Quantcast
Channel: F-Secure Antivirus Research Weblog
Browsing all 562 articles
Browse latest View live
↧

Image may be NSFW.
Clik here to view.

FBI: Operation Ghost Click

A US court has indicted seven men (6 Estonians and 1 Russian) as part of the US Federal Bureau of Investigation's Operation Ghost Click. Estonian authorities have made 6 arrests, the Russian defendant...

View Article


Image may be NSFW.
Clik here to view.

Malware Signed With a Governmental Signing Key

Certificates and CAs continue to be a hot topic (think Stuxnet, Duqu, Comodogate, Diginotar, et cetera).Every now and then we run into malware that has been signed with a code signing certificate....

View Article


Image may be NSFW.
Clik here to view.

Another Cousin of Spitmo: SymbOS/ConBot

Analysts on our Threat Research team recently discovered OpFake, a premium rate SMS trojan that shares code with Spitmo. And this week, our automation flagged a new sample. The guys have completed...

View Article

Image may be NSFW.
Clik here to view.

Duqu: Questions and Answers

Due to its complexity, case Duqu is challenging to understand. Here are some questions and answers that we hope will help.Q: What is Duqu?A: Because of the news and ongoing developments surrounding...

View Article

Image may be NSFW.
Clik here to view.

Backdoor:OSX/Tsunami.A

Our description for Backdoor:OSX/Tsunami.A is now online. Tsunami is a Mac OS X backdoor with bot functionality.The bot is capable of participating in DDoS attacks, and in fact, one variant attempts...

View Article


Image may be NSFW.
Clik here to view.

Trojan:SymbOS/OpFake.A

Here's the technical analysis related to yesterday's post on Trojan:SymbOS/OpFake.A.OpFake.A arrives as a supposed Opera Mini updater using file names such as OperaUpdater.sisx and Update6.1.sisx. The...

View Article

OpFake: Premium Rate SMS Trojan That Shares Code w/ Spitmo

One of the more interesting cases we've analyzed this year is Spitmo, short for SpyEye in the mobile.When some versions of SpyEye, an infamous banking trojan, encounter mTANs, a mobile-based defense...

View Article

Image may be NSFW.
Clik here to view.

Laptop Stickers 2011/2012

Time for another Laptop Stickers contest! See here, here, here, here, here and here (lots o' links) for past examples.We started collecting suggestions on our F-Secure Community pages and from Twitter...

View Article


Image may be NSFW.
Clik here to view.

Duqu Attack's Installer Discovered

Hungarian security firm CrySyS Lab has located the installer for Duqu, which is now well known for its connection to the infamous Stuxnet. The installer arrived via e-mail as a document which then...

View Article


Image may be NSFW.
Clik here to view.

Backdoor:OSX/DevilRobber.A

We recently analyzed DevilRobber.A, a Mac OS X malware that has both backdoor and trojan-like capabilities. All the samples we've collected so far were from torrents uploaded by a single user account...

View Article

Image may be NSFW.
Clik here to view.

DevilRobber Gets An Updated Version

We found an updated version of Backdoor:OSX/DevilRobber, which we posted about earlier.The updated version uses the same technique as its predecessor to disguise itself as a legitimate application,...

View Article

Image may be NSFW.
Clik here to view.

Busy, Busy "Anonymous"

The Internet Collective known as Anonymous had a busy "Guy Fawkes Weekend".Here are a few highlights on their recent activities.Mexico: OpCartel is nixed. Anonymous claims the Zetas, a very dangerous...

View Article

Image may be NSFW.
Clik here to view.

Running Windows Server 2008? Patch.

This month's Microsoft Updates includes an interesting vulnerability:Microsoft Security Bulletin MS11-083"This security update resolves a privately reported vulnerability in Microsoft Windows. The...

View Article


Image may be NSFW.
Clik here to view.

DroidKungFu Utilizes an Update Attack

We did a quick post yesterday about a DroidKungfu sample that appeared to use a novel infection vector.Now, as promised, more technical details.The application we've been analyzing is called...

View Article

Image may be NSFW.
Clik here to view.

Happy Thanksgiving, "Alpha Geeks"

Yesterday, CIO's Constantine von Hoffman published a post titled "IT Security News Sources to be Thankful for" and we would like to thank him for a very amusing shout-out.Constantine, we wish your son...

View Article


Image may be NSFW.
Clik here to view.

Mikko @ TEDxBrussels

Mikko presented at TEDxBrussels this week.A video is available here:Additional videos and interviews are available on our YouTube channel. On 25/11/11 At 10:51 AM

View Article

Image may be NSFW.
Clik here to view.

FP's Top 100 Global Thinkers

Foreign Policy magazine annually publishes a list of "Top 100 Global Thinkers". In previous years, people such as Carl Bildt, Angela Merkel, Liu Xiaobo, and Tarja Halonen have been on the list.The...

View Article


Image may be NSFW.
Clik here to view.

Laptop Stickers 2011/2012

There's only a couple of more days to submit a suggestion to our Community's Laptop Sticker Contest.Here's some of the suggestions we've received via Twitter.You have until Monday to contribute. If...

View Article

Image may be NSFW.
Clik here to view.

Q&A with @mikko and @FSLabsAdvisor (Sean)

F-Secure's Community Manager, Ania, asked Mikko and I to take part in a Q&A week. And so, this week, from December 5th to the 9th, we'll be answering questions in our Community forums.Disclaimer:...

View Article

Image may be NSFW.
Clik here to view.

Trade Fair... For Trojans

Trojans, backdoors, keyloggers and eavesdropping is used by online criminals. The same techniques are also used by governments. Some government do this to spy on their own people or to find...

View Article
Browsing all 562 articles
Browse latest View live