MRG Effitas has been working with the BBC on a programme which investigates and analyses the impact of financial malware on online banking security.

http://www.bbc.co.uk/news/technology-16812064

Chris Pickard, Methodology & Research director of MRG Effitas and CEO of the Effitas Group has worked with Spencer Kelly, presenter of BBC Click in creating the programme which is to be broadcast worldwide on the BBC News channel on Seturday the 4^th of February.

The programme features a test by MRG Effitas demonstrating that a custom piece of crimeware is able to bypass a range of security suites and capture the username and password entered in to a banking website.

You can hear Spencer Kelly discussing the upcoming programme here:

http://news.bbc.co.uk/1/hi/programmes/click_online/9692312.stm

We will be publishing a follow up report on Saturday to coincide with the broadcast of the programme.

Targets: U.S. Department of Justice, FBI, U.S. Copyright Office, RIAA, Universal Music, Broadcast Music Inc, Motion Picture Association of America…

Damage: Unknown

Attacker(s): Hacktivist Group Anonymous

1. Target: Symantec corp.

Damage: Surce code stolen

Attacker(s): Dharmaraja group (India)

2. Target: South African Postbank

Damage: $6.7 million

Attacker(s): Unknown

3. Target: Zappos.com

Damage: 24 million customer details compromised

Attacker(s): Unknown

4. Target: Japanese Space Agency

Damage: Login information to gain access to a cargo shuttle that carries food and equipment to the International Space Station (ISS) has been stolen

Attacker(s): Unknown

Rootkit, Bootkit, Adware, Backdoor, BHO, Downloader, Email Worm, Exploit, Flooder, Hack Tool, Hoax, Script, HTML, VB, JS, Bat, Fat, Net Worm, P2P Worm, Packed, Constructor , Packer, SQL, IM Worm, PWS, Spy, Dropper, Banker, Clicker, Proxy, SMS, GameThief, Ransom, Virus, Worm, Spyware, Fake AV, Fraud, Win32, Win64, Android….

Above is a list detailing just some of the malware categories MRG Effitas processes in its labs. Each individual category of malware may have tens or hundreds of thousands of variants. Each and every day, each category will spawn tens of thousands more variants.

The war is on, let’s work smart and join forces and win it!

MRG Effitas Team.

MRG Effitas is happy to announce that from now on we will be using a new testing specification for our Flash Tests. The methodology remains the same, however, we will now be using 200 0-day malware samples in each test.

List of participants by category:

Standalone Anti-Malware Applications:

Avira Antivir Premium
Avast Pro Antivirus
AVG Antivirus
BitDefender Antivirus
Emsisoft Anti-Malware
Eset Nod32 Antivirus
F-Secure Antivirus
GFI VIPRE Antivirus
IKARUS virus.utilities
Kaspersky Antivirus
Microsoft Security Essentials
McAfee Antivirus Plus
Panda Cloud Antivirus
SourceFire Immunet Plus
Symantec Norton Antivirus
Webroot SecureAnywhere

Complementary Anti-Malware Applications:

Malwarebytes’ Anti-Malware
SUPERAntispyware Professional
Zemana Anti-Malware powered by HitmanPro

HIPS, AntiLogeers, Behaviour Blockers:

SoftSphere DefenseWall HIPS
Zemana AntiLogger

Due to the lack of any independent certification of Anti-Malware or IT security testing, MRG Effitas has started the process of rationalizing and rigorously defining its testing philosophy, objectives and methodology before having these ISO 9001 certified.

We would welcome constructive input from any interested party.

There has been a huge earthquake in Turkey today which has caused an as yet unknown loss of life and large scale destruction. The earthquake of magnitude 7.2 occurred at 1:41 p.m. local time and there were at least seven large aftershocks.

We have several good friends in the country and are in the process of trying to contact them to ensure they are okay.

We send our best wishes to the people of Turkey and hope there are as few casualties as possible.

Continuing its legal assault on botnet operators and the hosting companies that the criminals use for their activities, Microsoft has announced new actions against a group of people it contends are responsible for the operation of the Kelihos botnet. The company has also helped to take down the botnet itself and says that Kelihos’s operators were using it not only to send out spam and steal personal information but also for some more nefarious purposes.

Kelihos, which is sometimes grouped in with the more well-known Waledac botnet, is a fairly small botnet, at an estimated 41,000 machines, but Microsoft officials said that the network was being used for a large variety of activities, including child pornography. Microsoft on Tuesday notified the defendants in the civil cases it has filed in relation to the Kelihos botnet and last week the company also got a temporary restraining order in federal court in Virginia against a man in the Czech Republic named Dominique Alexander Piatti and 22 unnamed people in connection with the operation of the botnet.
Continue reading →