Archives
Author Archive
for: ‘’

Madi is back – New Tricks and a New Command&Control Server

Last night, we received a new version of the #Madi malware, which we previously covered in our blog.Following the shutdown of the Madi command and control domains last week, we thought the operation is now dead. Looks like we were wrong.The new version…

Read More

New Spam campaign on Twitter Leads to Rogue AV

Early today, Kaspersky Lab discovered a new ongoing spam campaign on Twitter. hundreds of compromised accounts are currently spamming malicious links, hosted on .TK and .tw1.su domains, leading to Rogue Anti Virus softwares.Here is an analysis of the i…

Read More

Facebook profile: No, it doesn’t work!

We are currently investigating a new malicious campaign on Facebook mostly targeting French-speaking users. When visiting infected users’ profiles, you see the following:Translation: Wow, it really works! Find out who is viewing your profile!The …

Read More

Mac Protector: Register your copy now! Part 2

A few days ago I published a blog post regarding the reverse engineering of the Mac OSX Rogue AV registration routine. The goal was to see if the product was acting like a legitimate one once registered. The product behaved normally, and pretended to c…

Read More

Mac Protector: Register your copy now!

My colleagues Fabio Assolini and Vicente Diaz wrote two blog posts recently regarding the Rogue AVs for MAC OSX. After executing it on a test machine, and playing with it, I noticed there was some hidden information in the About Window as can be seen b…

Read More

Ransomware: GPCode strikes back

Back in November 2010, we wrote a blog post about a new variant of the Gpcode Ransomware.Kaspersky lab discovered a new variant today, in the form of an obfuscated executable. Please review the technical details for further information. The threat was…

Read More

Japan Quake Spam leads to Malware Part 3

Last week, we published a blog post regarding the ongoing spam campaign using the recent earthquake in Japan to infect users. This is a follow up blog describing the exploits used. According to our analysis, it seems that the malicious links from the s…

Read More

Japan Quake Spam leads to Malware

Kaspersky Lab has detected a malicious spam campaign using the recent earthquake in Japan to infect users. These emails contain malicious URLs:

Read More

Spam Campaign on Twitter Leads to Adware

Kaspersky Lab recently discovered a new ongoing spam campaign on Twitter. A Twitter account is actively sending tweets to random people with links to a video. Here’s one of the messages:

Read More
Page 1 of 212»

Gaming