Category Archives: mal-effects

The malicious effects and consequences of malware

Pharmaceutical scammers launch their own Web contest

February 10, 2012 – 6:13 pm

By Dancho Danchev What are pharmaceutical scammers up to? From active participation in black hat search engine optimization campaigns, to spamvertising of bogus links – including QR Codes – and compromising of web sites with high page rank in order to redirect to pharmaceutical scams, scammers are keeping themselves pretty busy in order to monetize as much [...]

By ddanchev | Also posted in Blackhat SEO, social engineering, spam | Leave a Comment

Cybercriminals generate malicious Java applets using DIY tools

January 30, 2012 – 3:22 pm

By Dancho Danchev Who said there’s such a thing as a trusted Java applet? In situations where malicious attackers cannot directly exploit client-side vulnerabilities on the targeted host, they will turn to social engineering tricks, like legitimate-looking Java Applets, which will on the other hand silently download the malicious payload of the attacker, once the [...]

By ddanchev | Also posted in Backdoors, Downloaders, Firefox, Google Chrome, Internet Explorer, Keyloggers, malware, social engineering, Stupid malware tricks, Threat Research, Trojans | Comments (1)

Cisco releases ‘Cisco Global Threat Report’ for 4Q11

January 29, 2012 – 7:12 pm

By Dancho Danchev Cisco Systems, recently announced the release of ’Cisco Global Threat Report’ for 4Q11, containing threat intelligence based on Cisco’s observation of the malicious threat landscape. Key summary points:

By ddanchev | Also posted in Botnet activity, Enterprises, Internet security industry, malware, phishing, spam, Targets | Comments (1)

How phishers launch phishing attacks

January 23, 2012 – 7:27 pm

By Dancho Danchev Just like in every other industry, participants in the cybercrime ecosystem are no strangers to the concept of standardization. Standardization results in efficiencies, which on the other hand results in economies of scale. In this case, malicious economies of scale. Just how easy is it to launch a phishing attack nowadays? What tools, [...]

By ddanchev | Also posted in Online shopping threats, Passwords, phishing, social engineering, spam, Threat Research | Leave a Comment

Inside a clickjacking/likejacking scam distribution platform for Facebook

January 13, 2012 – 9:10 am

by Dancho Danchev How would you convert Facebook users into slaves participating in clickjacking and likejackings scams, next to using them to spamvertise your latest event promotion message? Presumably by using one of the clickjacking/likejacking distribution platforms promising 100 slaves per day that I will profile in this post.

By ddanchev | Also posted in malware, social engineering, social networks, Uncategorized | Comments (4)

A peek inside the Cythosia v2 DDoS Bot

January 9, 2012 – 12:34 pm

by Dancho Danchev With DDoS extortion and DDoS for hire attacks proliferating, next to the ever decreasing price for renting a botnet, it shouldn’t come as a surprise that cybercriminals are constantly experimenting with new DDoS tools. In this post, I’ll profile a newly released DDoS bot, namely v2 of the Cythosia DDoS bot.

By ddanchev | Also posted in Botnet activity, malware, Threat Research | Leave a Comment

A peek inside the PickPocket Botnet

January 6, 2012 – 9:33 am

by Dancho Danchev Malicious attackers quickly adapt to emerging trends, and therefore constantly produce new malicious releases. One of these recently released underground tools, is the PickPocket Botnet, a web-based command and control interface for controlling a botnet. Let’s review its core features, and find out just how easy it is to purchase it within [...]

By ddanchev | Also posted in Botnet activity, Threat Research, Uncategorized | Leave a Comment

Email hacking for hire going mainstream

January 5, 2012 – 11:25 am

by Dancho Danchev Just how easy is it to hack someone’s email nowadays? Very easy as the process is offered as a managed service within the cybercrime ecosystem. Over the past couple of months, I have been monitoring an increase in managed email hacking services. These services basically offered everyone the ability to claim someone [...]

By ddanchev | Also posted in Passwords, phishing, social engineering | Comments (7)

Millions of harvested emails offered for sale

January 3, 2012 – 6:44 pm

By Dancho Danchev What does it take to be a successful spammer in 2012? Access to a botnet, managed spamming appliance, spam templates that are capable of bypassing spam filters, and most importantly freshly harvested databases of valid emails from multiple email providers. Let’s profile a web-based service currently selling millions of harvested emails to [...]

By ddanchev | Also posted in social networks, spam | Comments (3)

For your eyes only (please)

December 1, 2011 – 10:15 am

By the Webroot Threat Team Have you ever had the queasy experience of sending a message to someone that you’d rather not have anyone else see, and then hoping that it won’t get passed along? A new system developed by Internet law and security researchers aims to solve the problem, with a light-handed touch. The [...]

By mguthrie09 | Also posted in spam, Uncategorized | Comments (1)
Follow

Get every new post delivered to your Inbox.

Join 526 other followers