About Us Industry News McAfee Avert Labs Blog
McAfee Avert Labs
  • How Much Does My Identity Cost? (the Sequel)
    Two weeks ago, I posted a blog entry talking about the counterfeiting of legal documents. I have received many comments and requests for further data from various Eastern Europe countries, France, and even the United States, related to this type of fraud. Aside from journalists, for whom it is their job, many people have contacted [...]

  • Zeus Botnet Attacks via FedEx Scam
    Yesterday we discovered a new Zeus campaign. Most of the messages associated with the new spam campaign are linked to the Asprox botnet. This time, the focus is on FedEx. Most of the attachments start with either FedExDoc[randomnumbers].exe or FedExInvoice[randomnumbers].exe. Those attachments are recognized as the Bredolab Trojan, which will download the Zeus component. This Zeus variant [...]

  • Labs Releases Whitepaper on Cooperative Anti-Malware on Endpoint and Gateway
    The Anti-Malware engine is a critical and core piece of the McAfee anti-malware solutions. As with any core technology, the engine must be rock-solid stable, fast, and functionally rich. A new McAfee Labs whitepaper outlines these engine technologies and values, covering both endpoint and gateway uses. Beyond introductions to malware detection methodologies–ranging from exact detection to [...]

  • iPhone OS – Safe again?
    Three weeks ago a ‘mysterious’ new jailbreak technique was posted to jailbreakme.com. Research to date indicates that this technique leverages two distinct vulnerabilities to gain access to devices. The first issue exploited is a FreeType CFF font handling issue, exploitable via MobileSafari. The second issue exploited is an IOSurface framework issue that allows for privilege [...]

  • Newegg Password Reset Scam: a Harbinger of Threats to Come?
    This blog was updated at 1.15 pm Pacific time on Aug. 26. McAfee Labs has detected a new strain of spam in the wild that is not only a sophisticated forgery of a Newegg purchase receipt, but there is also some indication that the botnet may be attempting to abuse Newegg’s password reset system to further [...]

  • Insecure Library Loading in OS and Applications
    While reading Microsoft’s confirmation of the DLL preloading risks in arbitrary Windows applications vulnerability, somehow it reminded me of the wave of LD_PRELOAD vulnerabilities that were exploited many years back on multiple non-Windows-based systems. It’s not a new class of vulnerability; the recent LNK file zero-day was probably the last biggest flaw that allows untrusted [...]

  • Three Strikes to Latest Phishing Scam
    We unceasingly monitor and combat old and emerging web threats, taking different approaches to best protect our customers. Cybercriminals continuously look for new ways to steal valuable information. A recent phishing scam we’ve seen impersonates three popular institutions: PayPal, Bank of America, and free offers to check your credit score. The recent attack on Bank of America [...]

  • How Much Does My Identity Cost?
    Phishing and identity theft involve not only the theft of funds. In addition to financial data, information collected by cybercriminals also can allow them to create and sell false legal documents. On top of selling malware, renting botnets, or launching denial-of-service attacks, supplying falsified documents is another well-paid online activity. I visited such a business just [...]

  • Fraud Strikes U.S. Travel Authorization Agency
    Last year, the U.S. government passed a law making mandatory online registration for travel for all citizens from countries eligible for the Visa Waiver Program. The Visa Waiver Program is available to citizens from the European Union, but also to citizens from other countries such as Switzerland, Japan, South Korea, and Singapore. The registration has to [...]

  • New Wave of Zbot Trojan
    McAfee Labs detected a new wave of the PWS-Zbot (a.k.a Zeus) spam campaign this week. Some common phrases used in the email subject headers: Subject: Sales Dept Subject: Another candidate brought to you Subject: Summary of payments These emails carried PWS-Zbot Trojan variants that are a part of the 2.x version of the Zeus botnet, and currently try to access [...]

redundancy
redundancy
redundancy
redundancy
grandioso
grandioso
grandioso
grandioso