Posted
by
nanoadmin at
27 March 08 09:00
According to data gathered at the Infected or Not website (http://www.infectedornot.com) this week, 25.41% of computers with a security solution installed were infected.
Among the thousands of malicious codes that have appeared this week, the present PandaLabs report focuses on the Bankolimb.AF Trojan and the Autorun.RS worm.
When it is run, Autorun.RS releases two files on the computer designed to steal passwords for online games. The use of worms that can steal passwords, a feature more often associated with Trojans, is a growing trend.
The reason is that worms, unlike Trojans, can spread by themselves, which represents a real advantage for cyber-crooks. Theft of passwords for online games is motivated by the potential financial returns that this can generate. In these games, there are levels and items that can only be achieved through skill and experience.
However, many users are willing to pay for them on forums, web pages, etc. Cyber-crooks readily profit from this situation. The Bankolimb.AF Trojan drops several libraries on the computer, one of which is registered as a BHO (Browser Helper Object). This allows it to monitor the Internet activity of the user, monitoring when they access online bank pages, and adding fields to forms that users see on these pages, in order to collect additional information. The Trojan captures keystrokes to steal passwords entered into these pages. It then sends the information to its creator, uploading a file with the data to a server.
Posted
by
nanoadmin at
01 March 08 02:17
Cyber-crooks are looking for ways to test their creations before distributing them. An investigation conducted by the malware analysis and detection laboratory at Panda Security, has shown that cyber-crooks are collaborating on different forums and pages to develop test-tools that replicate the scans of some of the leading security solutions. This allows hackers to check their creations will be undetected before launching them.
These tools represent another piece of the new malware dynamic, in which cyber-crooks no longer seek to cause widespread alerts and make the headlines, but to go unnoticed. They therefore want to check their creations are undetected by companies before launching them.
But we have the solution: collective intelligence.
Posted
by
nanoadmin at
07 February 08 03:22
According to the results obtained in the Q1/2008 comparison test of anti-malware solutions conducted by the prestigious organization AV-Test.org (http://www.av-test.org/), Panda Security’s proactive and anti-rootkit protection technologies are among the best in the market.
It is worth pointing out that this test has considered aspects other comparative reviews don’t look at. Firstly, it analyzed the capacity to provide proactive detection not only through heuristic scans and generic signature files, but also through behavioral analysis. This feature is especially important for detecting unknown threats and is not incorporated in all the security solutions available in the market. However, the Panda products have included it for many years as part of their TruPrevent Technologies.
Secondly, the assessment of the various solutions’ anti-rootkit capabilities did not limit to rootkit detection through signature files, but also evaluated the products’ capacity to detect and remove these dangerous threats once they are active and hidden on the system.
In both cases, the Panda Security solutions proved extremely effective, getting the maximum score when it came to detecting unknown threats and rootkits.
Posted
by
nanoadmin at
01 February 08 07:15
PandaLabs has detected two new worms, Nuwar.OL and Valentin.E, which use the topic of St Valentine’s Day to spread.
Nuwar.OL, reaches computers by email with subjects like “I Love You Soo Much”, “Inside My Heart” or ” You… In My Dreams”. The text of the email includes a link to a website that downloads the malicious code. The page is very simple and looks like a romantic greeting card, with a large pink heart.
Once it has infected a computer, the worm sends out a large amount of emails to the infected user’s contacts, in order to spread. This also creates a heavy load on networks and slows down the computer.
Valentin.E is very similar to this. Like the Nuwar worm, it spreads by email in messages with subjects like “Searching for true Love” or “True Love” and an attached file called “friends4u”. If the targeted user opens the file, a copy of the worm will be downloaded. The malicious code installs on the computer as a file with the .scr extension. If the user runs it, Valentin.E shows a new desktop background to trick them, while it makes several copies of itself on the computer.
Then, the worm sends out emails with copies of itself from the infected computer to spread and infect more users.
So be careful. If you think you've opened a malicious file disguised as a St. Valentin's greeting card, you should check your PC with NanoScan.
Posted
by
nanoadmin at
16 January 08 01:37
The anti-malware solutions from Panda Security offered the most effective proactive protection in a study carried out by the prestigious AV-Test.org (http://www.av-test.org/) organization. The study tested a number of security solutions from a range of vendors against threats from the “In-The-Wild” list, during July, August and September 2007. The detection rates were measured using the recommended settings for the e-mail and web protection of the products (as the infiltration vector for most malware is the internet).
