Category Archives: mal-effects

The malicious effects and consequences of malware

Malicious USPS-themed emails circulating in the wild

March 23, 2012 – 3:00 am

By Dancho Danchev Cybercriminals are currently spamvertising malicious USPS-themed emails, that entice end and corporate users into clicking on malicious links found in the emails. More details:

By ddanchev | Also posted in Downloaders, Exploits, Keyloggers, malware, spam, Threat Research, Trojans | Comments (3)

Spamvertised ‘Your tax return appeal is declined’ emails serving client-side exploits and malware

March 22, 2012 – 9:13 am

By Dancho Danchev Cybercriminals are currently spamvertising with IRS (Internal Revenue Service) themed emails, enticing end and corporate users into downloading and viewing a malicious .htm attachment. More details:

By ddanchev | Also posted in Downloaders, Keyloggers, malware, social engineering, Threat Research, Trojans | Comments (2)

Trojan Downloaders actively utilizing Dropbox for malware distribution

March 21, 2012 – 9:14 am

By Curtis Fechner It’s never surprising to see the multitude of tactics a cybercriminal will use to deliver malware. In this case, I came across a collection of files masquerading as RealNetworks updater executables. These files were all located in a user’s %AppData%\real\update_ob\ directory, and the sizes were all quite consistent. At first glance there [...]

By Curtis | Also posted in Deep Knowledge, Downloaders, malware, Smart Malware Tricks, Threat Research, Trojans | Comments (3)

Millions of harvested U.S government and U.S military email addresses offered for sale

March 16, 2012 – 4:47 pm

By Dancho Danchev Remember the underground service offering millions of harvested emails for sale profiled at the Webroot Threat Blog in January? It appears  that cybercriminals are continuing to innovate in this underground market segment by offering geolocated databases of millions of harvested emails for better targeting in their upcoming spam campaigns. In this post, I’ll [...]

By ddanchev | Also posted in spam | Comments (5)

Research: U.S accounts for 72% of fraudulent pharmaceutical orders

March 16, 2012 – 4:41 pm

By Dancho Danchev Just how profitable is spam? Who’s buying the counterfeit pharmaceutical items advertised so heavily in a huge percentage of the spam campaigns currently circulating in the wild? According to a newly released report by the University of California at San Diego, although hundreds of thousands of people visit the fraudulent pharmaceutical scam sites, only [...]

By ddanchev | Also posted in social engineering, spam | Leave a Comment

Spamvertised ‘Google Pharmacy’ themed emails lead to pharmaceutical scams

March 15, 2012 – 2:01 pm

By Dancho Danchev Cybercriminals are currently spamvertising a Google-themed email campaign that’s enticing home and corporate PC users  into clicking on bogus link leading to pharmaceutical scams. More details:

By ddanchev | Also posted in spam | Leave a Comment

Spamvertised ‘Your accountant license can be revoked’ emails lead to client-side exploits and malware

March 9, 2012 – 12:20 pm

By Dancho Danchev Cybercriminals are currently spamvertising a malicious email campaign that’s designed to trick you into clicking on a bogus complaint.pdf link which ultimately leads to client-side exploits and malware. The campaign is launched by the same gang that launched the “Spamvertised ‘Termination of your CPA license’ ” malicious campaign last month. More details:

By ddanchev | Also posted in Downloaders, Exploits, Keyloggers, malware, social engineering, spam, Threat Research, Trojans | Comments (3)

Research: proper screening could have prevented 67% of abusive domain registrations

March 9, 2012 – 12:14 pm

By Dancho Danchev On a daily basis, spammers register thousands of new domains across multiple domain registrars, and take advantage of WHOIS privacy services to ensure that security researchers and anti-spam fighters will have hard time taking them down. So what can we do about it? According to a newly released research by Knujon.com, proper screening could [...]

By ddanchev | Also posted in spam | Comments (1)

Spamvertised ‘Temporary Limit Access To Your Account’ emails lead to Citi phishing emails

March 8, 2012 – 11:18 am

By Dancho Danchev Cybercriminals are currently spamvertising a fraudulent email campaign impersonating Citi, using ‘Temporary Limit Access To Your Account‘ themed emails as a social engineering attempt to trick end users into clicking on the link found in the phishing emails. More details:

By ddanchev | Also posted in Passwords, social engineering, spam | Comments (5)

BlackHole exploit kits gets updated with new features

February 29, 2012 – 1:57 pm

By Dancho Danchev According to independent sources, the author of the most popular web malware exploitation kit currently dominating the threat landscape, has recently issued yet another update to the latest version of the kit v1.2.2. More details:

By ddanchev | Also posted in Botnet activity, Downloaders, Exploits, Keyloggers, malware, rootkit, Threat Research, Trojans | Comments (1)
Follow

Get every new post delivered to your Inbox.

Join 609 other followers