By Dancho Danchev
The ever-adapting cybercrime ecosystem is constantly producing new underground releases in the form of malware loaders, remote access trojans (RATs), malware cryptors, Web, IRC and P2P based command and control interfaces, all with the clear objective to undermine current security solutions.
Continuing the “A peek inside…” series, in this post I will profile a malware loader recently advertised within the cybercrime ecosystem , namely, the Ann Malware Loader.
By Dancho Danchev
Security researchers from StopMalvertising.com have intercepted a malvertising campaign using Yahoo’s ad network, that ultimately leads to a malicious payload in the form of fake security software known as scareware.
More details:
By Dancho Danchev
How is it possible that in an industry dominated by advanced performance metrics and benchmarking tests, cybercriminals still manage to release unique malware that remains undetected for weeks by major antivirus vendors?
It’s pretty simple. Cybercrime is innovating much faster than the security industry is.
By Nathan Collier
We’ve all seen software grow. We watch as our favorite software adds on new features and becomes better at what it does. Malware writers are no different, they want their software to have more features as well as steal even more information. PJApps is a good example of this. PJApps is a Trojan that’s been around for a while causing havoc by being bundled in legitimate applications found in alternative Android markets, it is capable of opening a backdoor, stealing data and blocking sms behind the scenes. In one variant of PJApps it requests the following permissions to steal information:
INTERNET
RECEIVE_SMS
SEND_SMS
READ_HISTORY_BOOKMARKS
WRITE_HISTORY_BOOKMARKS
INSTALL_PACKAGES
WRITE_EXTERNAL_STORAGE
READ_PHONE_STATE
Here’s some of things the older variants of PJApps stole:
-SIM Card Number
-Telephone Number
-IMSI Number
By Dancho Danchev
Which is the most targeted mobile operating system?
According to the recently released 2011 Mobile Threats Report from our partners at Juniper Networks, that’s the Android OS.
Key summary points from the report:
By Dancho Danchev
Cybercriminals are currently spamvertising a “You just received a e-card form somebody” themed malware campaign, impersonating Hallmark.
More details:
By Dancho Danchev
On Monday, Twitter announced that it’s introducing support for secure HTTPS connections to all users by default.
More details:
By Dancho Danchev
According to a newly released report from NSS Labs, Microsoft’s Internet Explorer 9 outperforms competing browsers in protecting against socially engineered malware.
More details:
By Dancho Danchev
A well known group of hackers has penetrated the networks of the United Nations, according to a note posted on Pastebin.com.
The group claiming responsibility is Team Poison, a hacking group closely associated with the Anonymous hactivist movement. Team Poison members include TriCk, iN^SaNe, MLT,Phantom~, C0RPS3, f0rsaken, aXioM and ap0calypse.
More details:
By Dancho Danchev
What are pharmaceutical scammers up to? From active participation in black hat search engine optimization campaigns, to spamvertising of bogus links – including QR Codes – and compromising of web sites with high page rank in order to redirect to pharmaceutical scams, scammers are keeping themselves pretty busy in order to monetize as much web traffic as possible.
Recently, one of the most popular affiliate network for selling counterfeit pharmaceutical items launched its own Web contest.
Let’s take a look.
