Tag Archives: twitter

Cybercriminals target Twitter, spread thousands of exploits and malware serving tweets

Posted on by

By Dancho Danchev

Twitter users, beware!

Over the past several days, cybercriminals have been persistently spamvertising thousands of exploits and malware serving links across the most popular micro blogging service. Upon clicking on the clicks, users are exposed to the exploits served by the Black Hole web malware exploitation kit.

What’s so special about this campaign? What’s the detection rate of the malware it drops? Where does it phone back once it’s executed? Have we seen additional malware phone back to the same command and control servers, indication a connection between these campaigns? Let’s find out.

More details:

Continue reading

New Russian service sells access to compromised social networking accounts

Posted on by

By Dancho Danchev

On daily basis, hundreds of thousands of legitimate accounts across multiple social networks get compromised, to be later on abused as a platform for launching related cyber attacks and social engineering attempts.

Recently, I came across a new Russian service offering access to compromised accounts across multiple social networks such as Vkontakte, Twitter, Facebook, LiveJournal, and last but not least, compromised email accounts. What’s particularly interesting about this service is the fact that it’s exclusively targeting Russian and Ukrainian users.

More details:

Continue reading

Spamvertised ‘YouTube Video Approved’ and ‘Twitter Support” themed emails lead to pharmaceutical scams

Posted on by

By Dancho Danchev

Just like true marketers interested in improving the click-through rates of their campaign, pharmaceutical scammers are constantly looking for new ways to attract traffic to their fraudulent sites.

From compromised web shells on web sites with high page rank, the impersonation of legitimate brands, to the development of co-branding campaigns, pharmaceutical scammers persistently rotate the traffic acquisition tactics in an attempt to trick more end users into purchasing their counterfeit pharmaceutical items.

In this post, I’ll profile two currently spamvertised campaigns impersonating YouTube and Twitter, ultimately redirecting end users to pharmaceutical scams.

More details:

Continue reading

How cybercriminals monetize malware-infected hosts

Posted on by

By Dancho Danchev

The vibrant cybercrime underground ecosystem offers countless ways to monetize the malware-infected hosts at the disposal of the malicious attacker.

From converting them to anonymization proxies assisting cybercriminals in covering their Web activities, to launching DDoS attacks, and using them to disseminate spam and more malicious threats, cybercriminals have a vast arsenal of monetization tactics in their arsenal.

In this post we’ll profile a recently advertised service offering thousands of Facebook “Likes”, Twitter followers, and YouTube views, all for the modest price of a couple of hundred rubles, entirely relying on malware-infected hosts for supporting their infrastructure.

Continue reading

Thre@t Reply: What’s a Firewall?

Posted on by

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

This week’s Thre@t Reply video features Threat Research Analyst Armando Orozco answering one of the most frequently asked questions we receive: What is a firewall, and how does it work? Well, the actual question wasn’t put quite so politely, but that’s the gist of it. Armando is the primary researcher working on the Mobile Security for Android product, but he also researches malware on Windows and Mac malware, as well.

As always, feel free to submit your security question to @webroot, or by email to blog (at) webroot (dot) com, or in the comments below and we’ll get one of our threat researchers to answer it on an upcoming Thre@t Reply video. To see any of our other video replies to reader questions, visit the Webroot channels on YouTube or Vimeo.

Thre@t Reply: “Online Shopping” | Part 1 of 2

Posted on by

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

In the latest Thre@t Reply video, Threat Research Analyst Grayson Milbourne answers a reader’s question about how to avoid being phished. The first step is to be able to identify whether you’re on the legitimate Web site you think you are, and if you’re not, what are the telltale signs that indicate you may be looking at a fake site designed solely to steal your user account and password information.

To see the second half of the video, or any of our other video replies to reader questions, check out this post or visit the Webroot channels on YouTube or Vimeo.

Webroot Answers Your Security Questions

Posted on by

By Andrew Brandt

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to Yahoo BuzzAdd to Newsvine

I’m very pleased to present today the first in a series of videos we’ve produced. The videos have the lofty goal of addressing the most pressing questions relating to malware, cybercrime, and online fraud. We’ll take you behind the scenes at Webroot and introduce you to some of our Threat Research team in the process.

In this first video, Webroot’s Director of Threat Research, Jeff Horne, answers a question submitted to us via Twitter direct message about the motives behind most cybercrime, and whether there are any examples of malware or other types of malicious online activity that have been motivated by anything other than financial gain.

We’re planning to release a new video every other Monday from now on. When you’ve thought of that question you always wanted to know the answer to, tweet @webroot or send an email to blog (at) webroot.com, and we’ll answer the ones about cybercrime. We’ll try not to disappoint, but offer no promises. If you think of questions about something else, send them to Dr. Phil or Craig. We look forward to your letters!

Workplace Social Networking: More Like Antisocial Not-working

Posted on by

By Ian Moyse, EMEA Channel Director

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Hardly a week goes by when the national press doesn’t carry a story about how social networks represent a threat to privacy or security, or both. These news stories aren’t wrong: Users of social networks face a raft of risks, ranging from malware attacks and identity theft, to cyberbullying, grooming from sexual predators or stalkers, viewing or posting inappropriate content, and the ever-present risk that you (or someone you work with) might end up with your foot (or is it your keyboard?) firmly in mouth.

Using social networks to give out too much information about yourself can also lead to some predictably poor outcomes. One Australian employee, fired from his job, had posted about skiving from work after a night of heavy drinking. A group of call center employees swapped brags about abusing customer information on Facebook and were fired. Is it hard to believe that the employer used the employees’ own Facebook posts as a virtual admission of guilt?

With Facebook adding over 400,000 users a day and LinkedIn 400,000 a week, social networks can no longer be ignored by employers, as employee misuse of social networks accelerate.

Continue reading

Social Nets Put Your Privacy at Risk

Posted on by

By Mike Kronenberg

Add to FacebookAdd to DiggAdd to Del.icio.usAdd to StumbleuponAdd to RedditAdd to BlinklistAdd to TwitterAdd to TechnoratiAdd to FurlAdd to Newsvine

Attention Facebook and Twitter users: You’re still at risk. Last year, our survey found that lots of people using social networking sites were taking the risk of financial loss, identity theft, and malware infection. Have things gotten any better? Well, the answer is yes but, unfortunately, not better enough — and potentially a lot worse for some of you.

The results of our 2010 survey reveals that more of you are adhering to some safe behaviors — like blocking profiles from being visible through public search engines. That’s a good thing, but the downside is over 25 percent of you haven’t changed your default privacy settings. And more that three quarters of survey respondents haven’t placed any restrictions on who can see their recent activity.

I worry about this because you can’t escape the fact that rogue operators are always trying to extract details about you. They want access to anything that can help them dig into your private life. They can break into Web mail accounts, get your credit card number, steal your identity, or even attack you through cyber-stalking.

And they’ll do anything to get the info, from attacking you with malware to tricking you into revealing passwords.

With that, and our survey in mind, on the following page I’ve posted a few suggestions you can follow to protect yourself.

Continue reading