Category Archives: Emsisoft Lab

Emsisoft Lab, Emsisoft News [Dec, 19, 2013]

Emsisoft Update Cleans Up Database and Identifies Over 6000 New PUPs

This week, Emsisoft releases an update that optimizes our extensive signature database and identifies over 6000 new PUPs!

Emsisoft Lab [Sep, 10, 2013]

CryptoLocker – a new ransomware variant

Over the past few days Emsisoft’s malware research team has received numerous reports of a new file encrypting ransomware strain. This new family of ransomware is commonly referred to as CryptoLocker or Trojan:Win32/Crilock.A. Like all file encrypting ransomware (also known as crypto malware) the goal of the attacker is to encrypt important files on the […]

Emsisoft Lab [May, 23, 2013]

Which browser offers the best malware protection?

Navigating the Internet without web browsers would be like trying to drink your coffee without a mug. It simply doesn’t work. But the browser is also what stands between you and the millions of malware circulating websites out there. Accordingly, all major browsers have their own various forms of protection to protect users from malicious […]

Emsisoft Lab [Apr, 25, 2013]

New Skype scam uses chat bots: Fake webcam girls want your credit card information

Have you ever received a contact request on Skype from someone you don’t know? This may happen from time to time, particularly if your Skype name is publically searchable. But what is really behind these contact requests and why do people bother? To find that out we played along and the following conversation ensued: At […]

Emsisoft Lab [Mar, 15, 2013]

Security advice: Be careful when using Java

Java is installed on almost all computers. This is an obvious security risk, considering that there are regular announcements on new Java vulnerabilities that enable hackers to infect your PC with malware. However, most users don’t even need Java and can safely uninstall it without losing needed functionality. Keep reading to learn all you need […]

Emsisoft Lab [Feb, 21, 2013]

NBC network websites hacked: Distributing dangerous Citadel and ZeroAccess malware through exploits

The websites of the famous US broadcaster NBC as well as various popular NBC shows like “Late Night with Jimmy Fallon”, “Jay Leno’s Garage”, and possibly others have been hacked. Attackers managed to inject malicious iframes both inside the homepages as well as some JavaScript files that point to the RedKit exploit kit: Overall we […]

Emsisoft Lab [Jan, 21, 2013]

LINKEDIN – connecting to… ZeuS?

Last week, a new zero-day Java vulnerability created quite a buzz on the Internet. To illustrate just how effectively this vulnerability is exploited, lets have a look at an email our research lab received, supposedly from LinkedIn. Below you can see the email as we received it. It looks harmless enough and appears to be […]

Emsisoft Lab [Oct, 25, 2012]

“You’ve got an eFax!”

Spam emails are nothing new and unfortunately most internet users are confronted with them daily. Their purposes vary from simply promoting a site or product, to phishing and downright infecting a computer. Today we received a particular nasty, but at the same time convincing-looking email, claiming to be from eFax. Convincing at first sight, but […]

Emsisoft Lab [Oct, 20, 2012]

Linux Rescue CD: a help or a hinderance?

Detect and get rid of malware without entering Windows, use a bootable Linux Rescue CD; it sounds like something that can make the life of anyone who needs to remove malware a lot easier. The idea behind it? Scan your computer without booting in Windows, which can come in handy when malware is actively preventing […]

Emsisoft Lab [Sep, 21, 2012]

Amazon spam: “Your Order Processed Today”

One of our colleagues received spam emails today claiming to be from Amazon . These emails were sent from spoofed addresses and used high priority flags along with a variety of subjects including the following: Re: Order Shipped Today Your Order Processed Today Re: Item Waiting on delivery Now Re: Order Shipped Few hours ago […]

Emsisoft Lab [Aug, 9, 2012]

Dorifel crypto malware paralyzes Dutch companies and public sector

Systems in the Netherlands are currently being hit hard by a new wave of crypto malware named “Trojan-Ransom.Win32.Dorifel”. Based on press reports as well as our own telemetry gathered through our Emsisoft Anti-Malware Network thousands of Dutch systems are already infected. The majority of them located in government, public sector or company networks. Based on […]

Alerts & Outbreaks, Emsisoft Lab [Jul, 31, 2012]

Beware: “Groupon discount gifts” spam!

The Emsisoft malware research team has discovered a new outbreak of the spam emails purporting to be from Groupon. The spam emails are designed to convince the user to open the attachment provided, which contains malware that can infect the system. The spam emails we have received have the subject “Groupon discount gifts“, with an […]

Emsisoft Lab [Jun, 16, 2012]

“Thanks for joining Classmates”, and others…

Following the recent malware scams using various popular brands, like Craigslist, Vodafone, Apple, Verizon, and LinkedIn – some new phishing emails are popping up yet again this week, purporting to be from Amazon, PayPal, Twitter, Habbo Hotel and Classmates.com – a social networking site. As you can see below, the emails look very professional and […]

Emsisoft Lab [Jun, 7, 2012]

More malware spam campaigns

We have detected some more spam emails spreading within recent days that try to infect the user’s computer with a trojan. At this time some of emails are purporting to be from Craigslist, Vodafone, Apple, Verizon, and also LinkedIn. Here are some screenshots of the email. Craigslist IMPORTANT – FURTHER ACTION IS REQUIRED TO COMPLETE […]

Emsisoft Lab [Apr, 8, 2012]

I got a plane ticket from ZeuS!

At the moment there is no week without another spam campaign – this week we proudly present the US Airways ticket scam. The malware behind this scam is still the same as in the previous post, ZeuS a.k.a. Zbot, detected by Emsisoft Anti-Malware as Trojan-Spy.Win32.Zbot. The following email subjects are being used: US Airways online […]

Emsisoft Lab [Mar, 20, 2012]

Open position which you might be interested in

No, this is not one of our job offers but rather one of the spam email subjects used by Zbot on behalf of CareerBuilder. Switching to plain text will reveal the real address as follows: Hello, I am a customer service employee at CareerBuilder. I found a vacant position at Security Finance Corporation that you […]

Emsisoft Lab, Security Knowledge [Mar, 6, 2012]

Secure download resources or a malware cesspool – How trustworthy are download portals nowadays?

The term “download wrapper” is still quite unknown, which of course does not make its basic technology any less harmful. The moment that hackers and malware authors start to specialize in download wrappers, if they haven’t done already, the Internet community may have to face new waves of viruses. Learn more in this article on […]

Alerts & Outbreaks, Emsisoft Lab [Feb, 29, 2012]

BBB & IRS Spam Campaign

We received so many spam emails about BBB (Better Business Bureau) and IRS (Internal Revenue Service) that we had a closer look at it. The emails come from spoofed addresses, such as alert[at]irs.com, subscriptions[at]irs.com, accounts[at]irs.com, etc. Dear Accountant Officer, Hereby you are notified that your Tax Return Appeal id#[NUMBER] has been REJECTED. If you consider […]