zveloLABS™ have been tracking a new campaign by cybercrooks, compromising and creating websites for use in SEO poisoning and malware distribution. Thousands of these sites have been detected which use elaborate techniques to trick search engines and are ready to serve malware in an instant.
Malvertising (malicious advertising) typically exploits a vulnerability in a software program and recent variants do not require any user interaction to infect the user’s machine. Infections can include browser redirects to malicious sites, ransomware, bot creation, Trojans and more. Malicious software affects users, advertisers and publishers.
This post is for those users who are not already familiar with this widespread and common threat known as “Rogue AV,” or fake antivirus software.
zveloLABS™ has uncovered thousands of compromised web servers hosting fake YouTube pages. Attempting to play the video on these fake pages prompts the user to install a ‘media codec’ which then infects the machine with malware.
zveloLABS™ is warning customers today of a new email scam circulating very quickly. These fraudulent emails claim to be from Google Staffing, Hallmark, Twitter as well as other social networks and legitimate businesses.
Today, the Boeing 787 Dreamliner jet completed its much awaited first flight. As users searched to find videos and news articles related to the story, blackhats quickly moved in for yet another attack against Google search results.
The Koobface gang has struck again using compromised web servers to deliver a potent mix of malware. zveloLABS™ researchers have found hundreds of newly exploited sites hosting malware which includes downloaders, keyloggers and multiple variants of the Koobface worm.
Tuesday was another full day of malware analysis. The coursework, hosted by Mandiant, consisted of an introduction to OllyDbg, an in-depth look at the Windows loader and the Windows API, specifically covering registry functions, process/threading functions, and sockets.
On Monday, I took a killer crash course from Mandiant on malware analysis. Mandiant was not shy and dove right into the course curriculum. They even setup a great VM for us to practice on, complete with real world samples of malware.