Video Screencast Help
Search Video Help Close Back
to help
New in the Rewards Catalog: Vouchers for "Symantec Technical Specialist" and "Symantec Certified Specialist" exams.

Security Response

Showing posts tagged with 10.x remove filter
Cloning for Profit
Rajesh Nikam | 21 Jul 2009 | 0 comments

Misleading Applications report false information of the presence of security risks, threats or system issues on a target computer. We see a flood of such applications that fix supposed system anomalies and some of them are marketed through affiliates. Affiliate marketing makes such products a more lucrative business as some of these products are sharing up to 75% of their profits.

My day started with the analysis of an application from registry-doktor.com. I downloaded the application from the site on a clean computer, basically a fresh installation. On completion of the scan, Registry Doktor 2009 flagged a report with hundreds of problems found on my computer. To fix the reported problems user needs to purchase the product!

imagebrowser image

...

Read more
Koobface Turns the Other Cheek
Hon Lau | 15 Jul 2009 | 0 comments

This is now getting a bit tedious but the Twitter and Koobface bandwagon just keeps on tumbling down the slippery slopes. Today there are many reports of yet another variant of Koobface doing the rounds through Twitter. The tweets doing the rounds contain the following messages:

  • My home video :)
  • Watch my new private video! LOL :)
  • michaeljackson' testament on youtube

I had a look for some of the hacked twitter accounts myself and found a few unfortunate souls whose accounts have been hijacked to spread this malware. Here's one example I have found below. Some of the TinyURLs are pointing to the AdultFriendFinder Web site; the one below is not responding but appears to be active.

imagebrowser image

Other URLs are directing users to a fake video Web site that contains the usual Codec-type social...

Read more
Could Sexy Space be the Birth of the SMS Botnet?
Irfan Asrar | 13 Jul 2009 | 0 comments

Experts predicted that there would be a rise in the number of mobile threats in 2009 and it seems the creators of SymbOS.Exy.A and SymbOS.Exy.B are out to prove the predication right. They have resurfaced again with yet another signed Symbian malware, SymbOS.Exy.C.

New Certificate

imagebrowser image

Previous certificates used with SymbOS.Exy.A/B

imagebrowser image...

Read more
Ahnatha Ackannta!
Hon Lau | 10 Jul 2009 | 0 comments

Not content to let the Dozer and Koobface guys have all the fun, the Ackannta crew has unleashed another new variant on the unsuspecting masses. Today we saw in our spam traps a new variant of Ackannta that we have added detection for as W32.Ackannta.G@mm. Ackannta is a family of mass-mailing worm that also copies itself to removable drives. It has been noted to use well-known brand names and big news items (such as the recent Michael Jackson story) in email campaigns in the past in order to trick users into opening it.

At this time we are seeing this worm being sent out through emails in low numbers. The emails have the following characteristics:

Subject:
 Jessica would like to be your friend on hi5!

Body:
 The email body is written in HTML and is a poorly made copy of the...

Read more
Let the Celebration Come to an End
Joji Hamada | 05 Jul 2009 | 0 comments

It's Independence Day weekend in the United States and many folks are out at picnics, barbeques, and catching firework shows. However, some of us here in the security industry missed out on these events due a new exploit for a zero-day vulnerability in Microsoft's Video Streaming ActiveX control that we discovered in the wild right before the weekend started.

The exploit uses a specially crafted JavaScript file, along with a data file, to take advantage of a vulnerability in the IMPEG2TuneRequest DirectX object interface located in the Msvidctl.dll file. When a user visits a malicious website hosting these files, the vulnerability allows remote code execution and malicious files are downloaded.

Windows XP users with Internet Explorer 6 and 7 are in danger, but those with Internet Explorer 8 installed are not vulnerable. Preliminary testing shows that computers running Windows Vista are not affected by the attack....

Read more

Technical Support

Symantec.com

Store

Community Stats

Total Content Items
Members
258,893