Slashdot Mirror

← Back to Domains

Domain: eset.com

Stories and comments across the archive that link to eset.com.

Stories · 4

  1. Trojanized SSH Daemon In the Wild, Sending Passwords To Iceland

    It · Security · · posted by timothy · from the in-iceland-they-get-massages dept. · 171 comments
    An anonymous reader writes "It is no secret that SSH binaries can be backdoored. It is nonetheless interesting to see analysis of real cases where a trojanized version of the daemon are found in the wild. In this case, the binary not only lets the attacker log onto the server if he has a hardcoded password, the attacker is also granted access if he/she has the right SSH key. The backdoor also logs all username and passwords to exfiltrate them to a server hosted in Iceland."

  2. Most Sophisticated Rootkit Getting an Overhaul

    It · Botnet · · posted by Soulskill · from the evil-upgrades dept. · 104 comments
    jfruhlinger writes "TDL4, a rootkit that helps build a powerful botnet, is pegged by security vendor ESET as one of the most sophisticated pieces of malware in the world. But its creators aren't resting on their laurels; they're rewriting some of the code from the ground up to make it difficult for antimalware to detect it, creating a hidden boot partition that guarantees malware code will be loaded even before the operating system is. It's part of a plan to turn TDL4 into a turnkey product that can be sold to other criminal operations."

  3. Major Spike in Security Threats To Online Games

    Games · Security · · posted by Soulskill · from the i-blame-world-of-warcraft dept. · 48 comments
    Gamasutra reports on data from security software firm ESET, which shows a major increase in the number of gaming-related security threats over the last year. They attribute the rise in attacks to the amount of money involved in the games industry these days. ESET's full report (PDF) is also available. "[ESET's research director, Jeff Debrosse] explains: 'It's a two-phase attack. If someone's account was compromised, then someone else can actually [using their avatar] during a chat session, or through in-game communication... they could leverage that people trust this person and point them at various URLs, and those URLs will either have drive-by malware or a specific [malware] executable. What ends up happening is that folks may end up downloading and using it. This is just one methodology.' These attackers also target gamers in external community sites, says Debrosse, through 'banners on websites or URLs in chat rooms or forums' — which can lead to unsafe URLs. 'If [users] don't have adequate protection, they could very well be downloading malware without their knowledge.'"

  4. Auto-Updates - Proactive or Begging for Abuse?

    Ask · Security · · posted by Cliff · from the a-sword-with-many-edges dept. · 35 comments
    narzy asks: "To me one of the most important steps to keeping a computer secure is keeping the systems software up to date. The problem I run in to is that more and more of the applications in everyday use are web enabled in some context or another, making them high targets for attack and exploitation. I am beginning to find it difficult to keep clients computers completely up to date. I find that applications that have an auto update such as my anti-virus Nod32 which updates every day on its own a real blessing. It's a feature that is an option but and option that I personally wish was in a lot more software. Windows has this feature (so does Linux if you want it to) however in the case of Windows it's not exactly all that consistent. Unfortunately it opens another can of worms that isn't so enjoyable that being companies who abuse such a system for advertising purposes, modifying the software in such a way to reduce or change its functionality either because of internal decisions or external pressures from 3rd parties, compromise and abuse of the server the company uses to distribute the updates. But is it worth the added risk to know that 95%+ of the time your software is up to date? It's not a cure all but is it or is it not better then a reactive approach?"