Well, okay, if you happen to be an extremely fast reader. The Association of Anti Virus Asia Researcher’s (AVAR) 14th AVAR Conference just wrapped up in Hong Kong on Friday. This year, the focus was on security issues in and around the emerging Asian security market, and how to rise to the challenge. As one speaker related, there is a very small percentage of internet users who have been educated and act securely online. As emerging markets surge into the online fray, the pace of new users far outstrip the pace of educated/secure users on the Internet as a whole, so the challenges are huge.

The conference (principally sponsored by ESET & Microsoft) started out with a keynote from Roy Ko, with ASCERT, with points about getting the latest notifications out to the community in a timely manner. Other talks centered around mobile malware, reverse engineering various new malware hitting the streets, including EFI (Extensible Firmware Interface) “bootkit” malware and others targeting various platforms, such as Mac. Google image poisoning also got dissected, as BHSEO makes its way into Google image search results, a disturbing trend. Malware obfuscation techniques were discussed, along with reverse engineering exploit kits. Industry cross-collaboration & multi-scanning was highlighted from the folks at OPSWAT, following an announcement that ESET will also collaborate with them.

The overarching tone of the event was really centered around educating the next generation of Internet users to stay safe online (including my presentation on future education systems with embedded intelligence). As mobile platforms hit the streets en masse, with new and more powerful processors, users and organizations will continually have to grapple with security in new ways. This conference highlighted some of the current and future threats in ways that gave all the major players in the field some substantive food-for-thought for how we will all meet the challenge. If you were there, you enjoyed it. If not, there’s always next year, see you then!

See the article here:
AVAR Hong Kong security conference 2011 – in 30 seconds

Kaspersky Lab, a leading developer of secure content management solutions, announces that its CEO and co-founder Eugene Kaspersky addressed the international conference Cooperation against Cybercrime

Read more from the original source:
Eugene Kaspersky addresses Council of Europe conference on cybercrime

Kaspersky Lab launches Kaspersky Mobile Security Enterprise Edition, designed to protect corporate users of smartphones from all kinds of Cybercrime.

Read the original post:
Kaspersky Lab launches solution to protect mobile phone business users against Cybercrime

Kaspersky Lab announce the release of Kaspersky Mobile Security 8.0 – the latest version of Kaspersky’s cutting-edge smartphone security solution to ensure smartphones are as secure as a PC against Cybercrime threats

Read more:
New Kaspersky Mobile Security 8.0 makes smartphone protection easy

Kaspersky Lab publishes analytical article about Wi-Fi related Cybercrime threats and protection measures

Read more here:
Kaspersky Lab publishes the article "Summertime is Wireless Time"

Here's an example of search poisoning

Last week, I attended the Francopol conference on cybercrime in Nicolet, Canada, inside the impressive Quebec National Police School. As in 2010, I was impressed by the sessions and speakers taking part. Here are some elements I would like to share with you.

A part of the talks approached the techniques used online by suspects to deceive young children for sexual ends and how to unmask them. On Wednesday, René Morin from the Canadian Centre for Child Protection said that his institute receives more than 700 reports per month. Between August 2007 and June 2011 they analyzed the most critical reports and are about to publish the results. They noted that the average age of suspects has fallen to 26 years old from 31 years old in a previous report. Girls are 85 percent of victims (up from 77 percent). Social network platforms such as Facebook and gaming sites like Dofus are growing attack vectors, but MSN instant messaging is still the most common avenue.

Updates for current users are free of charge / security check using the Cybercrime scanner enables the channel to acquire new customers

The rest is here:
Kaspersky Lab presents powerful major enhancements to its business solutions for SMBs and enterprises

The article sheds light on the nature of the cybercrime business and, in particular, the botnets at its core.

Read the original here:
Kaspersky Lab announces publication of an article entitled "The botnet ecosystem"

Maybe you don’t know this, but many guys here in the lab can tell you where a banking Trojan is from just taking a look at it for a few seconds. There are a number of different banking Trojan families, but it’s really easy -once you have analyzed thousands of them- to group them by origin. In the case of the Brazilian ones, there are a number of tips that can be used:

- Size of the file (yeah, I know this is pretty basic but the size of those Trojans is way bigger than the average)
- Programming language (Delphi)
- Text strings (usually Brazilian or South American banks)

And I’m only talking about the binary file. If we take a look at the distribution methods, we can obtain more leads. Unlike the rest of the world, these Brazilian cybercriminals don’t use infection kits (MPack, etc.) but only social engineering techniques, which seems to be good enough for them. One of the latest cases we have seen was using the current president of Brazil, Dilma Rousseff, as bait. They usually spread the malware via e-mail in spam messages, or in Internet forums and social networks:

In this case the downladed file is the Trojan Nabload.DUF. Taking a look at the server where the file is hosted, we were able to find one folder with a different file (another Nabload):

My Brazilian Portuguese is not great but good enough to understand they are talking about Juju, Nicole and a video. But who are Nicole and Juju? Using one of Internet’s most powerful weapons, a search engine, we find out who Nicole and Juju are:

Nicole Bahls

Juju Salimeni

asdasdasd

asdasdasdasd

asdasdasdasd

asdasdasdasdas

asdasdasdas

asdadasdasd

asdasdasdasdad

asdadasdasdasdas

adadasdasdasdasd

asdasdadasdasdasd

dadasdsadasdasdsad

Now I know what kind of social engineering is this one

Even though the file was uploaded in April, we found some spam messages distributed in July:

Remember that we are the weakest link in security, and it doesn’t matter how many security measures we do take, there are not -yet- an antivirus for human beings

Originally posted here:
Brazilians, banking Trojans and social engineering