TechBlog

Security News? Just a few clicks away

Tag Archives: Analysis

Federal Police Scam

During our usual malware analysis we found a malware sample which shows a fake warning passing off as official German “Bundeskriminalamt” (the German Federal Police). The page contains various logos taken from the official Internet sites. It’s easy to discover … Continue reading

Picturesque Brazilian Banker

While analyzing new malware samples, we found a brazilian banking Trojan that caught our interest: It contains plenty of images – all of brazilian banks and insurances. It is quite a multi talent when it comes to the bank logins … Continue reading

Analysis of TR/Spy.SpyEye

SpyEye is a malware family which we are monitoring for some time. Today we are analyzing a sample which is detected as TR/Spy.SpyEye.flh by Avira products. The Trojan is able to inject code in running processes and can perform the … Continue reading

Fake System Optimizer with special messages

When analyzing malware, we often look for strings within the malware samples. Those give some interesting insights about the malware, its creators or the targets, for example. While poking into a fake system optimizer, after some decryption layers we also … Continue reading

Polymorphic Virut Malware

W32/Virut.ce is one of the most widespread pieces of malware which can be found on infected computers. This file infector gets massively spread bundled with illegal software (warez). The virus is infecting executable files using latest techniques which make detecting … Continue reading

Closer look on TR/Spy.Clickpal.A

We analyzed a Trojan Spy sample because it was interesting how it was spreading through the operating system and the way it sent out stolen information from the user. Right after execution the malware searches for .lnk files existing on … Continue reading

Closer look at W32/Ramnit.C

In this month’s ITW malware set from the Wildlist organization two new variants of W32/Ramnit appeared. W32/Ramnit is a Worm spreading via infected executable files and infected HTML Files. It is a quite widespread malware – which is why we … Continue reading

Think Point, world´s leading security solution

In the last days we received a new kind of scareware in our Virus Labs. This Trojan family called ThinkPoint is spreading very quick on the Internet. After the malware is executed, it creates a copy of itself with the … Continue reading

New Firefox Exploit In-the-Wild

Our Virus Lab discovered an exploit for a newly discovered vulnerability in the Firefox web browser which was actively used on the infected Nobel Prize site earlier this week. The exploit using the vulnerability in Firefox 3.6 installed a Backdoor … Continue reading

Analysis of TR/Oficla.GM

The Oficla malware is a family of Trojans which inject code into running processes in order to download and execute files. We have seen the malware in the wild, downloading several additional malware families. The Trojan is often spammed out … Continue reading