Security researchers recently unveiled findings about malware that came preinstalled on a Vodafone mobile phone handset. Its memory card was also believed to carry malware. A leading mobile telecommunication company, Vodafone, has been taking the heat for packing malware straight out of the box on their HTC Magic Android smartphones. The recipient of one of [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Malware Gets Smart with Vodafone Smartphone

Researchers from Microsoft recently unearthed exploits targeting the CVE-2010-0188 vulnerability.
On February 16, Adobe released a security advisory describing a vulnerability in Adobe Reader and Acrobat 8.X and 9.X. Once the vulnerability is exploited, attackers gain the capability to perform denial-of-service (DoS) attacks on affected systems. Doing so can cause applications and even systems to crash. [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

More Adobe Exploits in the Wild

Browsersecurecheck.com is a malicious website which is closely connected to Antivirus 7 rogue anti-spyware and its propagation. People usually get familiar with Browsersecurecheck.com without any intention to do this because of the browser hijacking techniques used to redirect users to that domain. Hijacker disables certain functions of the infected web browser and makes it operate [...]

Hot on the heels of this month’s security bulletin, a new vulnerability exploit surfaces with a malware in tow. The new zero-day vulnerability, as described in a previous post, prompted Microsoft to release Security Advisory (981374) while investigations are still underway. This Internet Explorer (IE) vulnerability exists due to an invalid pointer reference bug [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

New IE Zero-Day Exploit (CVE-2010-0806)

The number of serious zero-day vulnerabilities and potential exploits discovered in recent days is higher than normal. This can enable cybercriminals to gain more leverage in their attacks, allowing them to target a considerably large number of users while these vulnerabilities remain unpatched.
As part of its regular Patch Tuesday schedule, Microsoft released two security fixes [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Multiple Vendors Affected By New Vulnerabilities

Smart Security (also known as Smart security) is a rogue anti-spyware application that was simply copied from the “famous” malware Security Tool. Involving all the malicious techniques and using the name of legitimate ESET Smart Security, the new its variant spreads malicious code through the use of Trojans viruses mostly. Of course, spam emails or [...]

April 3 cannot come soon enough for those who are eager to get their hands on the iPad. If anything, Apple’s recent announcement that the gadget will soon be available in the United States only added to the excitement over the much-talked-about gadget. Unfortunately, spammers are using the current enthusiasm over the iPad to their [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

iPad Giveaway Gives Users’ Identities Away

Antivirus 7 is a rogue anti-virus program that reports false threats and displays fake security alerts to convince you into thinking that your computer is infected with computer worms, trojan viruses and other malware. It pretends to be legitimate security software, but actually this fake program is promoted and installed through the use of Trojans [...]

It seems that fans around the world are not the only ones who are hooked on the Oscars. Just a day after this year’s Academy Awards, Trend Micro Threat researchers found FAKEAV variants topbilling the search pages.

This time around, users searching for news on the Oscars fall prey to the latest blackhat search engine optimization (SEO) [...]

Post from: TrendLabs | Malware Blog - by Trend Micro

Oscars 2010 Awards Users with FAKEAV

that’s RAT as in remote access trojan, for the uninitiated.by now i’m sure most security folks have heard about this but if you haven’t yet, here’s the US-CERT advisory, symantec’s blog entry by liam murchu, a sophos blog post by graham cluley, a blog …