Microsoft Malware Protection Center

Threat Research & Response Blog

Browse by Tags

  • Blog Post: Phishing: not just for banks

    When people think of phishing (a deception to trick a user into sharing their credentials with a third party), they might usually think of banking. But with the popularity of online games, they can still be a target even if they protect their banking information. A typical reason for phishing in games...
  • Blog Post: Online Game Password Stealers Riding with 0-day DirectShow Exploits

    On May 28, our colleagues at The Microsoft Security Response Center released advisory 971778 which elaborated on a new vulnerability in Microsoft DirectShow effecting Windows 2000, Windows XP and Windows Server 2003. You can obtain more details on how to protect your environment from this vulnerability...
  • Blog Post: The Cost of Free $oftware (part 2)

    After we tracked down one of the sources for the Zlob trojan as a free torrent download, we decided to see exactly how deep the rabbit-hole goes. So we checked the newest uploads and saw another package for the latest version of WinRAR (3.80). It had just been uploaded so we decided to see if it really...
  • Blog Post: MMPC Encyclopedia Top 5: More Bancos

    The following is a list of our top five most commonly viewed encyclopedia pages last month: TrojanSpy:Win32/Bancos.gen!A Program:Win32/Antivirus2008 Trojan:Win32/Vundo.gen!H Win32/Vundo Win32/Virtumonde The trends appear quite similar to the month prior: the most popular encyclopedia...
  • Blog Post: MSRT Observations – Online Game Password Stealers

    The February release of MSRT added a new threat family, Win32/Srizbi , as Vince discussed last week. As of February 16, MSRT has cleaned 38,697 machines from Srizbi infections, which is 14.1% of the total September 2007 removals of Win32/Nuwar or the “Storm” worm during the same timeframe. So what...
  • Blog Post: Helpful Suggestions to Protect You From Game Password Stealers

    Greetings, As you probably figured out from Matt McCormack’s post , and Jeff Williams' post ; there are a lot of Game PWS (password stealers) out there. I decided to do a post on how you might prevent these PWS from infecting your computer. 1. Run up-to-date antivirus software. I know us gamers...
  • Blog Post: MMPC @ Gamefest 2008

    I had the privilege of presenting a couple of weeks ago at Gamefest 2008 —a Microsoft sponsored technical conference targeted at the games industry. I spoke about game password stealers- what they do, which games are targeted by which families and the behaviors of those families, prevalence, number of...
  • Blog Post: Do and don’ts for p@$$w0rd$

    Almost a year ago , we started a project designed to monitor incoming attacks against a normal user on a day-to-day basis. We presented you with details about the geographical area from where the attacks originated and what services were targeted, and we gave you just a hint about FTP dictionary-based...
  • Blog Post: 860,000 Computers Cleaned from Password Stealer Infections in One Week

    This month’s MSRT shows the following top ten most prevalent threat families as of May 19. The newly added and blogged rogue family, Win32/Winwebsec , is ranked at #17 with 34,792 infected machines. Family Most Significant Category Detections Infected Machines ...
  • Blog Post: MSRT June '12 - cleanup on aisle one

    In the June '12 installment of the Microsoft Malicious Software Removal Tool (MSRT), we take on two threat families - Win32/Kuluoz and Win32/Cleaman . This post includes information about Kuluoz as we'll discuss Cleaman later this month. Win32/Kuluoz is a multi-component trojan family that that attempts...