Threat Research

It’s what we do.

April 2009 wrapup: Thumbdrives under threat

May 1, 2009By Andrew Brandt

We’ve just tallied the top 10 threats Webroot’s consumer products detected during the month of April, and some interesting trends appear to be shaping up. Conficker aside, the first quarter of 2009 seemed to…read more

Botnet malware targets MyYearbook

May 1, 2009By Andrew Brandt

The team here at Webroot has picked up on a Trojan that appears to target a relatively new social networking site: MyYearbook.com. The site caters to the high-school-age crowd with activities that include various kinds…read more

Phishing Trojan Targets Russian Finance Websites

April 13, 2009By Andrew Brandt

For a long time, we’ve heard about phishing attacks originating in Russia or eastern Europe that target western banks. There’s nothing surprising there. Latter-day Willie Suttons typically target big US or European banks because,…read more

Inane Shenanigans with Worm-Shiv

April 8, 2009By Andrew Brandt

It’s been a long time since I’ve worked on a malware file as singularly obnoxious as Worm-Shiv, a new worm we defined a few weeks ago. There isn’t anything especially technically avant-garde or…read more

Someone Confick-rolled the Internet

April 1, 2009By Andrew Brandt

Well, the big Conficker.c launch day is upon us and…nothing. So far, anyway. Someone should start selling “I blogged about Conficker and all I got was this lousy T-shirt” shirts. Cafepress, are you listening? We’ve…read more

From Pixels to Phishers

March 31, 2009By Andrew Brandt

Over the past year, we’ve seen a huge jump in the number of mass downloader spyware. These small executable files have just one job, and they do it very well: They pull down…read more

Adware Purveyors Panning for Search Gold

March 27, 2009By Andrew Brandt

We know most adware companies are shameless in their pursuit of revenue, but it’s been a while since we’ve seen anything as bizarre (or hilariously bold) as the sales pitch from a relative…read more

New Malware Ruins Firefox

March 25, 2009By Andrew Brandt

Late last year, we read all the buzz about ChromeInject, a malicious DLL that was being billed as the first malware specifically targeting Firefox. It was interesting to see that someone built a…read more

Introducing the Threat Blog

March 23, 2009By Andrew Brandt

Welcome, readers. I’m a member of the Threat Research team at Webroot, and I’ve been asked to contribute to Webroot’s new Threat Blog. I’d like to take a moment to introduce myself, tell…read more

true