Mario Kart on Facebook? Fast-spreading scam hits numerous users’ accounts

A scam claiming that it is possible to play Mario Kart on Facebook has spread between multiple Facebook users. Play Mario Kart on Facebook! [LINK] Play Mario Kart on Facebook together with your Friends! Jowithin the multiplayer mayhem NOW! Click here to play The messages quite don't just take the form of public status updates, but have at the same time  See More..

Play Mario Kart on Facebook! – Facebook Scam

Scam Signature Message:Play Mario Kart on Facebook!playmariokartonline.comPlay Mario Kart on Facebook together with your Friends! Join themultiplayer mayhem NOW! Click here to play Scam Type:Survey ScamTrending: October 2011Why it s a Scam:Clicking the wall post link takes youto the following page:Clicking the PLAY NOW button loads the following survey scam:**Note Scams like this often use numerous  See More..

OpFake: Premium Rate SMS Trojan That Shares Code w/ Spitmo

One of the considerably more interesting instances we ve analyzed this year is Spitmo, short for SpyEye within the mobile. When a couple of versions of SpyEye, an inrenowned banking trojan, encounter mTANs, a mobile-based defense against computer-based man-in-the-browser attacks, a counteroffensive is offered: Spitmo, a mobile trojan that circumvents the authentication process. It s a rather interesting crossover attack  See considerably more..

Clarifying Android DroidKungFu variants

considerably like Ninja Turtles, DroidKungFu now comes in different flavours (5 so far), found by Pr. Xuxian Jiang (and analysis team) and Lookout. If, like me, you may possibly be Having troubles keeping track of those variants, this post is for you The similarities and differences between all 5 variants are depicted below. The different blocks represent  See More..

The True Face of Urchin

In recent days, we have seen blogs about a specific type of Mass Injection campaign. We take this opportunity to publish our findings in this blog. This particular campaign has already picked up pace and It is infecting numerous innocent users out there. It all starts with a script which is injected into  See More..

IPAbuseCheck Stats

Last week, we announced our IPAbuseCheck lookup tool. We see lots of infected/abusive hosts on the internet trying to proxy abusive Net transactions via our proxies. Rather than just ignoring these transactions, we ve decided to provide this lookup utility for security professionals and companies to query and identify abusive/infected hosts within their networks based  See More..

Visualizing Malnets: Time-lapse Animation

several months ago, we showed off a sample of our next-generation malware delivery Internetwork ( malInternet ) graphs. since then, we ve pressed the wizard behind them (Jon) to come up having a method to animate the graphs, so that we could show them in a time-lapse video. Here s what he s come up with so far.  See More..

Malicious script blocks browsers on iPhone, iPad and iPod touch

Doctor World wide web s engineers received several requests from iPad users who were troubled by blocking pop-up windows displayed as they visited confident sites in Safari and other browsers. research into The problem revealed that pop-ups were brought up by malicious JavaScript code embedded into World wide web-pages by criminals. Earlier Doctor World wide web issued a report about  See More..

Belleville Woman Charged over Facebook Identity Theft

Dana Thronton, a 41-year old woman from Belleville, is in trouble since of a Facebook Profile that she created after her break up with Parsippany Detective Michael Lasalandra. She created a Facebook account developing use of his name and birth date and even went so far as to upload pictures of him and post comments as if  See More..

Video of Gadhafi’s Death Being utilised for Spam

We ve been seeing a particular social engineering lure in spam runs in the past, where spammers leverage the death of a known celebrity or political figure. Recent examples of this contain the death of Steve Jobs, and Amy Winehouse. In this spam run employing Gadhafi s death, however, a far more compelling lure is being employed to  See far more..

Updates on OSX/Tsunami.A, a Mac OS X Trojan

Yesterday, ESET announced the discoextremely of a brand new threat against the Apple Mac OS X platform. Today, we have located a brand new version of the same threat. The new version is similar to the previous version with two crucial differences. The extremely first addition to this threat is that it now implements persistence on an infected  See More..

Increased usage of unregistered spam domains

Consider the spam email below: It promotes an on the internet casino site. URL filtering systems that block access to such sites often run a few checks ahead of adding the URL to the spam category. One of these checks is that the URL is registered. Once This is known the date of registration could be checked  See More..

Please send me your Facebook Anti-CSRF token!

inside the last few months we have seen a number of spam campaigns propagating on social netoperating websites. Most of these attacks use some flavor of social engineering tactics. Equite now and then, we see some innovative social engineering methods employed by attackers. Here is one such method that tricks the victim into revealing their  See More..

Diplomat held at JFK airport with many cash – a convoluted Nigerian email scam

Email scams frequently take distinct forms but typically they will claim that you may well have the opportunity to pick up millions of cash (perhaps from Mrs Gaddafi, or a non-existent lottery, or a serviceman who has stumbled across a fortune although despots flee the country). Victims are tricked into handing over funds in advance (this  See More..

