Category Archives: Trojans

Abbrev. for ‘Trojan Horse’ — any software program that performs nondisclosed activities or functions, often to the detriment of the operator of that software.

Researchers intercept two client-side exploits serving malware campaigns

February 8, 2012 – 4:52 pm

By Dancho Danchev Security researchers from Webroot have intercepted two currently live client-side exploits serving malware campaigns that have already managed to infect over 20,000 PCs across the globe, primarily in the United States. Based upon detailed analysis, it can be concluded that both campaigns are launched by the same cybercriminal. More details:

By ddanchev | Also posted in Downloaders, Firefox, Google Chrome, Internet Explorer, Keyloggers, malware, Passwords, Threat Research | Comments (1)

Researchers spot Citadel, a ZeuS crimeware variant

February 8, 2012 – 1:35 pm

By Dancho Danchev Security researchers from “Tracking Cyber Crime” have spotted a new ZeuS crimeware variant, that’s based on the leaked ZeuS source code from last year. Dubbed Citadel, the crimeware is positioned as a universal spyware system, whose modular nature allows cybercriminals to offer flexibly priced value-added services such as managed malware crypting, and [...]

By ddanchev | Also posted in Downloaders, Keyloggers, malware, Passwords, rootkit, Threat Research | Leave a Comment

A peek inside the Smoke Malware Loader

February 3, 2012 – 5:07 pm

By Dancho Danchev The competitive arms race between security vendors and malicious cybercriminals constantly produces new defensive mechanisms, next to new attack platforms and malicious tools aiming to efficiently exploit and infect as many people as possible. Continuing the “A peek inside…” series, in this post I will profile yet another malware loader. This time it’s [...]

By ddanchev | Also posted in Threat Research, Keyloggers, Passwords, Downloaders, malware | Leave a Comment

Cybercriminals generate malicious Java applets using DIY tools

January 30, 2012 – 3:22 pm

By Dancho Danchev Who said there’s such a thing as a trusted Java applet? In situations where malicious attackers cannot directly exploit client-side vulnerabilities on the targeted host, they will turn to social engineering tricks, like legitimate-looking Java Applets, which will on the other hand silently download the malicious payload of the attacker, once the [...]

By ddanchev | Also posted in Backdoors, Downloaders, Firefox, Google Chrome, Internet Explorer, Keyloggers, malware, social engineering, Stupid malware tricks, Threat Research | Comments (1)

A peek inside the uBot malware bot

January 26, 2012 – 12:18 pm

By Dancho Danchev Participants in the dynamic cybercrime underground ecosystem are constantly working on new cybercrime-friendly releases in the form of malware bots, Remote Access Tools (RATs) and malware loaders. Continuing the “A peek inside…” series, in this post I will profile yet another DIY (do-it-yourself) malware bot, available at the disposal of cybercriminals at [...]

By ddanchev | Also posted in Backdoors, Downloaders, Keyloggers, malware, Passwords, Threat Research | Comments (1)

Researchers intercept a client-side exploits serving malware campaign

January 25, 2012 – 12:14 pm

By Dancho Danchev Security researchers from Webroot have intercepted a currently active, client-side exploits-serving malicious campaign that has already managed to infect 18,544 computers across the globe, through the BlackHole web malware exploitation kit. More details:

By ddanchev | Also posted in Backdoors, Downloaders, Firefox, Google Chrome, Internet Explorer, Keyloggers, malware, Passwords, rootkit, Threat Research | Comments (1)

A peek inside the Umbra malware loader

January 20, 2012 – 11:46 am

By Dancho Danchev The thriving cybercrime underground marketplace has a lot to offer. From DIY botnet builders, DIY DDoS platforms, to platforms for executing clickjacking and likejacking campaigns, next to drive-by malware attacks, the ecosystem is always a step ahead of the industry established to fight back. Continuing the “A peek inside…” series, in this [...]

By ddanchev | Also posted in Backdoors, Keyloggers, malware, Threat Research | Comments (2)

How malware authors evade antivirus detection

January 18, 2012 – 6:37 pm

By Dancho Danchev Aiming to ensure that their malware doesn’t end up in the hands of vendors and researchers, cybercriminals are actively experimenting with different quality assurance processes whose objective is to increase the probability of their campaigns successfully propagating in the wild without detection. Some of these techniques include multiple offline antivirus scanning interfaces [...]

By ddanchev | Also posted in Backdoors, Dialers, Downloaders, Keyloggers, malware, Phishing Trojans, Ransomware, Rogue Security Products, rootkit, Uncategorized | Comments (8)

Everyone has a role in protecting a corporate infrastructure (Part 1)

November 30, 2011 – 11:21 am

By Jacques Erasmus This time of year, those of us in information security become wary of crafty criminals leveraging the winter holidays to prey on our employees’ lack of awareness online in a number of ways. All it takes is for one Trojan to infect a single PC in a company to put an entire [...]

By jerasmus11 | Also posted in Uncategorized, Enterprises, Phishing Trojans, social engineering, spam, phishing | Leave a Comment

Outdated Operating System? This BlackHole Exploit Kit has you in its sights

October 31, 2011 – 11:50 am

By Mike Johnson Several weeks back, I was presented with a group of snapshots from an active BlackHole Exploit Kit 1.2 Control Panel. As with other toolkits I’ve seen in the wild, this one has all the makings of some real bad medicine. The authors have yet again gone to the trouble of making this toolkit incredibly easy [...]

By Lisa Bongiovanni | Also posted in Uncategorized, Firefox, Google Chrome, Search engines, Internet Explorer, rootkit | Comments (4)
Follow

Get every new post delivered to your Inbox.

Join 526 other followers