Category Archives: Botnet activity

Spamvertised “Hallmark ecard” campaign leads to malware

February 17, 2012 – 9:44 am

By Dancho Danchev Cybercriminals are currently spamvertising a “You just received a e-card form somebody” themed malware campaign, impersonating Hallmark. More details:

By ddanchev | Also posted in Downloaders, malware, Passwords, social engineering, spam | Leave a Comment

Cisco releases ‘Cisco Global Threat Report’ for 4Q11

January 29, 2012 – 7:12 pm

By Dancho Danchev Cisco Systems, recently announced the release of ’Cisco Global Threat Report’ for 4Q11, containing threat intelligence based on Cisco’s observation of the malicious threat landscape. Key summary points:

By ddanchev | Also posted in Enterprises, Internet security industry, malware, phishing, spam, Targets | Comments (1)

A peek inside the Cythosia v2 DDoS Bot

January 9, 2012 – 12:34 pm

by Dancho Danchev With DDoS extortion and DDoS for hire attacks proliferating, next to the ever decreasing price for renting a botnet, it shouldn’t come as a surprise that cybercriminals are constantly experimenting with new DDoS tools. In this post, I’ll profile a newly released DDoS bot, namely v2 of the Cythosia DDoS bot.

By ddanchev | Also posted in malware, Threat Research | Leave a Comment

A peek inside the PickPocket Botnet

January 6, 2012 – 9:33 am

by Dancho Danchev Malicious attackers quickly adapt to emerging trends, and therefore constantly produce new malicious releases. One of these recently released underground tools, is the PickPocket Botnet, a web-based command and control interface for controlling a botnet. Let’s review its core features, and find out just how easy it is to purchase it within [...]

By ddanchev | Also posted in Threat Research, Uncategorized | Comments (1)

Morto Worm Annoyances Outstrip Functionality

August 31, 2011 – 1:22 pm

By Andrew Brandt The past couple of days have been very busy for a lot of people, following the announcement by Microsoft that they had discovered a new network worm called Morto. After reading the refreshingly thorough writeup about Morto from both Microsoft and our partner Sophos, we were surprised to find that a few [...]

By mguthrie09 | Also posted in Deep Knowledge, social engineering, Stupid malware tricks, Threat Research | Comments (1)

Trojans Employ Misdirection Instead of Obfuscation

August 25, 2011 – 3:49 pm

By Andrew Brandt An unusual family of Trojans, apparently of Chinese origin, engages in rootkit-like behavior which seems designed not to hide the presence of the malware on an infected system, but to misdirect or confuse a technical person who might be using system analysis tools on an infected computer. The Trojans all originated from [...]

By mguthrie09 | Also posted in Backdoors, Destructive behavior, Stupid malware tricks, Threat Research, Website owners | Leave a Comment

Black Hat Redux: Botnet Takedown Mistakes to Avoid

August 17, 2011 – 12:00 pm

By Andrew Brandt I’ve worked in the security industry for nearly five years, and it was apparent early on that the most successful people in this field bring to their work a passion and a commitment to protecting not only one’s customers, but to providing a certain level of information about security threats to the [...]

By mguthrie09 | Also posted in Stupid malware tricks, Threat Research, spam, Advanced Malware Removal, Deep Knowledge | Comments (3)

TDL3 and ZeroAccess: More of the Same?

August 8, 2011 – 4:54 pm

By Marco Giuliani In our previous technical analysis of the ZeroAccess rootkit, we highlighted how it acts as a framework by infecting the machine — setting up its own private space in the disk, first through a dedicated file system on the disk, and more recently by using a hidden and locked directory. This is [...]

By Marco Giuliani | Also posted in Deep Knowledge, Destructive behavior, rootkit, Smart Malware Tricks, Threat Research, Uncategorized | Comments (3)

Brazilian “Winehouse” Trojan Sends Hotmail, Bank Passwords to China

July 29, 2011 – 11:18 am

By Andrew Brandt Late Monday, after news about the death of troubled pop singer Amy Winehouse had been circling the globe for a little more than 48 hours, we saw the first malware appear that used the singer’s name as a social engineering trick to entice victims to run the malicious file. Abusing celebrity names, [...]

By mguthrie09 | Also posted in phishing, Phishing Trojans, social engineering, spam, Stupid malware tricks, Threat Research | Comments (3)

Criminals Abuse Amazon Hosting with Rogues, Ransomware

July 20, 2011 – 11:21 am

By Andrew Brandt The criminals who push rogues at the world don’t really care about the reputations of the ISPs or Web hosting services they abuse. They leap from free service to free service until they’ve thoroughly worn out their welcome and, in some cases, destroyed the reputation of the service they abused. But they [...]

By mguthrie09 | Also posted in Advanced Malware Removal, Ransomware, Rogue Security Products, social engineering, Stupid malware tricks, Threat Research | Comments (2)
Follow

Get every new post delivered to your Inbox.

Join 546 other followers