Takashi Katsuki's blog

W32.Wergimog is a worm that attempts to spread through removable drives and opens a back door. When I looked into its variants, I found an interesting sample, which I named W32.Wergimog.B.

Symantec Security Response, along with some other security vendors, reported the discovery of the OSX.Flashback malware recently patched by Apple. Many people may be surprised to learn the infection volume is reported at over 600,000 computers.

With the recent discovery of Android.Adrd, I thought it was really interesting that a few security companies decided to bundle this threat with the same detection name as Android.Geinimi, even though Android.Adrd is unique in its own right. This is the first Trojan horse for Android whose purpose is search engine manipulation. In today’s blog, I will compare these two threats.

Last year I wrote a blog entry entitled The Fight Against Malicious PDFs Using the ASCII85Decode Filter, which is about a threat that uses the ASCII85Decode filter to hide itself.

Because PDF-related threats are on the increase in the wild, my colleagues and I have been focusing on the investigation into new ways to stop these threats. The majority of PDF-related exploits can be categorized into two areas.