Microsoft Malware Protection Center

Threat Research & Response Blog

Browse by Tags

  • Blog Post: An analysis of Dorkbot’s infection vectors (part 2)

    In part 1 of this series , we talked about Dorkbot and its spreading mechanisms that required user interaction. In this post, we'll talk about how Dorkbot spreads automatically, via drive-by downloads and Autorun files. Spreading vectors not requiring user interaction: Drive-by downloads and Autorun...
  • Blog Post: There’s more than one way to skin an orange…

    ​When it comes to attacking a system, and compromising its data and/or resources, there are several different methods that an attacker can choose. One of the more effective ways to make a successful compromise is to take advantage of perceived vulnerabilities in the targeted system. A vulnerability refers...
  • Blog Post: Keep your Facebook friends close and your antivirus closer

    Facebook malware attacks are not new. Scams spreading via status updates have been around for a long time, but in recent weeks one threat has been getting creative in terms of social engineering. Backdoor:Win32/Caphaw.A can intercept URL requests in both Firefox and Internet Explorer and it has been...