Recently, I stumbled upon another such service, advertised at cybercrime-friendly web forums, offering potential customers the opportunity to hack a particular Mail.ru and Gmail.com email address, using a variety of techniques, such as brute-forcing, phishing, XSS vulnerabilities and social engineering.
Security researchers from Webroot have intercepted a currently spamvertised malicious campaign, impersonating Hewlett Packard, and enticing end and corporate users into downloading and viewing a malicious .htm attachment.
Cybercriminals are currently spamvertising a fraudulent email campaign impersonating Citi, using ‘Temporary Limit Access To Your Account‘ themed emails as a social engineering attempt to trick end users into clicking on the link found in the phishing emails.
Security researchers from Webroot have intercepted two currently live client-side exploits serving malware campaigns that have already managed to infect over 20,000 PCs across the globe, primarily in the United States. Based upon detailed analysis, it can be concluded that both campaigns are launched by the same cybercriminal.
Security researchers from “Tracking Cyber Crime” have spotted a new ZeuS crimeware variant, that’s based on the leaked ZeuS source code from last year.
Dubbed Citadel, the crimeware is positioned as a universal spyware system, whose modular nature allows cybercriminals to offer flexibly priced value-added services such as managed malware crypting, and managed web injects as a service.
The competitive arms race between security vendors and malicious cybercriminals constantly produces new defensive mechanisms, next to new attack platforms and malicious tools aiming to efficiently exploit and infect as many people as possible.
Continuing the “A peek inside…” series, in this post I will profile yet another malware loader. This time it’s the Smoke Malware Loader.