Mac Protector: Register your copy now! Part 2

A few days ago I published a blog post regarding the reverse engineering of the Mac OSX Rogue AV registration routine. The goal was to see if the product was acting like a legitimate one once registered. The product behaved normally, and pretended to clean the machine like their windows counterpart. It was also possible to gather intelligence on the technical support once registered.

Read Full Article

Ransomware: GPCode strikes back

Kaspersky lab discovered a new variant today, in the form of an obfuscated executable. Please review the technical details for further information. The threat was detected automatically thanks to the Kaspersky Security Network as UDS:DangerousObject.Multi.Generic. Read Full Article

Japan Quake Spam leads to Malware Part 3

Last week, we published a blog post regarding the ongoing spam campaign using the recent earthquake in Japan to infect users. This is a follow up blog describing the exploits used. According to our analysis, it seems that the malicious links from the spam emails lead to websites hosting the Incognito Exploit Kit. Read Full Article