3G,
2012 London Olympics,
Adobe,
Advanced Persistent Threat,
advanced persistent threats,
adware,
AET,
AMTSO,
analysis,
Android,
Android/FakeToken,
Android/FakeUpdates,
Android/NickiSpy,
Android Bot analysis,
Android Dropper,
Android Exploit,
Android Malware,
Android Malware Analysis,
Android Market,
Android Mobile Malware,
Android Rooting Exploit,
Android SMS broadcast,
Anonymous,
Anonymous Group,
Antievasion,
antivirus,
Apple,
application security,
APT,
Arun Sabapathy,
attack,
attacks,
AutoRun malware,
AV-TEST.org,
Backdoor,
banking,
banking fraud,
Bitcoin,
Bluetooth,
bot,
botnet,
botnets,
bots,
Brazil,
bueno,
buffer overflow,
CanSecWest,
Charity Phishing Scams,
Chile,
chris barton,
clickjacking,
Compliance,
conference,
Conficker,
Consumer,
counter identity theft,
credit card fraud and protection,
credit card skimming,
crimeware,
critical infrastructure,
cross-site scripting,
currency,
CVE-2012-0158,
Cybercrime,
Cyber Security Mom,
cyberwar,
Darkshell,
database security,
data breach,
Data Protection,
Dave DeWalt,
DDoS,
Deep Defender,
DeepSAFE,
denial of service,
Digital Certificates,
distributed denial of service,
DoS,
DougaLeaker,
downloader,
downloaders,
Duqu,
e-gold,
eBay,
EFF,
election,
email,
Email & Web Security,
embedded,
encryption,
Endpoint Protection,
enterprise,
Exif,
exploit,
Exploit for Android,
exploits,
facebook,
fake-av,
fake alert,
fake anti-virus software,
Fake AntiVirus,
fake anti virus,
fake updates,
false,
Family Safety,
FBI,
FIFA,
Flash,
flashback,
free,
french,
gaming,
gaming consoles,
global threat intelligence,
google,
google code,
Google Play,
government,
gratis,
GSM,
hacker,
Hackers,
hacking,
Hacktivism,
Hacktivity,
hoax,
host intrusion prevention,
ICS,
identity exposure,
identity fraud,
identity fraud scams,
identity protection,
identity theft,
Identity thieves and cybercriminals,
iframe,
in.cgi,
industrial control systems,
Infrastructure,
intellectual property,
internet privacy,
Internet Safety,
in the cloud,
IntruShield,
iphone,
IPS,
IRCBOT for android,
Japan,
java,
JavaScript,
Kernel 0day vulnerability,
king county,
labs,
LART,
law enforcement,
Linux,
Linux/Exploit:Looter Analysis,
Linux and Windows,
lizamoon,
Lloyds,
LOIC,
Looter Analysis,
luckysploit,
LulzSec,
mac,
mac/OSX,
Mac OSX,
Mac OS X,
Malicious Android Application,
Malicious QR Code,
malware,
Malware Experience,
malware forums,
Malware research,
maps,
mass mailing worm,
mass sql injection,
McAfee,
McAfee Identity Protection,
McAfee Initiative to Fight Cybercrime,
McAfee Labs,
McAfee MobileSecurity,
McAfee Network Security Platform,
McAfee NSP,
McCain,
Medical identity theft,
Microsoft,
Microsoft Security Bulletin,
MMORPG,
Mobile,
mobile data protocols,
mobile devices and security threats,
mobile malware,
mobile phone spyware,
mobile security,
mobile smartphone security,
mobile spam,
Mother’s day spam,
MS12-020,
msn spaces,
ndr,
near field communication,
Network Evasions,
Network Security,
NFC,
NickiSpy,
Nitol,
North Korea,
NotCompatible,
obama,
OLE,
olympics,
Olympic scams,
online banking,
online child safety,
online credit fraud,
online gaming,
online gangs,
online safety,
online security,
online shopping,
online threats,
Open Source,
Operation Aurora,
Orange,
OS/X,
outlook,
P2P,
password stealer,
Pastebin,
patch,
pay-per-install malware,
Payload,
payment,
paypal,
PCI,
PDF,
pedro bueno,
peer to peer,
Peer to Peer file sharing,
personal information over mobile phones,
personal information protection,
phishing,
phishing kits,
phishing scams,
phishing shareware,
pinterest scam,
piracy,
pornography,
Postcode Lottery,
PostScript,
Potentially unwanted program,
predictions,
Premium SMS Trojan,
Printers,
privacy,
Public Sector,
puget sound,
pup,
PWN2OWN,
pws,
Ramnit,
RAT,
rdp,
Records phone conversations,
regulations,
research,
RFID,
risk,
Risk and Compliance,
Rogue Certificates,
Rooting Exploit,
rootkit,
RootkitRemover,
Rootkits,
RTF,
safe surfing,
SCADA,
scam,
scams,
scareware,
SchmooCon,
Search engine optimization,
Search engine poisoning,
security,
Security-as-a-Service,
Security 101,
seo abuse,
Shady RAT,
SlowLoris,
smartphones,
sms,
social engineering,
social media,
social network,
social networking,
social networks,
South Korea,
spam,
spear,
SpyEye,
Spyware,
sql attacks,
SQL Injection,
Stealth,
Steve Jobs,
Stinger,
Stuxnet,
subscription,
Symbian,
targeted attacks,
Testing,
text message,
threat,
tools,
Total Protrection 2012,
TPM,
traffic manager,
trojan,
trojan banker,
trojans,
twitter,
urchin.js,
USB drives,
vbs,
vinoo thomas,
virus,
Viruses,
VirusScan Enterprise with ePO 8.8,
vista,
vulnerability,
waledac,
water facility,
water pumps hacked,
water treatment facilities hacked,
web,
Web 2.0,
web security,
web threats,
white hat hackers,
windows,
Windows Mobile,
World Cup,
world of warcraft,
worm,
Worms,
xirtem,
xss,
Zbot,
Zero-Day,
ZeroAccess,
zeus,
zombie,
zombie computers,
zombies
McAfee Labs
Get cutting-edge security as it happens. McAfee Labs Blog delivers the latest research, analysis and insights into the evolving threat landscape, powered by comprehensive, real-time Global Threat Intelligence and a dedicated team of multidisciplinary researchers. Read our experts’ tips and techniques to help you avoid and defeat the latest malware trends, and view portions of the actual research to stay even more informed.
