My Favourite Time of the Year

It’s when a VX group folds, and it has happened again.  Twice, even.  The day before the “much anticipated” 😉 EOF-DoomRiderz-rRlf group zine was released, rRlf announced that they were disbanding.  This is something that we could have guessed anyway, based on the comment in Latin that was posted on their website a few days…

2

Horst: (Something Old, Something New)

The latest version of the MSRT was released on the 8th of July. The newest family selected for inclusion was “Horst“. The Horst family is made up of a number of different components. Each of which, can perform different tasks. Tasks include downloading, malware distribution and email account registration by CAPTCHA bypass. Horst family variants…

1

How potentially unwanted software finds a way into our computers

I was talking yesterday with a fellow researcher about the Win32/Danmec trojan and the way it uses SQL injection to extend its bot network when I just realized that I was actually looking through some of the injected webpages. I decided to find more about it so I backtracked the events to see how the…

3

The Power of SSE

In the beginning, there was the CPU.  It supported only integer operations.  Then came the FPU, which supported floating-point operations.  For a long time, that was all we had.  Then came MMX (which is commonly said to stand for MultiMedia eXtensions, but actually Intel won’t say), which was back to the integer operations (and interfered…

0

4th of July Greetings

Aside from the Storm Worm, a new 4th of July malware is currently being spammed around. Below is a sample of the greeting card mail:  Clicking on the link will not lead you to greetings.com but rather to a malware download site with a filename july.exeIt turns out the july.exe is another IRC backdoor and…

0

What’s travelling on the wire

Just a few days ago we installed a new network protocol analyzer in our lab here in Dublin. It was late when the configuration was done so we just fired it up and let it run until the next day. After all we didn’t expect to get much attention in the beginning. In a couple of…

1

Error 424 – Failed Dependency

Here I am at Microsoft, where I’ve spent a very pleasant nearly three months already, which seems to be one of the industry’s best kept secrets.  It’s been a while since I last posted about the EOF/DoomRiderz/rRlf zine, and I’m still waiting for what is essentially the remaining formal virus-writing groups to release it.  My…

0

Taterf – all your drives are belong to me!!!1!one!

Greet1ngs, As you all probably know by now, this month in MSRT was a very significant release for Gamers everywhere with the addition of a variety of password stealers directly targeting Online games. The main targets are mostly based in Eastern Asia (Lineage Online, Legend Of Mir, ZT Online just to name a few), but…

3

Welcome to the New Look Microsoft Malware Protection Center Blog

Hi, Vinny here Welcome to our newly refreshed blog! We wanted to create a new home for the Microsoft Malware Protection Center (MMPC) blog that was easier to navigate, and more in synch with our security colleagues within Microsoft such as the Microsoft Security Response Center. If you are new to our blog – welcome! The MMPC…

0