Tax season is upon us and that also means the bad guys are going to take advantage of the situation. This post is reporting on spam seen in the wild that purports to be from Intuit, the company that makes QuickBooks book-keeping software. The spam email provides a link to verify account information but the link actually leads to malware downloads.
According to this article, and based on research by security vendor Symantec, polymorphic malicious code targeting Android smartphones has been seen in the wild. From the article:
Symantec reports they have seen the technique in malicious Droid apps hosted on Russian websites. Polymorphism has long been used to evade signature-based detection on PCs, with no little success. Server-side polymorphic techniques create a new version of the malware each time it is downloaded. The combination of these mechanisms, sophisticated obfuscation and the sheer volume of unique malware samples — tens millions annually — have rendered client-based antimalware far less effective that it was just a few years ago.