Google removes Android malware so you don't have to

BetaNews.com: Android handsets infected with malware are getting a cleaning job from Google. On March 2nd, Google removed 21 apps from the Android Marketplace that contained malicious code (the number of infected apps is now 58). Now Google is “remotely removing the malicious applications from affected devices” and “pushing an Android Market security update to all affected devices that undoes the exploits to prevent the attacker(s) from accessing any more information from affected devices,” according to a blog post by Rich Cannings, Android security lead. ...

March 7, 2011 Â· 3 min Â· 513 words Â· Omid Farhang

6 Common Myths and Misconceptions About Malware

Over the past few decades, computer security has become an important concern among users. Security vendors have faced tremendous challenges dealing with complex security threats with IT experts placing more effort on educating people. Nevertheless, there are many computer security myths that exist today and surprisingly, many people still believe them. In this blog post, we’ll reveal a few of the most common malware myths and the misconceptions that can put you at risk. ...

January 4, 2011 Â· 5 min Â· 896 words Â· Omid Farhang

Malware Prevention guide for Windows

To help secure your computer against malware: If your computer is already infected or you are in doubt, first look at the Malware Removal Guide. Build up your malware defenses Install antivirus and antispyware programs from a trusted source Never download anything in response to a warning from a program you didn’t install or don’t recognize that claims to protect your PC or offers to remove viruses. It is highly likely to do the opposite. Get reputable anti-malware programs from a vendor you trust. I recommend Avira. It’s highly recommended that you create another layer of protection beyond Avira. This second layer could be composed with Malwarebytes’ Anti-Malware, Hitman Pro or any other on-demand antimalware software. Use a safe browser with good extensions I recommend Google Chrome and Here is my suggested list of extensions for a safe navigation. Update software regularly Cybercriminals are endlessly inventive in their efforts to exploit vulnerabilities in software, and many software companies work tirelessly to combat these threats. That is why you should: ...

January 3, 2011 Â· 3 min Â· 600 words Â· Omid Farhang

Malware Removal guide for Windows

If after following this guide you failed disinfecting your computer, or you cannot follow this guide yourself, I will be available to help you. The most important thing in fighting malwares is: Do NOT Panic. Do NOT Hurry. Do NOT ignore any step in removal guide unless I tell you. This manual for removing malwares can be used for either minor or major malware infection. ...

January 2, 2011 Â· 2 min Â· 415 words Â· Omid Farhang

Spam Carrying WikiLeaks Worm

Symantec Connect: WikiLeaks.org is in the news after their recent publications linked to leaked government documents. Spammers are now leveraging the current level of interest with social engineering techniques to infect users’ computers. Symantec is observing a wave of spam spoofing WikiLeaks to lure users into becoming infected with a new threat. The spam email has subject line “IRAN Nuclear BOMB!” and spoofed headers. The “From” header purports to originate from WikiLeaks.org, although this is not in fact the case, and the message body contains a URL. This URL downloads and runs WikiLeaks.jar which has a downloader ‘WikiLeaks.class’ file. The downloader pulls the threat from http://ugo.file[removed].com/226.exe. Symantec detects this threat as W32.Spyrat. ...

December 7, 2010 Â· 2 min Â· 226 words Â· Omid Farhang

Taking a look at fake Amazon receipt generators

Sunbelt Blog: Above, you can see a vaguely optimistic VirusTotal user summary in relation to a file that’s been doing the rounds for about a month or two. Here is the file in question: A “receipt generator”, I hear you ask – what do people want with one of those? The answer, of course, is rather straightforward: ...

December 7, 2010 Â· 3 min Â· 552 words Â· Omid Farhang

Looks familiar? Yes! From Alureon!

It’s a normal day to us. We receive a new Bamital virus sample report from a customer, and we provide an analysis. Suddenly, something interesting bursts into my eyes: What’s your thought on this code fragment? At the first glance, this piece of code looks like a non-malicious call to manipulate the Windows Printer SubSystem. But if you’ve analyzed Alureon before, it may look familiar to you. Yes, Alureon also takes advantage of the Windows Print Subsystem to install its payload. ...

December 7, 2010 Â· 2 min Â· 291 words Â· Omid Farhang

Malicious Goo.gl Links Spreading on Twitter [WARNING]

Mashable: A large number of messages containing only the link “goo.gl/R7f68” has appeared on Twitter today, redirecting the users to various malware-laden sites. The messages are mostly coming from disposable accounts, but they also appear on some accounts that appear to be genuine, which indicates that there’s a worm spreading and sending the messages from infected accounts. Furthermore, all of the messages containing the link are sent from the mobile version of Twitter. ...

December 7, 2010 Â· 1 min Â· 154 words Â· Omid Farhang

W32.Yimfoca.B – Malware Localization

The latest W32.Yimfoca.B variants can target malicious links in no fewer than 44 countries and nearly 20 different languages. It has also increased the number of instant messaging applications (previously Yahoo! Messenger) to include the following popular IM clients: Msn Messenger Google Talk ICQ Paltalk Skype XFire Here is a code snippet from W32.Yimfoca.B: This picks the desired messages based on a comparison with the full list of countries listed below: ...

December 6, 2010 Â· 3 min Â· 526 words Â· Omid Farhang

Adobe update spam scam

Here’s the latest twist in the “membership” site scam: spam emails that tell potential victims to update their Adobe Reader include links to a web site intended to look like something related to Adobe products, but is selling “memberships.” The REAL way to update your Adobe software is on the help menu: help | check for updates (see the end of this blog piece for details). The spam email: ...

December 6, 2010 Â· 2 min Â· 304 words Â· Omid Farhang