Incidents

Adware or adwars?

First time in my life I see how different AdWares fight each other. A new 21KB Win32 executable first removes data files and registry keys which belongs to EliteBar AdWare (according to KAV anti-AdWare databases) and then opens one of two Ad URLs. It seems that the AdWare market is going to be a hot one and different AdWare coders face a lot of competition from each other. Obviously they will fight. Remember Bagle-NetSky-Mydoom war?..

We detect this adware as TrojanClicker.Win32.Agent.af.

Adware or adwars?

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Reports

ToddyCat: your hidden email assistant. Part 2

An in-depth analysis of Umbrij, a new tool used by the ToddyCat APT group to compromise corporate email communications in Gmail. The attack targeted OAuth authorization tokens, allowing threat actors to gain access to Google services.