Category Archives: Trojans

Abbrev. for ‘Trojan Horse’ — any software program that performs nondisclosed activities or functions, often to the detriment of the operator of that software.

Rogue APKs continue to find new homes

March 22, 2012 – 2:32 pm

by Armando Orozco We’ve been tracking rogue premium-sms Android apps for sometime now. Here’s an interesting site we came across offering a download of the Google Music application, but this one comes with a cost. This site serves up a premium-sms Trojan of the ransom variety. Targeting Russian speakers these Rogue’s, we call Android.FakeInst, offer [...]

By Armando Orozco | Also posted in Android | Comments (1)

Spamvertised ‘Your tax return appeal is declined’ emails serving client-side exploits and malware

March 22, 2012 – 9:13 am

By Dancho Danchev Cybercriminals are currently spamvertising with IRS (Internal Revenue Service) themed emails, enticing end and corporate users into downloading and viewing a malicious .htm attachment. More details:

By ddanchev | Also posted in Downloaders, Keyloggers, mal-effects, malware, social engineering, Threat Research | Comments (2)

Trojan Downloaders actively utilizing Dropbox for malware distribution

March 21, 2012 – 9:14 am

By Curtis Fechner It’s never surprising to see the multitude of tactics a cybercriminal will use to deliver malware. In this case, I came across a collection of files masquerading as RealNetworks updater executables. These files were all located in a user’s %AppData%\real\update_ob\ directory, and the sizes were all quite consistent. At first glance there [...]

By Curtis | Also posted in Deep Knowledge, Downloaders, malware, Smart Malware Tricks, Threat Research | Comments (3)

Spamvertised ‘Your accountant license can be revoked’ emails lead to client-side exploits and malware

March 9, 2012 – 12:20 pm

By Dancho Danchev Cybercriminals are currently spamvertising a malicious email campaign that’s designed to trick you into clicking on a bogus complaint.pdf link which ultimately leads to client-side exploits and malware. The campaign is launched by the same gang that launched the “Spamvertised ‘Termination of your CPA license’ ” malicious campaign last month. More details:

By ddanchev | Also posted in Downloaders, Exploits, Keyloggers, malware, social engineering, spam, Threat Research | Comments (3)

A peek inside the Darkness (Optima) DDoS Bot

March 8, 2012 – 12:09 pm

By Dancho Danchev With politically motivated DDoS (distributed denial of service attack) attacks proliferating along with the overall increase in the supply of managed “DDoS for hire” services, it’s time to get back the basics, and find out just what makes an average DDoS bot used by cybercriminals successful. Continuing the “A peek inside…” series, in this [...]

By ddanchev | Also posted in Downloaders, Keyloggers, malware, Threat Research | Comments (2)

BlackHole exploit kits gets updated with new features

February 29, 2012 – 1:57 pm

By Dancho Danchev According to independent sources, the author of the most popular web malware exploitation kit currently dominating the threat landscape, has recently issued yet another update to the latest version of the kit v1.2.2. More details:

By ddanchev | Also posted in Botnet activity, Downloaders, Exploits, Keyloggers, malware, rootkit, Threat Research | Comments (1)

A peek inside the Elite Malware Loader

February 29, 2012 – 1:40 pm

By Dancho Danchev Just like today’s modern economy, in the cybercrime ecosystem supply, too, meets demand on a regular basis. With malware coding for hire propositions increasing thanks to the expanding pool of talented programmers looking for ways to enter the cybercrime ecosystem, it shouldn’t be surprising that  cybercriminals are constantly releasing new malware loaders, [...]

By ddanchev | Also posted in Downloaders, Keyloggers, malware, rootkit, Threat Research | Leave a Comment

An Evolution of Android Malware “My How You’ve Grown PJAPPS!” (Part 1)

February 17, 2012 – 3:44 pm

By Nathan Collier We’ve all seen software grow.  We watch as our favorite software adds on new features and becomes better at what it does.  Malware writers are no different, they want their software to have more features as well as steal even more information. PJApps is a good example of this. PJApps is a [...]

By Armando Orozco | Also posted in Android, Backdoors, Deep Knowledge, malware, Mobile security | Comments (5)

Researchers intercept two client-side exploits serving malware campaigns

February 8, 2012 – 4:52 pm

By Dancho Danchev Security researchers from Webroot have intercepted two currently live client-side exploits serving malware campaigns that have already managed to infect over 20,000 PCs across the globe, primarily in the United States. Based upon detailed analysis, it can be concluded that both campaigns are launched by the same cybercriminal. More details:

By ddanchev | Also posted in Downloaders, Firefox, Google Chrome, Internet Explorer, Keyloggers, malware, Passwords, Threat Research | Comments (8)

Researchers spot Citadel, a ZeuS crimeware variant

February 8, 2012 – 1:35 pm

By Dancho Danchev Security researchers from “Tracking Cyber Crime” have spotted a new ZeuS crimeware variant, that’s based on the leaked ZeuS source code from last year. Dubbed Citadel, the crimeware is positioned as a universal spyware system, whose modular nature allows cybercriminals to offer flexibly priced value-added services such as managed malware crypting, and [...]

By ddanchev | Also posted in Downloaders, Keyloggers, malware, Passwords, rootkit, Threat Research | Leave a Comment
Follow

Get every new post delivered to your Inbox.

Join 609 other followers