[Hoax Alert] 14 YEAR OLD BOY WAS SHOT 6 TIMES BY HIS STEPFATHER

The following hoax has been circulating on Facebook recently: 14 YEAR OLD BOY WAS SHOT 6 TIMES BY HIS STEPFATHER,THIS BOY WAS PROTECTING HIS small 2 YEARS OLD SISTER WHO WAS ABOUT TO BE RAPED BY THIS POOR EXCUSE OF A MAN.THE small GIRL DID NOT GET HURT THANKS TO HER BRAVE OLDER BROTHER.THEIR MOM  See More..

Trojan:SymbOS/OpFake.A

Here s the technical research related to yesterday s write-up on Trojan:SymbOS/OpFake.A. OpFake.A arrives as a supposed Opera Mini updater utilizing file names such as OperaUpdater.sisx and Update6.1.sisx. The malware installer adds an Opera icon to the application menu. When run, it will show a menu plus a fake download progress bar. Progress bar displayed even although  See More..

Fake AV organization alive and kicking

because June 2011 we have seen a substantial decrease inside the number of fake antivirus programs. right now we are observing 10 000 daily attempts to infect users with Trojan-FakeAV; back in June the figures were 50-60,000. The daily number of attempted infections employing Trojan-FakeAV inside the past 5 months Nevertheless, new versions of this  See More..

using DLLCHARACTERISTICS’ FORCE_INTEGRITY Flag

I discovered the flag FORCE_INTEGRITY last year when I released my tool setdllcharacteristics. This flag will force a check of the executable s digital signature (on Windows Vista and Windows 7) and will prevent the method from running if the signature is invalid (or missing).however it s only now that I hold all the pieces to test  See More..

Shop ‘Till You Realized You Got Dropped On

From: info@eteam.org Subject: completely Spam? SECRET SHOPPING JOB AVAILABLE/URGENT REPLY needED Message body: We have a mystery shopping assignment in your location and we would like you to participate Secret Shopper(R) is accepting applications for qualified people to become mystery shoppers. It s enjoyable and rewarding, and you choose when and where you need to shop.  See More..

Web-Based Malware Distribution Channels: A Look at Traffic Redistribution Systems

Over the last few months we have been attempting to look deeper into how Web-based malware gets distributed. much has been written about the underground economy and how one can buy exploit kits, such as Blackhole, from underground websites. But once the attacker has bought the exploit kit, how do they infect computers? This  See More..

Facebook Security Testing 2 New Tools – Trusted Friends and App Passwords

Facebook Security issued a blog post nowadays revealing several new security features that could soon be available to users. The quite first one is called Trusted Friends. This will help users gain access to their Facebook accounts if they fail to remember their password, don t have access to their email account or if they're locked  See More..

more Mac malware – new Tsunami backdoor variants discovered

As our friends at ESET have mentioned on their blog, new variants of the latest Mac malware the Tsunami backdoor Trojan have been discovered. SophosLabs has received a few new samples of the malware which might be employed both to launch denial-of-service attacks and by remote hackers to gain access to your  See More..

Hackers targeted US government satellites, Congressional report claims

It sounds like the stuff of James Bond foreign hackers managing to gain unauthorised access to US satellites as they orbit 700 km above the Earth, and interfere with their controls. Maybe, if issues were turning really bad, the hackers could even harm or destroy the satellite. Well, if the upcoming annual report by  See More..

RIP John McCarthy, the LISP creator who sorted out memory mismanagement

Uncle John McCarthy, the creator of the functional programming language LISP, died earlier this week in California at the age of 84. McCarthy will almost certainly best be remembered for being decades prior to his time, working out how to make LISP Deal with completely automatically the memory Needs of programs operating inside it. even though explicitly requesting  See More..

Social Engineering Example from the East

Recently, a new threat, Android.Fakeneflic, has taken advantage of gaps in the availability of a legitimate video streaming service to be able to target mobile users in North America. Here is One more example of social engineering at work; however, this time the users that are being targeted are in Eastern Europe. Premium SMS dialers have almethods  See More..

Now “ce.ms” free domains are being employed to host malicious code

a few months back, I posted a blog on co.Tv domains being employed by attackers to host malicious code . We had discovered number of different domains being employed to carry out attacks using heavily obfuscated JavaScript. Now it appears that attackers are leveraging free .ce.ms domains. Likewise, we have discovered numerous .ce.ms  See More..

Ducati Diavel – power, speed, looks, too as a vulnercapability lesson for Friday afternoon

Naked Security reader Sean, who has an eye (as well as an ear as well as a nose) for wacky security holes especially those which make for amdeveloping use of reading on a Friday afternoon recently pointed me at a vulnercapacity disclopositive headlined Ducati Diavel Motorcycle Default Ignition Password. The vulnercapacity disclopositive, which appeared back in April, was based  See More..

Technical study for Mozilla Firefox Array.reduceRight() Vulnerability

The usage of exploits in current threats underlines the severe need for users to keep programs updated at all times. considering the great amount of time individuals spend on their computers connected to the Internet, Net browsers are prime targets for cybercriminals.This is a technical research of a recently discovered vulnerability in one of the  See More..

AVG World wide web Threat Weekly Update- Week 43

1. New malicious JavaScript showing up on previously compromised sites Last week we noticed the following JavaScript injections showing up on sites that had been previously compromised: