Threat Research

It’s what we do.

Adware client tags you as its pitchman

May 21, 2009By Andrew Brandt

Over the past week, someone has been spamming the file sharing site with comments advertising a new “product” called BittorrentBooster. According to the site’s administrators, the spammer used a large number of…read more

Old Chinese Hack Tool Used for New Tricks

May 14, 2009By Andrew Brandt

This week’s installment of what’s-old-is-new-again in the world of malware comes from one of the many groups making and distributing phishing Trojans in China. Earlier this year, someone discovered a hacktool called ZXArps, and…read more

April 2009 wrapup: Thumbdrives under threat

May 1, 2009By Andrew Brandt

We’ve just tallied the top 10 threats Webroot’s consumer products detected during the month of April, and some interesting trends appear to be shaping up. Conficker aside, the first quarter of 2009 seemed to…read more

Botnet malware targets MyYearbook

May 1, 2009By Andrew Brandt

The team here at Webroot has picked up on a Trojan that appears to target a relatively new social networking site: The site caters to the high-school-age crowd with activities that include various kinds…read more

Phishing Trojan Targets Russian Finance Websites

April 13, 2009By Andrew Brandt

For a long time, we’ve heard about phishing attacks originating in Russia or eastern Europe that target western banks. There’s nothing surprising there. Latter-day Willie Suttons typically target big US or European banks because,…read more

Inane Shenanigans with Worm-Shiv

April 8, 2009By Andrew Brandt

It’s been a long time since I’ve worked on a malware file as singularly obnoxious as Worm-Shiv, a new worm we defined a few weeks ago. There isn’t anything especially technically avant-garde or…read more

Someone Confick-rolled the Internet

April 1, 2009By Andrew Brandt

Well, the big Conficker.c launch day is upon us and…nothing. So far, anyway. Someone should start selling “I blogged about Conficker and all I got was this lousy T-shirt” shirts. Cafepress, are you listening? We’ve…read more

From Pixels to Phishers

March 31, 2009By Andrew Brandt

Over the past year, we’ve seen a huge jump in the number of mass downloader spyware. These small executable files have just one job, and they do it very well: They pull down…read more

Adware Purveyors Panning for Search Gold

March 27, 2009By Andrew Brandt

We know most adware companies are shameless in their pursuit of revenue, but it’s been a while since we’ve seen anything as bizarre (or hilariously bold) as the sales pitch from a relative…read more