Panda Security solutions proactively detected 91% of threats. This was way above the percentages recorded by companies such as Sophos (86%), Kaspersky (69%), Trend Micro (68%), F-Secure (67%), Symantec (66%), McAfee (55%) or Microsoft (48%).
“It is important to bear in mind that this analysis only evaluated heuristic and signature-based technologies. Panda Security products actually include additional pro-active protection layers such as HIPS and a behavioral analysis module. This further increases the protection that we offer our clients”, confirms Luis Corrons, Technical Director of PandaLabs.
Similarly, and according to the same study, PandaLabs, Panda Security’s anti-malware laboratory, is once again confirmed as one of the fastest in the industry in providing protection against new threats through virus signature files. It is able to provide updates to its clients considerably quicker than its most direct competitors.
More information about the study is available at the AV-Test.org website, at: http://www.av-test.org/
Posted
by
nanoadmin at
28 December 07 10:45
As for the new samples that appeared this week, PandaLabs report about the MsnChristmas.A worm, and the Yahmail.A and Banbra.FEM Trojans.
The MsnChristmas.A worm spreads to Messenger contacts in messages like "Christmas photo! :D", "vengo de fi este foto" or "Hey i que hace el"
which contain an infected attachment called "img2007-12.JPEG.scr". If the recipient of the message runs the file, the worm will install on the system.
Yahmail.A is a Trojan that can either be dropped on the system by other malware or sent in a spam message. This malicious code is designed to steal user names and passwords for the Yahoo! instant messaging application and send them to a certain Internet address.
Once installed on the target computer, Yahmail.A creates several copies of itself on the system and inserts a series of entries in the Windows registry. This way, it ensures it is run every time the system is started up.
Finally, Banbra.FEM is a banker Trojan, designed to steal login data for certain online banking services and Internet payment platforms.
To check if your PC is infected, you can use NanoScan.
Posted
by
nanoadmin at
14 December 07 11:14
Banker Trojans are one of the main threats online shoppers will face this Christmas. These malicious codes are designed to steal passwords for accessing online banking services, payment platforms like PayPal, etc. Banker Trojans accounted for 18.59% of malware infections in 2007 and 24.10% of the infections caused by Trojans.
This type of malware works in various ways, from capturing keystrokes to redirecting users to spoofed banking sites in order to get their money. Online shoppers must make sure their computers are free from malicious code before carrying out online transactions.
Online shoppers must be cautious as, according to estimates, the average amount of money stolen from victims through phishing and Trojans in 2006 was €6,383.
We recommend to check the PC with NanoScan before buying online to be sure that there are no Trojans in the system.
Posted
by
nanoadmin at
27 November 07 02:52
Some 75 percent of all new malware that appeared in the third quarter of 2007 were Trojans, according to data from the PandaLabs Q3 2007 report, available at: http://pandalabs.pandasecurity.com/archive/Pandalabs-Quarterly-Report-July_2D00_September-2007.aspx
Adware (12%) and worms (11%) were the other categories of malicious code with a significant number of new strains over the last three months.
In terms of the number of infections, Trojans also headed the list. During the third quarter they accounted for 32 percent of malware detected on computers of users of the Panda ActiveScan online scanner. Adware was in second place with an infection ratio of 24 percent.
The PandaLabs report on malware activity in the third quarter of 2007 also offers a comparative review of kits for installing malware using exploits. These malicious tools allow cyber-crooks to exploit vulnerabilities on computers and servers to infect users.
The report also looks at the most serious vulnerabilities in Q3 as well as other news related to criminal activity on the Web.
Posted
by
nanoadmin at
09 November 07 04:26
Some 14% of computers scanned last week at the Infected or Not website (http://www.infectedornot.com) with the NanoScan and TotalScan online scanners were infected with active malware, that is, threats that were performing some kind of malicious action at the time of the scan.
25% of computers scanned had latent malwate, that is, malicious code installed on the system.
Of all the computers scanned, 72% had some kind of antivirus protection installed. However, this doesn’t guarantee total protection, as almost 30% of protected computers were infected by malware.
