It’s Kill a Zombie Day, so clean up malware and help stop cybercrime!

zombie-150If you want to help stop cybercrime and protect yourself from malware threats at the same time, today is a perfect day to do it: Halloween, which we’re also calling Kill a Zombie Day.

We’re not talking about the kind of zombie you see in classic movies like Dawn of the Dead and countless others. No, these zombies are malicious programs that take control of your computer and turn it into an undead walker in the army of a cybercriminal.

The first step in killing a zombie is finding out if your computer is infected with malware or viruses. You can do that by downloading our free Virus Removal Tool and running it.

The tool will automatically grab the latest virus detection identities from Sophos and scan your computer’s memory and hard disk for malware. If you do find any zombies, the Virus Removal Tool will clean them up for you, too.

Continue reading

The Rotten Tomato Campaign: New SophosLabs research on APTs

rotten-tomato-150An advanced persistent threat (APT) malware campaign seen in August and September 2014 is the subject of new research by one of our threat analysts at SophosLabs.

Just like other recent examples of APTs, this malware campaign was based in China, which tends to get a lot of media attention and hype.

Sophos is calling this malware campaign “Rotten Tomato,” in reference to the Tomato Garden campaign; and because some of the samples were rotten in the sense that they were not effectively executed.

Continue reading

SophosLabs at VB2014: How cunning malware fights analysis by security researchers

SophosLabsMalware is constantly getting smarter and harder to detect. Now malware authors are developing new techniques to avoid not just antivirus, but the environments used by security researchers to analyze malware samples, according to new research from SophosLabs.

James Wyke, Senior Threat Researcher with SophosLabs UK, will be presenting his research on these techniques at the Virus Bulletin 2014 conference in Seattle, running 24-26 September.

In a preview of his presentation, James writes at Naked Security that his paper explores several malware families and a variety of techniques used to throw researchers off the trail.

Continue reading

Sophos on ABC World News: Free Wi-Fi networks have security risks (Video)

wifiWireless networks are everywhere, but they aren’t always secure. In New York City, where millions of people connect to free but insecure Wi-Fi hotspots every day, it’s the same story.

Chester Wisniewski, Sophos senior security adviser, explains just how easy it would be for hackers to take advantage of unsuspecting people, in a segment that appeared Monday night on ABC World News.

Watch the video below or on the ABC World News website to see the full interview with Chet.

Continue reading

Spam-Bot Invaders: Which countries send the most spam? (Infographic)

Spam-Bot-Invaders-150Recently we measured spam volume from around the world to find out which countries are the worst spam offenders. As we expected, the United States sends out way more spam than any other country — 24.2% of all spam was from the U.S.

When you consider the country’s huge online population, it’s not surprising that the U.S. sends so much spam. Spam comes from “bots” — computers infected with malware and under the control of a criminal. “Bot masters” can use servers anywhere in the world to give the bots instructions. So spam-bots in the countries on our list aren’t the authors of the spam, they are more like the messengers.

While it’s interesting to call out the 12 “dirty dozen” countries that send the most spam by volume, we also like to look at the amount of spam by population. It’s a diverse list of nations, and even small countries have a big spam problem.

Continue reading

Sophos news in review: Sysmas prizes, Gameover do-over, and warbiking down under

sophos-sysadmin-throneWe have an extremely cool prize to give away as part of our celebration of the 12 Days of Sysmas. It’s called the Ultimate IT Throne and, even if it won’t give you any real powers over your users or your bosses, it will make you feel like a king (or queen).

There’s a lot going on that demands your attention at nearly every moment, from the not-so-aware user who accidentally downloads new threats like the re-born Gameover malware, to old threats like users accessing insecure Wi-Fi networks.

IT pros, we’ve got your back. (And if you win our IT Throne, we’ll get your behind too).

Continue reading

Microsoft’s takedown of No-IP – there’s a better way to battle DNS abuse

no-ip-150Microsoft’s takedown of the No-IP dynamic DNS service generated a lot of controversy when legitimate customers were impacted by the disruption of 18,000 subdomains abused by cybercriminals.

Microsoft has done its fair share of good, frequently working with law enforcement to take out servers that control malware spewing bots, such as the ZeroAccess botnet. But in this case, Microsoft misfired and caused a lot of collateral damage, according to Sophos security adviser Maxim Weinstein.

In a new post at Dark Reading Maxim writes that the Microsoft vs. No-IP case highlights the need for “clear standards of abuse handling, and transparency on which service providers measure up.”

Continue reading