A new bot on the market: Beta Bot
It uses multilingual social engineering techniques to exploit the human user
In the beginning of March 2013, a new bot called “Beta Bot” entered the market. With less than €500, Beta Bot is sold relatively cheap, considering its vast feature list. Even though most of those features are pretty standard for today's bots, like different DOS-attack methods, remote connection abilities, form grabbers and other information stealing capabilities, one particular ability caught our attention: "Disable Anti Virus", says the ad posted in an underground forum, followed by a list of nearly 30 security programs that are said to be disabled by Beta Bot. ... read more
6 minutes on Twitter
How the real world is influenced by virtual social media
Twitter has become an important source of information. When its access data was stolen, the Twitter identity of news agency Associated Press was misused to distribute targeted misinformation concerning an assassination attempt. It's incredible how quickly such an incident can affect even the stock market. ... read more
Multi-factor authentication
How many factors do we need?
During the last few months, we have noticed that there is a lot of confusion about the topic of two- and multi-factor authentication. Often when online banking apps or extra security layers are added to online accounts, there is a false claim of multi-factor authentication. I have even heard someone (an actual IT professional!) claim that a combination of a user name and a password is in fact two-factor authentication, because one and one makes two. No, it is not! ... read more
Apparent security certificate turns out to be Android malware
Offered app sneakily gains access to mTANs
The fraudsters are targeting Android mobile devices with which users receive mTANs for online banking services. If a user installs the offered app, which was even available in the Google Play store, this does not increase the user's online banking security but opens the gates to attackers. ... read more
Explosions at Boston Marathon inspire cyber attackers
Email promising news turns out to be multi-faceted malware trap
The bomb explosions during the famous marathon in Boston have shocked people around the globe – it is still unclear who is behind them and cyber attackers are shamelessly exploiting this fact. They promise news about the events but transmit malware to unsuspecting users! ... read more
Primed browser extension delivers unwanted Facebook likes
PHP:FakeExt-A [Trj] catapulted into the MII Top 10 in March
A primed browser extension works in the background every time a website is opened, almost without the user noticing. The unaware users see mysterious "likes" in their personal accounts, but where they have come from remains obscure to many at first. Experts at G Data SecurityLabs have been taking a close look at this issue and explain the sophisticated ploy using the example of the Google Chrome browser. ... read more