“Traditional, signature-based protection is no longer enough. It is necessary to complement it with proactive technologies that can detect threats by analyzing their behavior, and periodic audits with tools that can detect much more malware”, confirms Luis Corrons, Technical Director of PandaLabs. He adds: “NanoScan and TotalScan are examples of these tools, which work according to a collective intelligence approach. This system does not just check a single signature file, but uses an extensive knowledge base on Panda’s servers that allows these tools to detect much more malware”.
Perhaps you should check your PC with NanoScan...
Posted
by
nanoadmin at
03 November 07 12:00
Some 30% of computers with a security solution installed scanned last week at the Infected or Not website (http://www.infectedornot.com) with the NanoScan and TotalScan online scanners were infected with some kind of malware. In the case of computers without any kind of protection, the figure goes up to 44%.
“Malware creators are trying to put a large number of threats in circulation and install them silently to prevent security companies from detecting them and generating the necessary vaccines”, explains Luis Corrons, Technical Director of PandaLabs, who goes on to say, “As a consequence, traditional security solutions must be complemented with other types of online solutions, like NanoScan or TotalScan, which have access to the vast knowledge-base hosted on the Panda Security servers and can detect much more malware”.
Posted
by
nanoadmin at
24 October 07 02:56
Almost 72% percent of companies with more than 100 computers have active malware on their network. This data has been collected in a study conducted in the second quarter of this year by PandaLabs, the malware analysis and detection laboratory at Panda Security.
The data was collected between May and July, 2007, and consisted of more than 1,200 firms with security solutions installed. The aim of the study was to uncover the number of ‘protected’ computers infected (home and corporate).
The study also analyzed the type of protection installed on infected computers, revealing that 4.55% of systems protected by Computer Associates were infected, while this figure was 4.3% in the case of Trend Micro, 2.8% for Symantec, 2.28% for McAfee and finally, 0.73% in the case of Panda.
According to the data collected in the study, only 37.45% of users have up-to-date anti-malware software on their computers, the rest are unprotected or have outdated security solutions.
PandaLabs’ study revealed that 22.97% of home computers with an up-to-date security solution have malware, as opposed to 33.28% of unprotected computers.
Adware is the top malware both on corporate (63.04%) and home computers (54.50%). Trojans come second, accounting for 12.57% of malicious code on corporate PCs and 15.46% on home PCs. There has also been a significant increase in banker Trojans, mostly on corporate computers.
The number of rootkits (programs used by cyber-crooks to conceal the processes of malicious code and make their detection more difficult) has increased on home and corporate computers, becoming the third most detected malware type.
Posted
by
nanoadmin at
12 October 07 02:40
Almost 26 percent of computers scanned last week at the Infected or Not website (http://www.infectedornot.com) with the NanoScan and TotalScan online scanners were infected with some kind of active malware. This implies not only that the computer was infected but also that the malware was operating maliciously at the moment of the scan.
Moreover, with respect to the total number of computers scanned, over 33 percent were infected even though they had an antivirus solution installed. The figure for those systems without protection was over 43 percent.
The distinction between active and latent malware is very important. Active threats are those that are actually causing damage to the user at the moment of the scan. These could be anything, from memory-resident banker Trojans stealing confidential passwords, to bots sending spam or attacking other computers without the user realizing.
Another good reason to check the PC with NanoScan.
Posted
by
nanoadmin at
04 October 07 07:53
NanoScan now detects more than 2 million malicious codes. This is the result of the collective intelligence focus on which these two solutions are based, allowing them to continuously update with thousands of new signatures every day. In addition, they have the capacity to detect unknown malware, thanks to the intelligent TruPrevent technologies.
The number of malware strains detected by these tools has increased by one million over the last three months. This highlights the current false sense of security among many users, as the number of new malicious code in circulation is greater than ever.
Perhaps you should use NanoScan to check if your PC has been infected...
Posted
by
nanoadmin at
27 September 07 01:37
The amount of new threats that appear every day is increasing exponentially, and the creators of malicious code are now only after our money. That’s why they are now trying to infect computers silently. Panda Security is carrying out a macro-study online at http://www.infectedornot.com to assess accurately the security status of computers. The website lets Internet users scan their systems for free with the new NanoScan and TotalScan tools.
So far, and although the study has only just begun, we have seen that between 20 to 25 percent of computers have some kind of malicious code, even though most have a security solution installed. This means that many users are infected without knowing.
Posted
by
nanoadmin at
13 September 07 07:08