Protecting over 230 million PCs, Macs, & Mobiles – more than any other antivirus


Posts Tagged ‘SpyEye’
June 27th, 2015

Businessman hackers brought down in USA and Europe

Cybercrooks run their organizations like businesses these days. They have multinational offices, marketing departments, business development, and technical support teams. Maybe they also need some security…

Major cybercrooks get arrested

Major cybercrooks taken down

 Malware entrepreneur sentenced to 57 months in prison

One such malware entrepreneur, Alex Yucel, sold malware through a website that he operated, to other hackers. The Blackshades malware allowed hackers to remotely control their victims’ computers. They could do such things as log the victim’s keystrokes, spy through webcams, and steal usernames and passwords for email and other services. They could also turn their computers into bots which were used to perform Distributed Denial of Service (DDoS) attacks on other computers, without the knowledge of the victim.

Manhattan U.S. Attorney Preet Bharara said: “Alex Yucel created, marketed, and sold software that was designed to accomplish just one thing – gain control of a computer, and with it, a victim’s identity and other important information. This malware victimized thousands of people across the globe and invaded their lives. But Yucel’s computer hacking days are now over.” See the Department of Justice press release here.

Yucel sold the software for as little as $40 on PayPal and various black market forums. Read more…

November 20th, 2013

Fallout from Nuclear Pack exploit kit highly toxic for Windows machines

In recent days, the avast! Virus Lab has observed a high activity of malware distributed through exploit kits. Most cases of infection are small websites which usually provide adult entertainment, but there was also news about one of the top 300 visited websites being infected.

Infection chains ended dropping a final payload in a form of an executable file with a constant, not wide-spread name like 1SKKKKKKK.exe. After a closer look, we found that this filename is shared among aggressive malware threats – banking Trojans like Win32:Citadel, Win32:Shylock/Caphaw, Win32:Ranbyus, Win32:Spyeye; stealthy infostealers like Win32:Neurevt (a.k.a. BetaBot), Win32:Gamarue, Win32:Cridex, Win32:Fareit; and even file infectors like Win32/64:Expiro(infected dbghlp.exe).

We received ~1000 unique samples in the last 10 days which possess suspicious filenames, polymorphically covering ~30 malware families with many different packers. Researching infected iframes in our databases, we discovered an infection chain which leads to a payload with a strange name that looks like this:


Read more…

November 27th, 2012

avast! Internet Security Leads Secure Online Banking

Financial malware threatens our banks and the safety of our personal identify and hard-earned money. Evidence from private research suggests that most endpoint security solutions offer minimal to no protection against financial malware. However, in a new test, avast! Internet Security provided 100% protection against banking malware.

Read more…

Comments off