Intipadi.com – Sebuah sample malware terbaru yang dideteksi oleh McAfee saya sebagai Generic Dropper.QQ telah selesai dianalisis untuk Safeboard AV. Hash: File MD5: 0×2704EB3DBE1D01732751F6889C87D747 File SHA-1: 0×9A2A59964789A004E5002CF62DC233E10AEBB2A7 Filesize: 798.720 byte Temuan: - Hanya melakukan infeksi di startup Windows AKPC_IDS += "2466,";Popularity: 5% [?] [Translate]  Read More →

Intipadi.com – Sebuah sample Rontokbro, atau Brontok terbaru mampir di submit threat zone, Safeboard Antivirus kami. Dikenali sebagai W32/Rontokbro.b@MM oleh McAfee atau Worm.Brontok.B oleh ClamAV dan beberapa antivirus luar sudah mengenalinya. Berikut analisis sekilas tentang Brontok terbaru ini: Hash: File MD5: 0×0A61E7AC8EE57A718919FC1406C57FB0 File SHA-1: 0xB10A3136F56B1E0D0A2784DF7EDF29C33C8BB633 Filesize:... 

ThreatsExpert.com – While the sentence of the Pinch Trojan authors is about to expire within the following few months, the code of their Trojan is still being morphed by others into other nasty forms. Apart from its known ability to gather system information and steal confidential information such as user names and passwords, the Pinch is now capable of delivering the stolen details to the remote... 

Ini adalah front end dari layanan scanning virus komputer GRATIS dari 3 vendor, yaitu: VirusTotal.com Kaspersky Online Scan ClamAV Untuk menggunakannya, silakan pilih file yang akan discan, kemudian tekan tombol Scan untuk memulai. AKPC_IDS += "409,";Popularity: 4% [?] [Translate]  Read More →

ThreatsExpert.com – As published in the previous blog post, analysis of the current version of Koobface uncovered a very interesting part about it – its “ability” to resolve CAPTCHA protection at the Facebook web site. To put it simply, if Koobface was unable to resolve Facebook’s CAPTCHA protection, it would’ve been unable replicating because in order to submit a new message,... 

ThreatsExpert.com – This blog post is not for the technical guru! While it’s not for mums and dads either, its main purpose is to explain to an average user how to manually remove persistent malware that cannot be easily deleted otherwise. A reader who starts shivering from hearing the words “Linux” or “Ubuntu” could find this post useful too – not only to be... 

ThreatsExpert.com – The worm Conficker/Downadup does not need a special introduction as it was pretty well described in various write-ups in great detail. Nevertheless, considering it employs a set of unique techniques, a deeper analysis is needed. One of such techniques is its memory injection model that will be discussed in this post. Note: as the analysis continues, more posts might be expected. AKPC_IDS... 

ThreatsExpert.com – A few months old trojan Brisv that infects multimedia files has struck again with no apparent reason, as reported by our customers. The trojan enumerates local and mapped network drives looking for the files with the extensions ASF, WMV, WMA, MP2, MP3. It will then infect the located files by injecting malicious script that instructs the media player to pop up default browser...