D-Link adds captcha to routers

May 12, 2009 By 30 Comments

D-Link is adding captcha support to its line of home routers. While default password lists have been abundant for many years, it was only recently that we started seeing the them implemented in malware. Last year, zlob variants started logging into routers and changing their DNS settings. It’s an interesting situation since the people who need the captcha feature … Read the rest

Filed Under: news, security hacks, wireless hacks Tagged With: , , , , , ,

Bios level malware

March 23, 2009 By 83 Comments

bios

“Reformat it”. That’s pretty much our default answer when someone calls us complaining of malware and viruses. Though many can be removed, it can sometimes be quicker and less frustrating just to reformat it. Some of us even have specific ways that we organize all of our files just to make the quarterly reformat go smoother.  Unfortunately, reformatting may no … Read the rest

Filed Under: security hacks Tagged With: , ,

Parking violation leads to malware download

February 5, 2009 By 26 Comments

parking

It seems some enterprising individual in Grand Forks, North Dakota has been placing fake parking violations on cars. If the recipient visited the URL on the flyer, they would be told to install a toolbar to view pictures of their vehicle. That piece of malicious software would then attempt to install several more. The actual vehicle pictures were from … Read the rest

Filed Under: downloads hacks, news, security hacks Tagged With: , , , , ,

Malware posing as Change.gov

January 17, 2009 By 13 Comments

change

PandaLabs has identified a botnet running a malware campaign impersonating president-elect Obama’s website. The front page of the site features a sensational story titled “Barack Obama has refused to be a president”. Clicking the link will download the malware and make the target’s machine part of the botnet. They’re using fast-flux to assign the malicious domains to the massive … Read the rest

Filed Under: news, security hacks Tagged With: , , , , , , , , , ,

Dismantling the Storm Worm botnet

January 16, 2009 By 24 Comments

malware

Zero Day has an interview with German researchers who have found a way to take down the Storm Worm botnet. Their program, Stormfucker, takes advantage of flaws in Storm’s command network: Nodes that are NAT‘d only use a four-byte XOR challenge. Nodes that aren’t NAT’d are only using a trivial 64bit RSA signature. Their solution can clean … Read the rest

Filed Under: news, security hacks Tagged With: , , , , , , , , , , ,

Interview with an adware author

January 14, 2009 By 40 Comments

toolbars2

Philosecurity has an interview with [Matt Knox], a former coder for Direct Revenue, an adware company which was sued in 2006 by New York governor Eliot Spitzer. The interview contains some interesting details of how the adware code worked internally: it created a Browser Helper Object, then ensured that the Browser Helper Object stayed up by creating a poller … Read the rest

Filed Under: downloads hacks, misc hacks, security hacks Tagged With: , , , ,

The Malware Challenge

January 3, 2009 By 15 Comments

malware

Our own [Anthony Lineberry] has written up his experience participating in the 2008 Malware Challenge as part of his work for Flexilis. The contest involved taking a piece of provided malware, doing a thorough analysis of its behavior, and reporting the results. This wasn’t just to test the chops of the researchers, but also to demonstrate to network/system administrators how … Read the rest

Filed Under: news, security hacks Tagged With: , , , , , , , , , ,
« Older Posts
Newer Posts »