By Dancho Danchev
Fraudsters are currently spamvertising tens of thousands of emails enticing users into installing rogue, potentially unwanted (PUAs) casino software. Most commonly known as W32/Casonline, this scam earns revenue through the rogue online gambling software’s affiliate network.
More details:
By Dancho Danchev
Thanks to a mature monetization model introduced by vendors of bogus online gambling software, cybercriminals continue mass mailing millions of emails in an attempt to earn revenue for each and every new installation of the promoted software.
In this post, I’ll profile several prolific spam campaigns attempting to trick users into visiting a bogus web site, and downloading a copy of the potentially unwanted application (PUA) most commonly known as W32/Casonline.
More details:
By Dancho Danchev
Cybercriminals are currently spamvertising hundreds of thousands of emails enticing end and corporate users into clicking on links leading to bogus online casinos requiring the installation of an executable file.
This is the second bogus casino themed campaign I’ve intercepted in recent months, and the third time when I profile the distribution and infection vectors of W32/Casonline.
More details:
By Dancho Danchev
Everyone knows that there’s no such thing as free lunch. The same goes for freely distributed pirated content online.
Recently, Webroot decided to sample malicious activity within some of the most popular Eastern European torrent trackers, based in Bulgaria, Ukraine, and Romania for starters. The results? Countless backdoored key generators and cracks for popular games and software, and most interestingly, monetization of the huge traffic by delivering pop-ups promoting the ubiquitous W32/Casonline adware, which in case you remember was recently spamvertised to millions of end and corporate users.
More details:
By Dancho Danchev
Cybercriminals are currently spamvertising online casino themed emails, which ultimately redirect users to a bogus casino site offering an executable download. Upon deeper examination, it appears that the download is actually adware.
More details:
