Spamvertised LinkedIn notifications serving client-side exploits and malware

March 23, 2012 – 10:14 am

By Dancho Danchev Cybercriminals are currently spamvertising LinkedIn themed messages, in an attempt to trick end and corporate users into clicking on the malicious links embedded in the emails. The campaign is using real names of LinkedIn users in an attempt to increase the authenticity of the spamvertised campaign. More details:

By ddanchev | Posted in Downloaders, Exploits, Keyloggers, malware, Rogue Security Products, social networks, spam, Threat Research, Trojans | Tags: , , , , , | Comments (5)

Malicious USPS-themed emails circulating in the wild

March 23, 2012 – 3:00 am

By Dancho Danchev Cybercriminals are currently spamvertising malicious USPS-themed emails, that entice end and corporate users into clicking on malicious links found in the emails. More details:

By ddanchev | Posted in Downloaders, Exploits, Keyloggers, malware, spam, Threat Research, Trojans | Tags: , , , , , , , , | Comments (3)

Rogue APKs continue to find new homes

March 22, 2012 – 2:32 pm

by Armando Orozco We’ve been tracking rogue premium-sms Android apps for sometime now. Here’s an interesting site we came across offering a download of the Google Music application, but this one comes with a cost. This site serves up a premium-sms Trojan of the ransom variety. Targeting Russian speakers these Rogue’s, we call Android.FakeInst, offer [...]

By Armando Orozco | Posted in Android, Trojans | Tags: , , , , , , , , , , , , | Comments (1)

Spamvertised ‘Your tax return appeal is declined’ emails serving client-side exploits and malware

March 22, 2012 – 9:13 am

By Dancho Danchev Cybercriminals are currently spamvertising with IRS (Internal Revenue Service) themed emails, enticing end and corporate users into downloading and viewing a malicious .htm attachment. More details:

By ddanchev | Posted in Downloaders, Keyloggers, mal-effects, malware, social engineering, Threat Research, Trojans | Tags: , , , , , , , | Comments (2)

Spamvertised ‘Your accountant license can be revoked’ emails lead to client-side exploits and malware

March 9, 2012 – 12:20 pm

By Dancho Danchev Cybercriminals are currently spamvertising a malicious email campaign that’s designed to trick you into clicking on a bogus complaint.pdf link which ultimately leads to client-side exploits and malware. The campaign is launched by the same gang that launched the “Spamvertised ‘Termination of your CPA license’ ” malicious campaign last month. More details:

By ddanchev | Posted in Downloaders, Exploits, Keyloggers, malware, social engineering, spam, Threat Research, Trojans | Tags: , , , | Comments (3)

A peek inside the Darkness (Optima) DDoS Bot

March 8, 2012 – 12:09 pm

By Dancho Danchev With politically motivated DDoS (distributed denial of service attack) attacks proliferating along with the overall increase in the supply of managed “DDoS for hire” services, it’s time to get back the basics, and find out just what makes an average DDoS bot used by cybercriminals successful. Continuing the “A peek inside…” series, in this [...]

By ddanchev | Posted in Downloaders, Keyloggers, malware, Threat Research, Trojans | Tags: , , , , , , | Comments (2)

New service converts malware-infected hosts into anonymization proxies

March 2, 2012 – 4:57 pm

By Dancho Danchev What happens when a host gets infected with malware? On the majority of occasions, cybercriminals will use it as a launch platform for numerous malicious activities, such as spamming, launching DDoS attacks, harvesting for fresh emails, and account logins. But most interestingly, thanks to the support offered in multiple malware loaders, they will [...]

By ddanchev | Posted in malware, Threat Research | Tags: , , , , , , , | Leave a Comment

BlackHole exploit kits gets updated with new features

February 29, 2012 – 1:57 pm

By Dancho Danchev According to independent sources, the author of the most popular web malware exploitation kit currently dominating the threat landscape, has recently issued yet another update to the latest version of the kit v1.2.2. More details:

By ddanchev | Posted in Botnet activity, Downloaders, Exploits, Keyloggers, malware, rootkit, Threat Research, Trojans | Tags: , , , , | Comments (1)

A peek inside the Elite Malware Loader

February 29, 2012 – 1:40 pm

By Dancho Danchev Just like today’s modern economy, in the cybercrime ecosystem supply, too, meets demand on a regular basis. With malware coding for hire propositions increasing thanks to the expanding pool of talented programmers looking for ways to enter the cybercrime ecosystem, it shouldn’t be surprising that  cybercriminals are constantly releasing new malware loaders, [...]

By ddanchev | Posted in Downloaders, Keyloggers, malware, rootkit, Threat Research, Trojans | Tags: , , , , , | Leave a Comment

How cybercriminals monetize malware-infected hosts

February 27, 2012 – 8:30 pm

By Dancho Danchev The vibrant cybercrime underground ecosystem offers countless ways to monetize the malware-infected hosts at the disposal of the malicious attacker. From converting them to anonymization proxies assisting cybercriminals in covering their Web activities, to launching DDoS attacks, and using them to disseminate spam and more malicious threats, cybercriminals have a vast arsenal [...]

By ddanchev | Posted in social networks | Tags: , , , , , , , , | Leave a Comment
Follow

Get every new post delivered to your Inbox.

Join 609 other followers