The clampi virus is in the news in a couple places today. Surprisingly it’s in Symantec’s virus database since January and rated as a low risk. However, the sole purpose of this trojan is to monitor your Windows based computer for connections to more than 4500 different financial related sites and log any usernames and […]
These stories come up from time to time. A free giveaway of some sort and it turns out that there’s spyware or a virus embedded, company gives a big “whoops” and fixes things by replacing them…. McDonalds had a promotion going where up to 10,000 people could win a flash based mp3 player they also […]
Just catching up on the days VML vulnerability news from today…. It looks as though… the exploit is now MUCH more widespread this blog has some video of an infection, what’s notable is that the first take was VERY UNEVENTFUL, it was used to stealthily install a keylogger. (So that they can harvest paypal/bank/etc. passwords…) […]
Can I say enough times that after a bad trojan infestation you should format and reinstall? I’ve cleaned up the infested image that I “sacrificed” to the WMF exploit and as I’ve said you’re pestware install will likely be somewhat different. An exploit is just the road, the spyware and viruses are the cars. Once […]
The securityfix is reporting on a new worm that exploits an older Windows vulnerability. The worm is called dasher and is in at least it’s second iteration. Sans noticed an odd increase in port 1025 scans on the tenth of the month which was early activity of this worm. It looks like the first version […]
OK – for starters, the keylogger that sunbelt talks about here is a legitimate piece of software for sale. Like anything though it could have illegit uses. Apparently retrocoder is upset that Sunbelt’s software detects spymon and gives the option of disabling it. Spymon is a commercial keylogger. They’ve claimed that it’s against their EULA […]
Sunbelt has found another keylogger in the dumaru family and has updated their free tool to scan for it and clean it up. This is the same family of trojans/keyloggers that contributed to the large ID theft discovery they made earlier in the month. Send article as PDF
Sunbeltblog has another entry in the continuing story. Really, there is not much new here, but iDefense has analyzed the code of the trojan that was discovered and have stated that it is not related to CoolWebSearch. (Which is what sunbeltblog has been saying for some time.) They initially said it was discovered during a […]
There another two fascinating posts in the saga of the massive identity theft that was reported in the Sunbelt blog. For starters they detail the beast here. It sounds truly devious, MAY still be related to coolwebsearch after all. It turns off Windows firewall and runs through Internet Explorer (thereby bypassing any other software firewall.) […]
Sunbeltblog has another update related to their earlier story about the massive identity theft ring. In this story they make clear that the keylogger was NOT directly related to coolwebsearch. It was apparently seperate and independant it was discovered during a coolwebsearch infestation, but appears unrelated. Send article as PDF
Bookmark this site now by pressing Ctrl+D
