Blog

January 2012

Since the last 3-4 days we have come across a lot of cases of reported infection of W32.Xpaj virus and surprisingly, found Net Protector Antivrus (NPAV) installed on the computers of all those cases. We were surprised to find the connection and were attempting to find the connection between this...
The Ramnit Virus, which infects Windows executable and HTML files, spreads through removable media and was first detected more than 18 months ago. The Ramnit Virus use the tactics from the Zeus financial malware platform, which was discovered around 2007, and which has the ability to inject HTML code into...
The ‘Free Facebook Mug Scam’ is somewhat different from the previous Facebook scams that we have seen. Similar to the previous scams, it redirects the users to complete online surveys. In addition to this, it steals the user’s Facebook email ID and it also installs a malicious browser plugin. So...
Last week some of our customers informed us that they are receiving spam emails claiming to be from FedEx carrying the subject line: “FedEx Shipment Notification”. The email looks like this: The spam email contains a Zip file. Upon extraction, it presents an executable file named “FedEx_Tracking_Report_Notification_ID.exe”. This is a...
Android malware is targeting users with a fake Android Market website URL that is nothing like the real Android Market website (https://market.android.com). When users click on the in-app ad they are taken to something that looks like the official Google Android Market page that may appear to loom like the...
I have come across some significant activity related to spam email messages that are pretending to be from American Airlines. This email misguides the user that his purchased ticket scan copy is attached with this email and asks him to print it for use. The email has “Ticket.zip” as an...
News about the death of Steve Jobs has been exploited by cyber-criminals by sending spam emails associated with this incident. The spam mail may have one of the following subjects: – “Steve Jobs: Not Dead Yet” – “Is Steve Jobs Really Dead?” – “Steve Jobs Alive!” – “Steve Jobs Not...
Phishers are using spoofed email addresses from the US Computer Emergency Response Team (US-CERT) to trick recipients into downloading a malicious executable file. The emails are sent from the spoofed email address soc@us-cert.gov with the subject line: “Phishing incident report call number: PH0000003863970”. The fake warning claims US-CERT has opened...
A series of phishing attacks aimed at stealing Gmail and Yahoo user login information is on the rise. I believe that the attacks were part of a larger campaign aimed at stealing user data and compromising computer systems. If the users enter the login details on such phishing links, then...
A critical vulnerability has been identified in Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh and in Adobe Acrobat X (10.1.1) and earlier versions for Windows and Macintosh. These vulnerabilities could cause the application to crash and potentially allow an attacker to gain control of the affected...