Mobile Bot "Perkele Lite" [Android Only]
Here's some evidence of Android malware commoditization — an ad for "Perkele Lite"— a kit to generate trojans which catch and forward SMS messages. Quite useful in cracking two factor...
View ArticleMobile Threat Report Q4 2012
Our Mobile Threat Report Q4 2012 was published yesterday.The Mobile Threat Reportis a Product of F-Secure Labs.No team outside of F-Secure Labs reviewed its content prior to publication… other than a...
View ArticleGoogle Play: Potentially Unwanted
Google Play has a problem — and it isn't malware.Depending on location, Potentially Unwanted Applications (PUA) can be rather difficult to avoid.Here's a screenshot of User Reviews from a "weather...
View ArticleExploit Kit Distribution in the Wild
Have you ever wondered which exploit kits are the most prevalent?We have been tracking several exploit kits that we have identified these past few months and it's interesting to see which gets the...
View ArticleYou only click twice
Once again, The Citizen Lab at the University of Toronto delivers impressive research into surveillance done with trojans and backdoors. They have today released a report called You Only Click Twice:...
View ArticleFlash Exploit Targets Uyghur Website
It seems that attacks against Uyghur haven't stopped. We have recently encountered a compromised Uyghur website that renders a malicious flash exploiting the CVE-2013-0634 vulnerability.The flash file...
View ArticleAbout the Security Content of OS X Mountain Lion v10.8.3
Apple has released update v10.8.3 for OS X Mountain Lion. And as always, it's interesting to read about the security content.The details about CoreTypes: CVE-2013-0967 really caught our...
View ArticleApple Security: "Safe" Files
Things that Apple's OS X 10.8.3 update patched — which may allow for arbitrary code execution — that are also on "safe" file type list used by Mac browsers: ImageIO (picture); IOAcceleratorFamily...
View ArticleWeev Gets 41 Months
The rather pathetic story of Andrew Auernheimer, a.k.a. Weev, took another step yesterday when the unrepentant Internet troll was sentenced to 41 months in (U.S.) prison for one count of identity...
View ArticleMalware World Map, ASCII Edition
A member of our Lab Development team — Jyrki — has given our malware world map a facelift.ASCII interface, Linux distro, boots from USB drive.Cool. On 20/03/13 At 01:21 PM
View ArticleHackathon Malaysia 2013
Are you ready for 24 hours of coding madness?Do you have what it takes to develop a killer app in 24 hours? Do you love innovation, coding and having fun altogether?If you do, here's your chance to...
View ArticleOnline World
The real world isnÂ’t like the online world.In the real world, you only have to worry about the criminals who live in your city. But in the online world, you have to worry about criminals who could be...
View ArticleSouth Korean Wipers and Spear Phishing E-mails
News broke last week of a "wiper" malware that affected South Korean banks and broadcasting companies. NSHC Red Alert Team has published a detailed analysis of the malware here. There were several...
View ArticleHow much difference can an ISP make over an outbreak?
F-Secure works extensively with ISPs and operators. We were assisting several large operators last year during the remediation of the DNSChanger malware.There was an interesting study recently done by...
View ArticleWhois behind South Korean wiper attacks?
Last week, when "wiper" malware hit South Korean companies, the website of LG Uplus was reportedly defaced as well.From The Register:Due to the proximity of the incidents, the "Whois Team" is being...
View ArticleFacebook removes a privacy control, surprised?
On March 27th, Joey Tyson, a privacy and security engineer at Facebook, asked:In general, I think many people tend to trust Google more than Facebook. Any thoughts from my followers on why that might...
View ArticleFacebook Claims it's a "Bug"
Yesterday's post noted the disappearance of Facebook's option to clear searches.Late last night, I spoke with Zach Miners, of IDG News Service. He investigated the situation and was told by...
View ArticleOS MAX:Flashback
One year ago, Apple released a software update to combat Mac malware called Flashback.And the question has been: who wrote the Flashback OS X worm?Today, investigative security blogger extraordinaire...
View ArticleCutwail Spam Botnet Targeting Android Users
Brett Stone-Gross of Dell SecureWorks has excellent analysis of Android malware being distributed via the Cutwail spam botnet.Here's the conclusion:"The distribution of the Stels trojan through a spam...
View ArticleTrojan:Android/Pincer.A
Protip: don't install an Android application package file if it's named "Certificate.apk".It's not legit (obviously).Trojan:Android/Pincer.A is able to forward SMS messages and perform other actions...
View Article