Archive | Malware


27 August 2006 | 15,635 views

Sophos Offers Free Rootkit Detection Tool/Software

Ah, here at Darknet we have always been a fan of Sophos and the way they operate, a very efficient company and good to see good technical products still coming out of the UK! Another good move by them, they have decided to offer a free rootkit detection tool called Sophos Anti-Rootkit..Yah I know, not [...]

Continue Reading


17 August 2006 | 4,858 views

Bot Herders Go After MS06-40 Exploit

Malware herders are speeding up, the first wave is already here for MS06-40. It’s basically a variant of some old malware suited to the new vulnerability. Same old story then, same packer, technique, new exploit. Same as the days of autorooters. It’s basically the Mocbot trojan that was used in the Zotob worm attack in [...]

Continue Reading


02 August 2006 | 14,328 views

Firefox Extension Spyware – FormSpy

The antivirus specialists at McAfee have warned of a Trojan that disguises itself as a Firefox extension. The trojan installs itself as a Firefox extension, presenting itself as a legitimate existing extension called numberedlinks. It then begins intercepting passwords and credit card numbers entered into the browser, which it then sends to an external server. [...]

Continue Reading


10 July 2006 | 4,681 views

A Day in the Life of a Spyware Company – DirectRevenue

Spyware companies are apparently netting HUGE profits, it doesn’t surprise me though with the amount of people that actually install the crap on their machines.. Let’s say we don’t like companies like Direct Revenue very much though. Consumers have strong opinions about Direct Revenue’s software. “If I ever meet anyone from your company, I will [...]

Continue Reading


07 July 2006 | 8,664 views

‘Free’ USB Drives Defeat Company Security

This is an excellent case of Social Engineering, you could also consider it playing on human greed/ignorance/stupidity. Whatever you want to label it really ;) USB drives are a real security risk.. We recently got hired by a credit union to assess the security of its network. The client asked that we really push hard [...]

Continue Reading


29 June 2006 | 7,672 views

Shadowserver Battles the Botnets

Botnets are indeed a growing problem, we’ve seen serious cases of DDoS extortion, the most recent example would be the attacks against the ‘million dollar homepage’ and the problems it caused the owner. Botnets have been used for quite some time as spam networks and mostly for script kiddies to have DoS wars on IRC [...]

Continue Reading


24 June 2006 | 5,788 views

LiveJournal Advert Installs Malware

Seems like someone sneaked past the LiverJournal advertisers policy by only trying to infect Australian and European users. A certain advertiser (kpremium.com) – being sneaky and underhanded. It’s not LJ’s fault, LJ already disabled the advert from rotation. The ad itself is for a program that lets you download stuff – you know the sort [...]

Continue Reading


22 June 2006 | 8,525 views

Botnets and Phishing Numbers Increasing Despite Crackdown

Botnets and organises cybercrime is getting more prevalent, it seems it’s increasing exponentially despire crackdowns by the US governments and other organisations. The criminals are getting more advanced, phishing scams are getting more realistic, technically trojans are getting more effective and the groups are getting really organised. Cybercrooks are organizing better and moving to more [...]

Continue Reading


21 June 2006 | 18,656 views

Google’s Orkut Hit by Data Stealing Worm – Mw.Orc

So just a few days about there was a new MSN Worm – BlackAngel.B, before that the Yahoo! e-mail worm, long before that of course the MySpace worm and a few others not notable enough to mention. And of course plenty of nasty Trojans. A new Internet worm capable of stealing bank details and other [...]

Continue Reading


17 June 2006 | 8,466 views

New MSN Worm Hitting Users – BlackAngel.B

Well this week there was a Yahoo! Email worm, now also follows a vindictive new worm targetting MSN called BlackAngel.B. The reports come from the anti-virus software company Panda Software. When activated the worm delivers a fateful terror message and then attempts to disable any protection software such as anti-virus, firewall or Windows system applications [...]

Continue Reading