Update: Please perform a product update in order to receive the fix which we released to all customers. If you have problems with the ProActiv module after updating to the Service Pack, please follow the steps described in the Knowledge Base: - English version - German version If it is too complicated, just deactivate ProActiv by following these steps: Open the Avira Control
The Russian IT security company Doctor Web is informing users about the worm Win32.HLLW.Autoruner.64548, which can infect RAR archives. It can download executables files from a remote server to perform malicious tasks in the compromised system.Win32.HLLW.Autoruner.64548 spreads as many other worms do: it creates its copy on a disk and places the file autorun.inf into the root directory to launch the worm
Pinterest is getting lots of media attention lately. Spammers are also starting to exploit the social-media “pinup” site to make quick money. We have found that there are already lots of ready-to-use tools that make it easy for anyone to start Pinterest scams without much difficulty or technical skill. These tools are so easy that many require
Is there anybody who regularly reads Naked Security who isn’t familiar with malware attacks posing as email notifications regarding failed parcel deliveries?Once again, we are seeing a widespread malware campaign spammed out – this time pretending to be regarding an aborted attempt to send a parcel via DHL to the recipient’s address.But on other occasions we’ve seen very similar threats pretending to be from UPS or Fedex and others.Here’s
In April 2012 the Russian IT security company Doctor Web already reported that a botnet created by hackers using the Win32.Rmnet.12 virus exceeded one million infected hosts. Doctor Web’s virus analysts have recently noted the spread of the new virus’s modification dubbed Win32.Rmnet.16. Its main difference from the previous version is a digital signature used to sign a control server IP-address. The virus makers also updated the
The Android:FakeInst family of malware seems to be never ending story. Its creators have been trying to trick users into sending premium rate SMS messages for several months now. Just a few days ago, we discovered 25 more apps placed on alternative markets that are all based on very similar concepts as was the one in the story we wrote about before Christmas. This time malicious Android
For some time, we’ve seen site URLs with the dot TK (.tk) extension being spammed by bogus accounts on Twitter to random users. One of our threat researchers in the AV Labs found these particular Tweets quite noteworthy: Computer view (click to enlarge) Smartphone view (click to enlarge) Such Tweets are equally accessible to computer (desktop, laptop, and tablet) and smartphone users. There is no doubt, however, that smartphone
The demise of Beastie Boys’ Adam Yauch (also known by his moniker MCA) have resonated among hip hop fans these past days. Sadly, we have seen a particular attack that targets specific recipients and used this news item as a social engineering lure. We have found an email sample that leverages Yauch’s death to entice users to download and open the malicious attachment. The message appears as a news item from
While gamers from North America and Europe are still waiting for the release of Diablo III this coming Tuesday (May 15), cybercriminals have already gone ahead and started taking advantage. We found a search result for the string “diablo 3 free download” leading to a survey scam — a scheme frequently seen deployed through Facebook. The search result below (highlighted in yellow) directs to the a page which appears to be
We have just completed fresh analysis of the malicious software known as Win32/Festi. While the "Festi" botnet created with this malware has been in business since the autumn of 2009 we can see that the software is frequently updated, as described in our analysis, and these updates mean Festi continues to
Mother’s Day is normally celebrated by people to express their love for their mothers. We sometimes buy them special gifts such as watches, antiques, greeting cards, or flowers. Spammers also celebrate Mother’s Day, but with a different goal in mind.As always, spammers like to take advantage of special occasions and festivals. Currently we see a trend in spam mails offering fake Rolex watches as the perfect gift
Last month, we have seen cybercriminals use the popularity of apps like Instagram and Angry Birds Space to deliver malware on Android phones. This time, we spotted the same social engineering tactic using Adobe‘s name. This webpage is also found to be hosted on Russian domains, similar to the fake Instagram and Angry Birds Space apps that we previously reported. To further entice users
by Jason Ding – Barracuda Labs Many Facebook users have the same burning questions – who viewed their Facebook profile? And who viewed them the most? Facebook has officially explained on its FAQ page, that such functionality is not provided either through its own platform nor other third party applications.
In recent years one of the most prevalent malware threats for PCs (and lately Mac users) is fake-antivirus software, which pretends to be a legitimate security program. Its real purpose is to charge victims a fee to remove a nonexistent threat. The same threat has now been ported to mobile devices. In some cases we see the same or similar behavior: getting revenue from users via SMS messages to a premium-rate number or malware
In light of the slew of persistent black hole spam runs, we have been tracking and investigating this threat that leads users to the black hole exploit. These attacks typically start with a spammed message containing a link to a compromised website that redirects a user’s browser to a malicious site hosting the said exploit. The payload of this threat is to install ZeuS variants onto user systems in
If you follow the field of computer security chances are that you saw the warning issued by the FBI’s Internet Crime Complaint Center (IC3) this week about using hotel internet connections.Here’s the full text of the advisory, with some responses sprinkled throughout from yours truly: Malware Installed on Travelers’ Laptops Through Software Updates on Hotel Internet Connections Recent analysis from the FBI and
Targeted attacks that are part of APT campaigns commonly use exploit documents in their social engineering ploy. These exploit documents serve as unassuming carriers of the attacker’s payload malware into the target’s computer. Since exploit documents are one of the first arrival vectors of APT malware, a little knowledge of the most exploited software and vulnerability will go a long
Imagine a program that scans your computer, detects some errors, and offers to fix them. There are many legitimate programs that do this (for example, antivirus programs), but there are also many fake programs, which do nothing beneficial – they just pretend to do a scan of your computer, they pretend to fix some
UK Courts recently ordered Internet Service Providers to block access to The Pirate Bay. Yesterday, Virgin Media was attacked by some that claim associations to the Anonymous collective. Well, The Pirate Bay had something to say about the attack on its Facebook page. TPB: We believe in the open and free internets, where anyone can express their views. Even if we strongly disagree with
