Malware for which the primary or sole function is to retrieve data or files from the Internet.
By Dancho Danchev
It’s that time of the year! The moment when we look back, and reflect on Webroot’s Threat Blog most popular content for 2012.
Which are this year’s most popular posts? What distinguished them from the rest of the analyses published on a daily basis, throughout the entire year?
Let’s find out.
By Dancho Danchev
British Airways customers, watch out!
Cybercriminals have resumed spamvertising fake British Airways themed E-receipts — we intercepted the same campaign back in October — in an attempt to trick its customers into executing the malicious attachment found in the emails.
More details:
By Dancho Danchev
Cybercriminals are currently mass mailing hundreds of thousands of emails impersonating Citi, using two different professionally looking email templates. Upon clicking on any of the links found in the malicious emails, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit.
More details:
By Dancho Danchev
Cybercriminals are currently mass mailing tens of thousands of emails, impersonating Chase in an attempt to trick its customers into executing the malicious attachment found in the fake email. Upon execution, the sample downloads additional malware on the affected hosts, and opens a backdoor allowing the cybercriminals behind the campaign complete access to the host.
More details:
By Dancho Danchev
Cybercriminals are currently attempting to trick hundreds of thousands of users into clicking on the malicious links found in the currently spamvertised bogus ‘Sendspace File Delivery Notifications‘.
Upon clicking on any of the links found in the email, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit.
More details:
By Dancho Danchev
In the midst of the holidays season, cybercriminals are currently spamvertising tens of thousands of malicious “Flight Reservation Confirmations“, in an attempt to trick users into clicking on the link found in the fake emails. Once they click on the link, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit.
More details:
By Dancho Danchev
Cybercriminals have recently launched yet another massive spam campaign attempting to trick e-banking users into thinking that their ability to process ACH transactions has been temporarily disabled. Upon clicking on the link found in the malicious email, users are exposed to the client-side exploits served by the Black Hole Exploit Kit.
More details Continue reading
By Dancho Danchev
Facebook users, watch what you click on!
Cybercriminals are currently mass mailing bogus “Facebook Account Cancellation Requests“, in an attempt to trick Facebook’s users into clicking on the malicious link found in the email. Upon clicking on the link, users are exposed to client-side exploits which ultimately drop malware on the affected host.
More details:
By Dancho Danchev
At the end of October, a cybercriminal or group of cybercriminals launched three massive spam campaigns in an attempt to trick users into clicking on a deceptive link and downloading a malicious attachment. Upon execution, the malware phones back to the command and control servers operated by the party that launched it, allowing complete access to the infected PC.
This time they didn’t try impersonating USPS, UPS or DHL, but FedEx.
More details:
By Dancho Danchev
Sticking to their well proven practice of systematically rotating impersonated brands, the cybercriminals behind a huge majority of the malicious campaigns that we’ve been profiling recently are once again impersonating Intuit in an attempt to trick its customers into clicking on links exposing them to the client-side exploits served by the Black Hole Exploit Kit.
More details:
