday about a DroidKungfu sample that appeared to use a novel infection vector.Now, as promised, more technical details.The application we've been analyzing is called...
View ArticleHappy Thanksgiving, "Alpha Geeks"
Yesterday, CIO's Constantine von Hoffman published a post titled "IT Security News Sources to be Thankful for" and we would like to thank him for a very amusing shout-out.Constantine, we wish your son...
View ArticleMikko @ TEDxBrussels
Mikko presented at TEDxBrussels this week.A video is available here:Additional videos and interviews are available on our YouTube channel. On 25/11/11 At 10:51 AM
View ArticleFP's Top 100 Global Thinkers
Foreign Policy magazine annually publishes a list of "Top 100 Global Thinkers". In previous years, people such as Carl Bildt, Angela Merkel, Liu Xiaobo, and Tarja Halonen have been on the list.The...
View ArticleLaptop Stickers 2011/2012
There's only a couple of more days to submit a suggestion to our Community's Laptop Sticker Contest.Here's some of the suggestions we've received via Twitter.You have until Monday to contribute. If...
View ArticleQ&A with @mikko and @FSLabsAdvisor (Sean)
F-Secure's Community Manager, Ania, asked Mikko and I to take part in a Q&A week. And so, this week, from December 5th to the 9th, we'll be answering questions in our Community forums.Disclaimer:...
View ArticleTrade Fair... For Trojans
Trojans, backdoors, keyloggers and eavesdropping is used by online criminals. The same techniques are also used by governments. Some government do this to spy on their own people or to find...
View Article