Beware of Phishing Scam Using Skype

There is a new email phishing scam impersonating Skype. The subject of the email reads “You received a new message from Skype voicemail service.” The scam email spoofs the address “Skype Communications” with the attachment Skype_Voice_Message-7776C24212.zip. In reality the attachment contains an executable, Skype_Voice_M_497564___random_numbers___872345.wav.exe, that installs a Trojan. The body of the email reads: This…

Fake Antivirus Takes Hijacks Webcams

There is fake antivirus software called “Antivirus Security Pro” that takes screenshots and webcam pictures to scare you into purchasing more of the malware. The program disguises itself as a free antivirus scan. The scan from this criminal decoy reveals you are infected with several malware packages by displaying results like this: Experienced IT professionals…

Fake Antivirus Email Spreads Malware

An email claiming to alert you to an antivirus software update has been infecting it’s victims with a variant of the Zbot Trojan. The email suggests, by referencing “the new malware circulating over the net”, that the critical update will protect you from CryptoLocker. With all of the reports about CryptoLocker it would be hard not to…

Fake iTunes Attacks Windows Users

People are receiving emails for an iTunes update. The email contains a link the takes victims to a page identical to the iTunes download page offering the latest iTunes update. The download is really malware. The malware was discovered by BitDefender as Backdoor.Bifrose.AADY, a variant of Backdoor.Bifrose.N. Backdoor.Bifrose.AADY becomes part of the Windows process explorer.exe with the purpose…

‘i2Ninja’ Anonymous Malware Kit

i2Ninja is malware the has the ability to perform HTML injections and form grabbing in Internet Explorer, Firefox and Chrome. i2Ninja can also steal FTP and e-mail credentials. It also has a feature that targets poker sites. This malware hides communication between infected hosts and the command and control serve by transmitting over the Invisible Internet Project (I2P).…

Beware of Fake PayPal Emails

There is a phishing scam going around pretending to be form PayPal. The email claims to need confirmation to complete or renew your PayPal sign up.  The subject of the emails is “Confirmation required,” and the body of the email reads: “To finish signing up for your PayPal account, you must click the link below…

Cracked[dot]com Spreads Malware

On Monday, November 11th, it was discovered that Cracked[dot]com was infected by malware performing drive by downloads. The discovery comes from Barracuda Labs Research. The malware was spread through a drive-by-download. The number of systems it has infected is unknown. Given the site is ranked by Alexa as number 289 in the U.S. and 654 worldwide the…

Facebook Email Carries Malware

An email making the rounds requesting you to change your Facebook password hides malware. The email has the subject line “You requested a new Facebook password.” The body of the email reads: “You have received a secure message. You will be prompted to open (view) the file or save (download) it to your computer. For…

What Is A QuantumInsert Exploit

QuantumInsert is an NSA attack described in the Snowden documents. A QuantumInsert is a sophisticated type of Man-In-The-Middle attack. The NSA uses secret servers strategically placed on the internet backbone, codenamed Quantum. These servers intercept traffic to well-known web sites like Google, Yahoo, LinkedIn, Facebook and so forth. The Quantum servers are placed in places…

What is FoxAcid

The following is a description of one of the NSAs cyber-attack methods revealed on the Snowden documents. FoxAcid is a system designed by the NSA capable of launching a variety of attacks at target computers. The NSA refers to this as an “exploit orchestrator”. It is a Windows 2003 server loaded with PERL scripts and…