Our security research centers around the world provide unparalleled analysis of and protection from malware, security risks, vulnerabilities, and spam. If you have any thoughts for how we can improve the content on these pages, please take a moment to provide some
Security Response Blog
Mathew Maniyara @
Thu, 23 May 2013 07:03:47
Phishers are trying everything they can to improve their chances of harvesting user credentials. They are ...
Anand Muralidharan @
Wed, 22 May 2013 23:35:08
Natural disasters, like tornadoes and earthquakes, are quite common in the United States of America. Unfortunately, ...
Candid Wueest @
Tue, 21 May 2013 21:19:28
Having control over an email account can be a lot of power, even though most people ...
Anand Muralidharan @
Mon, 20 May 2013 20:02:16
Memorial Day is celebrated on May 27 and it is a day for memorializing the men ...
Symantec Security Response @
Mon, 20 May 2013 14:39:02
Today Norman and the Shadowserver Foundation released a joint detailed report dubbed Operation Hangover, which relates ...
Symantec Security Response @
Fri, 17 May 2013 12:30:57
Today, Trend Micro published a report about a targeted attack campaign they’re calling SafeNet (the campaign’s ...
Threat Spotlight
Trojan.Clampi is a Trojan horse that attempts to steal login credentials related to online banking and other financially related websites. The threat is typically installed by way of drive-by download and once it compromises a computer, it downloads several modules. One of these modules is used to spread Clampi through network shares.
Trojan.Clampi is able to bypass firewalls to relay the stolen information to a remote attacker and also uses a SOCKS proxy to allow the remote attacker to then login to banking and other financially related websites anonymously with the stolen credentials.
More information on Trojan.Clampi is available in the threat family writeup.
