CSI:Internet HQ - Series 1
In our "CSI:Internet" series, experts examine suspicious files using every trick in the book. Watch over their shoulders as they track down malware – because all of this really could have happened. All of the malware samples shown in CSI:Internet have been used in real attacks and have been analysed using various methods, including those described in each episode. The accompanying narratives are inspired by real incidents.
Series 1 episodes published to date:
Episode 1: Alarm at the pizza service
As I'm selecting a pizza on the website of my favourite pizza service, my anti-virus scanner issues an alert: It claims to have found and removed a "trojan.backdoor". Let's see what's going on here.
Episode 2: The image of death
One morning when checking my emails, one subject line really drew my attention: "Air France Flight 447 (crash pictures)". The email claimed that images on the camera memory stick of a passenger on the crashed plane had been successfully reconstructed and could now be viewed in the attached PowerPoint presentation.
Episode 3: PDF time bomb
Tom sends me something on 'NTFS internals' – technical details of the Windows file system implementation. How did he know that this had been sitting on my to-do list for ages? Had I mentioned it at lunch? Curious, I open the attached PDF.
Episode 4: Attack of the killer videos
"Have you broken the computer again? It won't play this video of the new iPhone!" It's been a long day and I don't really feel like troubleshooting, but when she gets into this sort of mood, the administrator had better jump to it. And at home, the administrator is me.
Episode 5: Matryoshka in Flash
To find a real iPhone video instead of the one turned out to be a trojan yesterday, I'm entering "new iPhone video" into Google. One of the top links promises an "exclusive preview"; it leads to a web page with a video – but what's going on there? This one isn't working, either!
For links to articles in the second series please refer to our CSI:Internet HQ Series 2 page.