Trend Micro threat analysts were alerted to another mass compromise attack affecting around 55,000 consumer-oriented sites spread throughout Canada, China, the United Kingdom, and India as of the first report.
This incident is a painful reminder of the persisting risk of unprotected Web-surfing. In this particular case, the malicious scripts injected in the legitimate sites [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

BKDR_REFPRON in New Mass Compromise

Malware: TROJ_SPAYKE.C

We’d like to remind you that another Outpost Story competition announced in our regular newsletter is soon coming to an end. We’re closing down the text form on September 1.

You still have a chance to win one of the prizes by telling us how Outpost 6.7 dealt with security issues on Windows 7 RC. No matter how short or long your story is, just follow a few simple rules:

• the story should be in English
• the story should be based on real experience with Outpost 6.7
• you are welcome to report the difficulties with Outpost 6.7 but just as part of the story, not in a “wanna-submit-a-bug” manner
• no libel or bad language please!

To give you a taster of possible texts, we publish two excerpts from our users’ stories below:

- Our user from the US:

I have been using Windows 7 RC 64-bit for about 4 months now and needed a firewall suite that would be compatible for this system. I work for a cable company and the software suite that they provide is not compatible for Windows 7 RC 64-bit. I looked at the reviews on almost every security site that was out there. I have a Associates in IT Networking/Security Management and seeing the reviews, I decided to try Outpost Security Pro 2009. I installed it without a hitch and started to play around and was amazed at the protection that it provided. I used several 3rd party security check sites and they all returned with great results.

I have used several different Firewall suites and by far this one has had the best tech support and software. I would HIGHLY recommend this to anyone that is running Windows 7 RC 64 bit.

- Our user from Finland:

For a long time in my life, I didn’t care about having any protection software on my computer. All the software I tried just didn’t seem to do anything. One day a good friend of mine proposed the Outpost Security Suite Pro, which I wasn’t sure that I’d like or if it would even work at all. I had recently started using the new Windows 7 RC, so I was ready for some problems. Nevertheless, I decided to give the software a try. To my surprise it installed without any problems and after looking around in the options I fell in love with it.

The software gave me excellent control over programs and how they connected to the internet. I didn’t even know some of the programs were calling “home”. This already made me feel so much safer and all the programs that required internet access worked as smoothly as they would have without any protection. Unlike before, I now had full control over the software on my computer. Everything was working as smooth as before, no; in fact, it was working smoother than before as I now had total control over my whole system.

By the way, the American customer reported an issue in Entertainment mode that we addressed immediately

Looking forward to your emails! Submit them here.

Pavel Goryakin, Agnitum

SaveDefense started its malicious actions right after another rogue anti-malware TrustNinja had appeared on the Web. SaveDefense poses to be a reputable security application which is guaranteed to detect and delete all the different malware, for example Trojans, worms or other, found in the system. The rogue tries to scare the user that all these [...]

Grayware: TSPY_EBOD.A

Safety Center is a fake security suite, which supposedly contains a spyware remover, a privacy protector, a firewall, etc., when in fact all of it is no more than a scam. This parasite is an ordinary rogue: it usually enters the system by employing the use of various trojans, such as Vundo, and tricks users [...]

Before the August 28 official release of Apple’s OS X Snow Leopard, cybercriminals are already hitchhiking on this to proliferate their malicious activities. Earlier today, Advanced Threat Researcher Feike Hacquebord discovered several fake sites that supposedly give Mac users free copies of the newest version of the Mac OS, Snow Leopard. However, accessing these [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Bogus Snow Leopard Update Sites Lead to DNS Changers

Green AV is a rogue anti-virus program - a clone of the fake virus remover Green Antivirus (Green Antivirus 2009). This parasite typically relies on trojan Vundo to enter the system, but can also be downloaded and installed manually. Green AV is no different than any other rogue in the sense that it uses misleading [...]

Dream Media Player is a fake media player, which uses disinformation to trick users into paying for videos that are otherwise free. You might encounter Dream Media Player while watching videos (mostly porn) online or it may come bundled with video torrents. This fake player will display a popup, which claims that there is no [...]

This malware is detected by eTrust Antivirus solutions. Please see above for the relevant signature updates. This malware is being dissected by the CA Security Advisory Team - a detailed analysis will be available shortly.