Notice

Virus Bulletin's blog

The latest Blog posts from the VB team
  1. We are more ready for IPv6 email than we may think
    Though IPv6 is gradually replacing IPv4 on the Internet's network layer, email is lagging behind, the difficulty in blocking spam sent over IPv6 cited as a reason not to move. But would we really have such a hard time blocking spam sent over IPv6?

    Read more
  2. Subtle change could see a reduction in installation of malicious Chrome extensions
    Google has made a subtle change to its Chrome browser, banning the inline installation of new extensions, thus making it harder for malware authors to trick users into unwittingly installing malicious extensions.

    Read more
  3. Paper: EternalBlue: a prominent threat actor of 2017–2018
    We publish a paper by researchers from Quick Heal Security Labs in India, who study the EternalBlue and DoublePulsar exploits in full detail.

    Read more
  4. 'North Korea' a hot subject among VB2018 talks
    Several VB2018 papers deal explicitly or implicitly with threats that have been attributed to North Korean actors.

    Read more
  5. Expired domain led to SpamCannibal's blacklist eating the whole world
    The domain of the little-used SpamCannibal DNS blacklist had expired, resulting in it effectively listing every single IP address.

    Read more
  6. MnuBot banking trojan communicates via SQL server
    Researchers at IBM X-Force have discovered MnuBot, a banking trojan targeting users in Brazil, which is noteworthy for using SQL Server for command and control communication.

    Read more
  7. Throwback Thursday: Giving the EICAR test file some teeth
    The 68-byte EICAR test file plays as important a role today as it did 19 years ago. In this week's Throwback Thursday we look back at a VB99 conference paper in which Randy Abrams described how this 'miracle tool' worked and how it could be used.

    Read more
  8. XMRig used in new macOS cryptominer
    A new piece of cryptocurrency-mining malware on macOS has been found to use the popular XMRig miner.

    Read more
  9. Tendency for DDoS attacks to become less volumetric fits in a wider trend
    CDN provider Cloudflare reports an increase in DDoS attacks targeting layer 7 and focusing on exhausting server resources rather than sending large volumes of data. This fits in a wider trend.

    Read more
  10. Turkish Twitter users targeted with mobile FinFisher spyware
    Through fake social media accounts, users were tricked into installing an Android application that was actually a mobile version of the FinFisher spyware.

    Read more