Pharmaceutical scammers launch their own Web contest

February 10, 2012 – 6:13 pm

By Dancho Danchev What are pharmaceutical scammers up to? From active participation in black hat search engine optimization campaigns, to spamvertising of bogus links – including QR Codes – and compromising of web sites with high page rank in order to redirect to pharmaceutical scams, scammers are keeping themselves pretty busy in order to monetize as much [...]

By ddanchev | Posted in Blackhat SEO, social engineering, spam | Tags: , , , , , | Leave a Comment

Researchers intercept two client-side exploits serving malware campaigns

February 8, 2012 – 4:52 pm

By Dancho Danchev Security researchers from Webroot have intercepted two currently live client-side exploits serving malware campaigns that have already managed to infect over 20,000 PCs across the globe, primarily in the United States. Based upon detailed analysis, it can be concluded that both campaigns are launched by the same cybercriminal. More details:

By ddanchev | Posted in Downloaders, Firefox, Google Chrome, Internet Explorer, Keyloggers, malware, Passwords, Threat Research, Trojans | Tags: , , , , , , | Comments (3)

Researchers spot Citadel, a ZeuS crimeware variant

February 8, 2012 – 1:35 pm

By Dancho Danchev Security researchers from “Tracking Cyber Crime” have spotted a new ZeuS crimeware variant, that’s based on the leaked ZeuS source code from last year. Dubbed Citadel, the crimeware is positioned as a universal spyware system, whose modular nature allows cybercriminals to offer flexibly priced value-added services such as managed malware crypting, and [...]

By ddanchev | Posted in Downloaders, Keyloggers, malware, Passwords, rootkit, Threat Research, Trojans | Tags: , , , , , | Leave a Comment

A peek inside the Smoke Malware Loader

February 3, 2012 – 5:07 pm

By Dancho Danchev The competitive arms race between security vendors and malicious cybercriminals constantly produces new defensive mechanisms, next to new attack platforms and malicious tools aiming to efficiently exploit and infect as many people as possible. Continuing the “A peek inside…” series, in this post I will profile yet another malware loader. This time it’s [...]

By ddanchev | Posted in Downloaders, Keyloggers, malware, Passwords, Threat Research, Trojans | Tags: , , , , | Leave a Comment

Cybercriminals generate malicious Java applets using DIY tools

January 30, 2012 – 3:22 pm

By Dancho Danchev Who said there’s such a thing as a trusted Java applet? In situations where malicious attackers cannot directly exploit client-side vulnerabilities on the targeted host, they will turn to social engineering tricks, like legitimate-looking Java Applets, which will on the other hand silently download the malicious payload of the attacker, once the [...]

By ddanchev | Posted in Backdoors, Downloaders, Firefox, Google Chrome, Internet Explorer, Keyloggers, malware, social engineering, Stupid malware tricks, Threat Research, Trojans | Tags: , , , , , | Comments (1)

Cisco releases ‘Cisco Global Threat Report’ for 4Q11

January 29, 2012 – 7:12 pm

By Dancho Danchev Cisco Systems, recently announced the release of ’Cisco Global Threat Report’ for 4Q11, containing threat intelligence based on Cisco’s observation of the malicious threat landscape. Key summary points:

By ddanchev | Posted in Botnet activity, Enterprises, Internet security industry, malware, phishing, spam, Targets | Tags: , , , , , , | Comments (1)

A peek inside the uBot malware bot

January 26, 2012 – 12:18 pm

By Dancho Danchev Participants in the dynamic cybercrime underground ecosystem are constantly working on new cybercrime-friendly releases in the form of malware bots, Remote Access Tools (RATs) and malware loaders. Continuing the “A peek inside…” series, in this post I will profile yet another DIY (do-it-yourself) malware bot, available at the disposal of cybercriminals at [...]

By ddanchev | Posted in Backdoors, Downloaders, Keyloggers, malware, Passwords, Threat Research, Trojans | Tags: , , , | Comments (1)

Researchers intercept a client-side exploits serving malware campaign

January 25, 2012 – 12:14 pm

By Dancho Danchev Security researchers from Webroot have intercepted a currently active, client-side exploits-serving malicious campaign that has already managed to infect 18,544 computers across the globe, through the BlackHole web malware exploitation kit. More details:

By ddanchev | Posted in Backdoors, Downloaders, Firefox, Google Chrome, Internet Explorer, Keyloggers, malware, Passwords, rootkit, Threat Research, Trojans | Tags: , , , , , , , | Comments (2)

How phishers launch phishing attacks

January 23, 2012 – 7:27 pm

By Dancho Danchev Just like in every other industry, participants in the cybercrime ecosystem are no strangers to the concept of standardization. Standardization results in efficiencies, which on the other hand results in economies of scale. In this case, malicious economies of scale. Just how easy is it to launch a phishing attack nowadays? What tools, [...]

By ddanchev | Posted in Online shopping threats, Passwords, phishing, social engineering, spam, Threat Research | Tags: , , , , , , | Leave a Comment

A peek inside the Umbra malware loader

January 20, 2012 – 11:46 am

By Dancho Danchev The thriving cybercrime underground marketplace has a lot to offer. From DIY botnet builders, DIY DDoS platforms, to platforms for executing clickjacking and likejacking campaigns, next to drive-by malware attacks, the ecosystem is always a step ahead of the industry established to fight back. Continuing the “A peek inside…” series, in this [...]

By ddanchev | Posted in Backdoors, Keyloggers, malware, Threat Research, Trojans | Tags: , , , , | Comments (2)
Follow

Get every new post delivered to your Inbox.

Join 545 other followers