These maturing business models require constant innovation on behalf of the cybercriminals providing the easy to use and manage DIY DDoS bots, the foundation of these business models. What are some of the latest developments in this field? Are the malware coders behind these releases actually innovating, or are they basically re-branding old malware bots and reintroducing them on the market? Let’s find out.
In this post, I’ll profile a recently released DIY DDoS bot, which according to its author is a modification of the Dirt Jumper DDoS bot.
With affiliate networks continuing to represent among the few key growth factors of the cybercrime ecosystem, it shouldn’t be surprising that cybercriminals continue introducing new services and goods with questionable quality and sometimes unknown origins on the market, with the idea to entice potential network participants into monetizing the traffic they can deliver through black hat SEO (Search Engine Optimization), malvertising, and spam campaigns.
In this post, I’ll profile a recently launched affiliate network selling iPhones that primarily targets Russian-speaking customers, and emphasizes the traffic acquisition scheme used by one of the network’s participants.
What happens once a cybercriminal has managed to obtain access to your credit card data by either compromising an insecure database, or through crimeware dropped on an affected host? Would he purchase blank plastic and holograms and embed the stolen data in an attempt to cash out as much money as possible, or would he look for alternative “risk forwarding” tactics to earn revenue while preserving his security and anonymity in the process?
It depends on the cybercriminal in question. In this post, I’ll profile a recently launched E-shop offering complete access to stolen credit cards data primarily belonging to U.S citizens.
Over the past couple of months, I’ve been periodically profiling the monetization tactics applied by novice cybercriminals, a market segment of less technically sophisticated individuals looking for ways to cash out on their fraudulent Web activities.
The rise of this market segment can be contributed to the rise of managed cybercrime-friendly services and DIY tools, allowing everyone an easy entry into the world of cybercrime.
In this post, I’ll profile yet another recently launched cybercrime-friendly E-shop, and emphasize the emergence of these over-the-counter (OTC) trading E-shops.
Over the past several quarters, we’ve witnessed the rise of the so called Police Ransomware also known as Reveton.
From fully working host lock down tactics, to localization in multiple languages and impersonation of multiple international law enforcement agencies, its authors proved that they have the means and the motivation to continue developing the practice, while earning tens of thousands of fraudulently obtained funds.
What’s driving the growth of Police Ransomware? What’s the current state of this market segment? Just how easy is it to start distributing Police Ransomware and earn fraudulently obtained funds in between?
In this post, I’ll profile a recently advertised DIY (do-it-yourself) managed voucher-based Police Ransomware service exclusively targeting European users, and for the first time ever, offer an inside peek into its command and control interface in order to showcase the degree of automation applied by the cybercriminals behind it.
Over the past 24 hours, cybercriminals started spamvertising millions of emails impersonating the Federal Deposit Insurance Corporation (FDIC), in an attempt to trick businesses into installing a bogus and non-existent security tool promoted in the emails. Upon clicking on the links, users are exposed to the client-side exploits served by the Black Hole Exploit Kit.
A new zero-day vulnerability exploit has been identified in Microsoft’s Internet Explorer web browser versions 9 and below running on Windows XP, Vista and 7. Internet Explorer 10, which comes bundled with Windows 8, is not affected. The exploit could allow remote execution of malicious code from compromised websites. Continue reading →
Cybercriminals are currently spamvertising millions of emails impersonating U.S Airways, in an attempt to trick users into clicking on the malicious links found in the legitimately looking emails. Let’s dissect the malicious campaign, and expose its dynamics.
In order to emphasize on the growing trend of cybercriminals abusing legitimate infrastructure for their malicious purposes, last week, I profiled a DIY SMS flooder using Skype’s SMS-sending capability to launch a DoS (denial of service attack) against a user’s mobile device.
This week, I’ll continue providing factual evidence for the emergence of this trend, by profiling yet another recently released DIY SMS flooder, this time abusing ICQ’s sms-sending feature.
Over the past 24 hours, cybercriminals have launched yet another massive spam run, this time impersonating FedEx in an attempt to trick its customers into clicking on a malware and exploits-serving URL found in the malicious email.