Microsoft privacy portal a target of rogue security software

Reports of rogue security programs have been more prevalent as of late. These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs may display product names or logos in an apparent and unlawful attempt to impersonate Microsoft products. Earlier in 2009,…


Surveying the Hamweq-age – Threat Reports for MSRT December

In the week since its release on December 8, MSRT has cleaned over 2.5 million machines of malware. The new family for December was Win32/Hamweq, an IRC controlled backdoor which spreads via removable drives. Hamweq was removed from 638,491 machines, making it the most prevalent family for the month, with around double the number of…


If at first you don’t succeed…

…it might be because you weren’t meant to. Last year, the EOF virus-writing group decided to release a virus zine with the help of DoomRiderz and rRlf. Well, here is how that turned out: rRlf backed out of the project at the last minute and then folded, and DoomRiderz folded shortly after the zine was released. The…


MSRT slices the Hamweq for Christmas

This month, Worm:Win32/Hamweq has been added to the Malicious Software Removal Tool (MSRT)  in time for the holidays.  Hamweq makes it on to MSRT’s “naughty” list as an IRC-controlled backdoor that spreads via removable drives. It has multiple means of hiding its presence; it installs itself into a hidden directory which it disguises as a…