Threat Research

It’s what we do.

Chinese Trojan Turns Infected PCs Into Web Servers

December 4, 2010By Andrew Brandt

A complex and elaborately conceived family of malware that originates in China installs the Apache Web server, as well as half a dozen keylogger and downloader payloads, disguised as components of legitimate apps….read more

Karagany Isn’t a Doctor, but Plays One on Your PC

November 22, 2010By Andrew Brandt

A Trojan that pulls a sly performance of now-you-see-me-now-you-don’t disguises itself on an infected system as the Adobe Updater, a real program that’s installed alongside such mainstay applications as the Adobe Reader. This…read more

Rogue AV Spam Invades Multiply, Yahoo Mail

November 10, 2010By Andrew Brandt

While nowhere near the size of the mammoth Facebook, the social network Multiply is no slouch. Based in Boca Raton, Florida, the site is designed around not only sharing photos and videos with…read more

Search Hijacker Adds Files to Firefox Profile

November 5, 2010By Andrew Brandt

In September, I posted an item about a dropper which we call Trojan-Dropper-Headshot. This malware delivers everything including the kitchen sink when it infects your system. It has an absolute ton of payloads,…read more

Game Trojans’ Biggest Tricks in 2010

October 22, 2010By Andrew Brandt

By Andrew Brandt and Curtis Fechner It’s appropriate that this year’s Blizzcon, the two-day celebration of all things World of Warcraft, takes place during National Cyber Security Awareness Month. No other game is…read more

WoW Patch Brings Out the Malware Trolls

October 20, 2010By Andrew Brandt

Last week, Activision/Blizzard released a long-anticipated patch for its immensely popular game, World of Warcraft. While I don’t play this game, a number of our Threat Researchers do, and they’ve been on the…read more

Your Federal Tax Payment Has Not Been Rejected

October 13, 2010By Andrew Brandt

It’s been more than a week since we started seeing spam email, supposedly sent by the EFTPS (Electronic Federal Tax Payment System, a division of the US Department of the Treasury), informing recipients…read more

Newsflash: HTML Spammers are Not So Bright

September 27, 2010By Andrew Brandt

It’s been more than a week that we at Webroot, and countless others, have been getting floods of bogus messages with HTML attachments. I thought I’d give the curious readers of this blog…read more

true