Category Archives: rootkit

Researchers spot Citadel, a ZeuS crimeware variant

February 8, 2012 – 1:35 pm

By Dancho Danchev Security researchers from “Tracking Cyber Crime” have spotted a new ZeuS crimeware variant, that’s based on the leaked ZeuS source code from last year. Dubbed Citadel, the crimeware is positioned as a universal spyware system, whose modular nature allows cybercriminals to offer flexibly priced value-added services such as managed malware crypting, and [...]

By ddanchev | Also posted in Downloaders, Keyloggers, malware, Passwords, Threat Research, Trojans | Leave a Comment

Researchers intercept a client-side exploits serving malware campaign

January 25, 2012 – 12:14 pm

By Dancho Danchev Security researchers from Webroot have intercepted a currently active, client-side exploits-serving malicious campaign that has already managed to infect 18,544 computers across the globe, through the BlackHole web malware exploitation kit. More details:

By ddanchev | Also posted in Backdoors, Downloaders, Firefox, Google Chrome, Internet Explorer, Keyloggers, malware, Passwords, Threat Research, Trojans | Comments (2)

How malware authors evade antivirus detection

January 18, 2012 – 6:37 pm

By Dancho Danchev Aiming to ensure that their malware doesn’t end up in the hands of vendors and researchers, cybercriminals are actively experimenting with different quality assurance processes whose objective is to increase the probability of their campaigns successfully propagating in the wild without detection. Some of these techniques include multiple offline antivirus scanning interfaces [...]

By ddanchev | Also posted in Uncategorized, Phishing Trojans, Keyloggers, Rogue Security Products, Downloaders, malware, Trojans, Ransomware, Backdoors, Dialers | Comments (8)

Outdated Operating System? This BlackHole Exploit Kit has you in its sights

October 31, 2011 – 11:50 am

By Mike Johnson Several weeks back, I was presented with a group of snapshots from an active BlackHole Exploit Kit 1.2 Control Panel. As with other toolkits I’ve seen in the wild, this one has all the makings of some real bad medicine. The authors have yet again gone to the trouble of making this toolkit incredibly easy [...]

By Lisa Bongiovanni | Also posted in Firefox, Google Chrome, Internet Explorer, Search engines, Trojans, Uncategorized | Comments (4)

TDL3 and ZeroAccess: More of the Same?

August 8, 2011 – 4:54 pm

By Marco Giuliani In our previous technical analysis of the ZeroAccess rootkit, we highlighted how it acts as a framework by infecting the machine — setting up its own private space in the disk, first through a dedicated file system on the disk, and more recently by using a hidden and locked directory. This is [...]

By Marco Giuliani | Also posted in Botnet activity, Deep Knowledge, Destructive behavior, Smart Malware Tricks, Threat Research, Uncategorized | Comments (3)

New Tool Released: Kiss (or Kick) ZeroAccess Goodbye

August 3, 2011 – 2:09 pm

By Andrew Brandt There are fewer types of malware infections more frustrating and annoying than a rootkit with backdoor capabilities. Over the past couple of years, we’ve seen the emergence of this new, tough-to-fight infectious code, and its transformation from nuisance to severe threat. With the hard work and perseverance of Threat Research Analyst and [...]

By mguthrie09 | Also posted in Stupid malware tricks, Threat Research, Advanced Malware Removal, Deep Knowledge | Comments (21)

ZeroAccess Gets Another Update

July 19, 2011 – 10:13 pm

By Marco Giuliani Among the most infamous kernel mode rootkits in the wild, most of them have had a slowdown in their development cycle – TDL rootkit, MBR rootkit, Rustock are just some examples. The same doesn’t apply for the ZeroAccess rootkit. The team behind it is working quite hard, which we know for a [...]

By mguthrie09 | Also posted in Advanced Malware Removal, Backdoors, Deep Knowledge, Destructive behavior, Smart Malware Tricks, Stupid malware tricks, Threat Research | Comments (7)
Follow

Get every new post delivered to your Inbox.

Join 546 other followers