White Papers & Articles
You Scratch My Back: BREDOLAB's Sudden Rise in Prominence
October 2009
In August 2009, Trend Micro’s Threat Research Team started noticing a sudden spike in the activities of a new malware dubbed “BREDOLAB,” which was, apparently, related to the Zeus malware family. This paper by researcher David Sancho, explores BREDOLAB’s inner workings, the economics behind the threat, and recommendations to mitigate its effects on home users and corporations.
The Heart of KOOBFACE: C&C and Social Network Propagation
October 2009
This is the second part of the three-part paper by Trend Micro Threat Researchers Jonell Baltazar, Joey Costoya and Ryan Flores discussing the KOOBFACE botnet in more technical detail and chronicling the behavior and payloads of each component.
A Cybercrime Hub
August 2009
Tartu, Estonia, serves as the headquarters for a large cybercrime organization which, on the facade, is a seemingly innocuous ISP. Trend Micro threat researchers explore the operations of this illicit organization.
A Study of the Ilomo / Clampi Botnet
August 2009
The Ilomo botnet, around since 2005, continuously changes its code and steals data. Trend Micro Threat Researchers, Alice Decker, Max Goncharov, Robert McArdle, and David Sancho, provide and in depth analysis of this botnet to better understand the technology behind it.
Security Guide to Social Networks
August 2009
Threat researcher David Sancho discusses the most common areas of attack using social networking sites and recommends ways to minimize risks. The goal of this paper is not to stop users from participating in social networks but to enable them to use these sites more safely.
The Real Face of KOOBFACE: The Largest Web 2.0 Botnet Explained
July 2009
TrendLabs researchers analyze KOOBFACE as it targets social media sites across the Web enticing victims into its expansive botnet.
Infiltrating the WALEDAC Botnet
June 2009
TrendLabs researchers analyze the covert operations of the WALEDAC botnet examining its use of social engineering, encrypted HTTP P2P communications, and fast-flux networks.
A Study of the Pushdo / Cutwail Botnet
May 2009
Trend Micro Threat Researchers, Alice Decker, Max Goncharov, Loucif Kharouni, Robert McArdle, and David Sancho, provide and in depth analysis of the Pushdo / Cutwail Botnet.
Toward Automatic Discovery of Malware Signature for Anti-virus Cloud Computing
January 2009
Wei Yan and Erik Wu of Trend Micro's Advanced Threat Research team propose an Automatic Malware Signature Discovery System for AV cloud (AMSDS) to generate malware signatures from both static and dynamic aspects. This paper was originally presented at ISOI6 in Dallas in January 2009.
Search Engines - Are They Trustworthy
December 2008
This paper presents patterns used by cybercriminals to exploit search engines and manipulate their results. It will include case studies of SEO (Search Engine Optimization) manipulation, search engine redirections by local malware infection or DNS (Domain Name Server) settings modification. This paper was originally presented at AVAR 2008 in December 2008.
Focus on Malicious URLs
October 2008
As cybercriminals continue their relentless pursuit of profit, web threats are unlikely to subside, and may increase during times of economic turmoil around the world. However, businesses and consumers can implement safe practices to prevent them from becoming victims. This white paper describes various types of malicious URL techniques, used in combination with other approaches, and summarizes some of these best practices and technology-based solutions.
Virtual Worlds
October 2008
As companies adopt telecommuting and workers become more mobile, work PCs are increasingly used for various non-work related activities. The increasing popularity of virtual worlds and massively multiplayer online role-playing games (MMORPGs) adds another dimension to these threats and risks. This white paper introduces the kinds of threats that virtual world members and MMORPG players may encounter and suggests protection approaches and best practices for individuals and businesses.
Revealing Packed Malware
September/October 2008
Wei Yan (Trend Micro), Zheng Zhang (McAfee) and Nirwan Ansari (New Jersey Institute of Technology) discuss the challenges posed by packed malare. This article was published in the September/October 2008 issue of IEEE Security and Privacy.
Stormy Weather: A Quantitative Assessment of the Storm Web Threat in 2007
October 2008
Trend Micro CTO, Raimund Genes, and Trend Micro Threat Researchers, Anthony Arrott and David Sancho, present their analysis of the development and evolution of the Storm botnet in 2007. This paper was presented at the VB2008 Conference in Ottawa in October 2008.
The (Life and) Death of the Pattern File
October 2008
Trend Micro Director of Education, David Perry, discusses the ability of the pattern file to combat today's threats as well as newer technologies that may supplant the pattern file. This paper was presented at the VB2008 Conference in Ottawa in October 2008.
“Trendy” Search Results Lead to FAKEAV
October 19, 2009Out with the old, in with the new… though not all that’s old is junk. Some, like FAKEAV, can simply be reliable and infallible, hence its seeming staying power. A TrendLabs study revealed that new techniques were used in the most recent FAKEAV-related attacks. These include the use of Google Trends and GeoIP tracking.
XSS Attacks Go Social Expand Targets
October 5, 2009Both social networking sites and cross-site scripting (XSS) attacks are common tactics used by cybercriminals today. Even combinations of the two are not unusual. Recently, however, Trend Micro analysts encountered a new attack that suggests that cybercriminals are now looking for new social networking sites to target.
KOOBFACE Masters Social Networking
September 21, 2009WORM_KOOBFACE.V’s entry into the threat landscape took KOOBFACE’s Twitter campaign to a whole new level. Each KOOBFACE variant in the past used a single tweet to infect users. In the most recent attack, however, the new variant used at least 40 unique messages at once, which put users at greater risk.
Spambot Sends Automated Tweets
September 7, 2009Popularity comes with a price, so they say. And Twitter is paying its due as more and more cybercriminals set their sights on the micro-blogging site whose popularity continues to soar.
Mass Compromises and Zero-Day Exploits: A Lethal Combination
August 27, 2009Both zero-day compromises and compromised websites are, unfortunately, common enough security threats in today’s Internet landscape. However, when these two threats are combined, they pose a significant threat to users—something that was demonstrated in graphic detail fairly recently.
Stealthier Version of Click Fraud Discovered
August 10, 2009TROJ_FFSEARCH.A introduces a new level of stealth that attempts to take advantage of the advertising industry. Advertisers may have realized the power of the Web in reaching new target markets, but cybercriminals spring new traps that may consistently defeat the purpose of pay-per-click (PPC)advertising.
Wire Transfer Delivers Malware
July 27, 2009Though moving forward in terms of IT usage is a must in the current threat landscape, companies must do so with utmost care. They should keep in mind that keeping their processes and data secure is pertinent to their success.
Spam Poses More Malware and ID Theft Risks
July 13, 2009Cybercriminals are stepping up their game to infect more users, corporate or otherwise, with their expanding portfolio of malware by using well-known or popular brand names for their scams and attacks. In this attack, a Microsoft Outlook “update” was used as bait to lure PC users to specially crafted phishing sites.
There May Be a Worm in Your Apple: Mac Malware Threats
June 16, 2009While the popularity of the Mac continues to increase, cybercriminals are finding it to be a tasty temptation. Learn about some of the more recent attacks on the Mac OS.
Scorching-hot Summer Threats
June 2, 2009TrendLabs has compiled a roundup of some of the more popular threats you can expect to see making rounds this summer.
Nothing Micro about Micro-Blogging
May 18, 2009While the micro-blogging service Twitter experiences explosive growth, cybercriminals are quick to leverage it for cyber attacks. Read about recent threats targeting Twitter.
Secure Your Mobile Data
April 8, 2009With the growth of smartphones, corporations must work harder to protect their data. Get tips on the best ways of keeping your data safe on these mobile devices.
