Category Archives: Uncategorized

Spamvertised ‘You have 1 lost message on Facebook’ campaign leads to pharmaceutical scams

February 2, 2012 – 3:53 pm

By Dancho Danchev A currently spamvertised spam campaign is redirecting users to pharmaceutical scams, in an attempt to trick them into purchasing counterfeit pharmaceutical items. More details:

By ddanchev | Comments (1)

How malware authors evade antivirus detection

January 18, 2012 – 6:37 pm

By Dancho Danchev Aiming to ensure that their malware doesn’t end up in the hands of vendors and researchers, cybercriminals are actively experimenting with different quality assurance processes whose objective is to increase the probability of their campaigns successfully propagating in the wild without detection. Some of these techniques include multiple offline antivirus scanning interfaces [...]

By ddanchev | Also posted in Backdoors, Dialers, Downloaders, Keyloggers, malware, Phishing Trojans, Ransomware, Rogue Security Products, rootkit, Trojans | Comments (8)

Inside AnonJDB – a Java based malware distribution platforms for drive-by downloads

January 17, 2012 – 2:06 pm

by Dancho Danchev With the even decreasing prices of underground tools and services, thanks to the commoditization of these very same market items, the price for renting a botnet, or purchasing access to already infected hosts, is constantly decreasing. Although the majority of cybercriminals are actively exploiting end and corporate users while using client-side vulnerabilities [...]

By ddanchev | Leave a Comment

Zappos.com hacked, 24 million users affected

January 16, 2012 – 3:47 pm

by Dancho Danchev According to an internal memo issued by Zappos, the shoe-and-apparel-selling division of Amazon has been breached by unknown cyber attackers, leading to the compromised accounts of over 24 million users. The company has indicated that names, email addresses, mailing addresses, and the last four digits of customer’s credit card numbers have been [...]

By ddanchev | Also posted in Enterprises, Targets | Comments (5)

Inside a clickjacking/likejacking scam distribution platform for Facebook

January 13, 2012 – 9:10 am

by Dancho Danchev How would you convert Facebook users into slaves participating in clickjacking and likejackings scams, next to using them to spamvertise your latest event promotion message? Presumably by using one of the clickjacking/likejacking distribution platforms promising 100 slaves per day that I will profile in this post.

By ddanchev | Also posted in malware, social engineering, social networks | Comments (4)

A peek inside the PickPocket Botnet

January 6, 2012 – 9:33 am

by Dancho Danchev Malicious attackers quickly adapt to emerging trends, and therefore constantly produce new malicious releases. One of these recently released underground tools, is the PickPocket Botnet, a web-based command and control interface for controlling a botnet. Let’s review its core features, and find out just how easy it is to purchase it within [...]

By ddanchev | Also posted in Threat Research, Botnet activity | Leave a Comment

Mass SQL injection attack affects over 200,000 URLs

January 5, 2012 – 3:41 pm

by Dancho Danchev Security researchers from the Internet Storm Center, have intercepted a currently ongoing SQL injection attack, that has already affected over 200,000 URLs. The attack was originally detected in early December, 2011. It currently affects ASP sites and Coldfusion, as well as all versions of MSSQL.

By ddanchev | Also posted in Exploits, Threat Research, Website owners | Comments (4)

Welcome to the team, Dancho!

January 5, 2012 – 2:27 pm

Notice someone new on the Webroot Threat Blog? We’re thrilled to introduce Dancho Danchev – independent security consultant, cyber threat analyst and bad-guy chaser extraordinaire – as our new security blogger. Many of you may know Dancho from the security analysis he’s been providing for industry media and on his own blog and since 2007. [...]

By mguthrie09 | Leave a Comment

“Android Malware” – Thre@t Reply(video)

December 12, 2011 – 1:30 pm

By Armando Orozco Are Android phones susceptible to Trojans and other viruses just like computer? How can you make sure your phone doesn’t become infected and if it does, what can you do? Webroot mobile threat research analyst, Armando Orozco answers this question that was asked to our Webroot Threat Research team via Twitter.

By Lisa Bongiovanni | Also posted in Android, Mobile security, Threat Research | Leave a Comment

For your eyes only (please)

December 1, 2011 – 10:15 am

By the Webroot Threat Team Have you ever had the queasy experience of sending a message to someone that you’d rather not have anyone else see, and then hoping that it won’t get passed along? A new system developed by Internet law and security researchers aims to solve the problem, with a light-handed touch. The [...]

By mguthrie09 | Also posted in spam | Comments (1)
Follow

Get every new post delivered to your Inbox.

Join 528 other followers