On April 16, we found a Pastebin entry selling the latest version of the infamous SpyEye botnet (Version 1.3.48) for a much lower price than we’ve seen elsewhere. (This botnet is mainly used to steal banking information.) The quote was just US$150 including three months hosting, after that it’s $15 per month. This version was Read more…
Tags: banking, botnet, SpyEye
Nitol is a distributed denial of service (DDoS) botnet that seems to be small and not widely known. It mostly operates in China. McAfee Labs recently analyzed a few samples; we offer here the communications protocol and the Trojan’s capabilities. Most of the samples we encountered were not packed and were very easy to reverse Read more…
Tags: botnet, DDoS, Nitol
Since March 20, the @Anonw0rmer Twitter account has been silent. Its owner, w0rmer, is known as a member of the CabinCr3w group, a hacker team linked to Anonymous. In early February, as part of the Operations PiggyBank and PigRoast, the CabinCr3w members were suspected of hacking various police department- or law enforcement-related websites including: West Read more…
Tags: Anonymous, Exif, Hacktivism, Open Source
Darkmegi was in the news a couple of months back; it was the first known threat to be delivered through the Microsoft vulnerability CVE-2012-0003 (MIDI Remote Code Execution Vulnerability) exploitation. More recently Darkmegi has been seen in CVE-2011-3544 (Java Runtime Remote Code Execution) drive-by attacks as part of the Gong Da Pack exploit kit. Darkmegi uses Read more…
Tags: Deep Defender, DeepSAFE, rootkit, Stealth
Recently we discovered a new Android Trojan in the official Google Play market that displays a video downloaded from the Internet–but only if some sensitive information is previously sent to a remote server. The malicious applications are designed for Japanese users and display “trailers” of upcoming video games for Android. Here’s one example: Or anime/adult Read more…
Tags: Android, DougaLeaker, Google Play, Japan, malware
Unless you have been living under a nondigital rock recently, you have probably heard of the Flashback Trojan, which attacks Macs. Around April 4 we saw reports of more than 500,000 infections by this malware. Further, McAfee Labs has recently come across a new variant making the rounds. This is no surprise: Whenever a piece Read more…
Tags: fake anti-virus software, flashback, mac/OSX, malware, trojan
Darkshell is a distributed denial of service (DDoS) botnet targeting Chinese websites. It was found in 2011 and was first analyzed by Arbor Networks. McAfee Labs recently analyzed a few new samples that turned out to be variants of Darkshell, and we found extensive variations in network traffic and control commands. The Darkshell bot follows Read more…
Tags: botnet, Darkshell, DDoS, denial of service
As mobile phones allow us to carry our money in an electronic “wallet,” they will also become a greater target for crooks. Picking a pocket is a risky endeavor for a thieves, but it will be much less so if all they need to do is bump into their victims or brush by them with Read more…
Tags: Android, credit card fraud and protection, credit card skimming, mobile security
This is one of these days that make me really proud to be a member of the McAfee family. I just received the very latest third-party test results from AV-TEST.org. AV-TEST has built a reputation for doing very thorough, “real world” tests of endpoint security products. They’ve been testing consumer endpoint products for a long Read more…
Tags: AV-TEST.org, Total Protrection 2012, VirusScan Enterprise with ePO 8.8
It’s been more than a year since McAfee became an Intel company, and the team and I have been privileged to be a part of designing and developing our DeepSAFE technology, as well as Deep Defender, the first available product that leverages this advancement. Recent threats in the news validate what we’ve been working on, Read more…
Tags: Deep Defender, DeepSAFE
Posts in McAfee Labs