Quantcast
Channel: Webroot Blog
Viewing all 1110 articles
Browse latest View live

New Russian service sells access to compromised social networking accounts

0
0
By Dancho Danchev On daily basis, hundreds of thousands of legitimate accounts across multiple social networks get compromised, to be later on abused as a platform for launching related cyber attacks and social engineering attempts. Recently, I came across a new Russian service offering access to compromised accounts across multiple social networks such as Vkontakte, [...]

Cybercriminals impersonate UPS in client-side exploits and malware serving spam campaign

0
0
By Dancho Danchev In an attempt to aggregate as much traffic as possible, cybercriminals systematically abuse popular brands and online services. Next to periodically rotating the brands, they also produce professional looking email templates, in an attempt to successfully brand-jack these companies, and trick their customers into interacting with the malicious emails. Today’s highlight is [...]

Webroot Bulletin Regarding AV-Comparatives Results

0
0
By Grayson Milbourne and Joe Jaroch If there is one thing that can be observed about the AV industry, it is that no solution is ever 100% effective at blocking malware. With this in mind, Webroot SecureAnywhere (WSA) was designed to protect users even in cases where undetected malicious software has made it onto the [...]

Russian Ask.fm spamming tool spotted in the wild

0
0
By Dancho Danchev On their way to occupy an even bigger market share, spammers constantly look for new ways to increase visitor conversion, and target as many users as possible with the least amount of time and money invested. For years, their tactics included the development of cybercrime friendly online communities, sophisticated harvesting and validation [...]

Spamvertised Intuit themed emails lead to Black Hole exploit kit

0
0
By Dancho Danchev Cybercriminals are currently spamvertising millions of emails impersonating Intuit, in an attempt to trick end and corporate users into clicking on the malicious links found in the emails. The emails pretend to be coming from Intuit’s PaymentNetwork and acknowledge the arrival of an incoming payment. In reality though, they redirect users to [...]

Cybercriminals impersonate Booking.com, serve malware using bogus ‘Hotel Reservation Confirmation’ themed emails

0
0
By Dancho Danchev Globetrotters, beware of these malicious emails! Cybercriminals are currently spamvertising millions of emails impersonating Booking.com, in an attempt to trick end and corporate users into downloading and executing the malicious archive attached to the emails. More details: Screenshot of a sample spamvertised email: The malicious Hotel-Reservation-Confirmation_from_Booking.exe (MD5: 7b60d5b4af4b1612cd2be56cfc4c1b92 ) executable is detected by 30 out [...]

Spamvertised Craigslist themed emails lead to Black Hole exploit kit

0
0
By Dancho Danchev Cybercriminals are currently spamvertising millions of emails impersonating the popular Craigslist site, in an attempt to trick users into clicking on client-side exploits and malware serving URLs courtesy of the Black Hole exploit kit. More details: Screenshot of the spamvertised email: Spamvertised URls: hxxp://institut66.fr/genidpo.html; hxxp://tomix.cal24.pl/lidcr.html; hxxp://well-ship.com/genidpo.html; hxxp://www.windscreen-wiper.com/lidcr.html; hxxp://wzm1982.com.cn/lidcr.html; hxxp://iconnectzone.com/wp-includes/waral.html Client-side exploits serving URL: hxxp://historyalmostany.org/main.php?page=ed0a25d616022c57 – 221.131.129.200 Upon clicking on [...]

Cybercriminals impersonate law enforcement, spamvertise malware-serving ‘Speeding Ticket’ themed emails

0
0
By Dancho Danchev Not fearing prosecution, cybercriminals regularly impersonate law enforcement online in an attempt to socially engineer  end users and corporate users into interacting with their malicious campaigns. From 419 scams, police ransomware, to law enforcement themed malware-serving email campaigns, cybercriminals continue abusing the international branches of various law enforcement agencies. In this post, [...]

Spamvertised ‘Download your USPS Label’ themed emails serve malware

0
0
By Dancho Danchev Cybercriminals are currently spamvertising millions of emails impersonating the United States Postal Service (USPS), in an attempt to trick end and corporate users into downloading and unpacking the malicious .zip attachment distributed by them. What’s so special about this campaign? Where is the malicious sample phoning back to? Are there more malware samples [...]

Cybercriminals target Twitter, spread thousands of exploits and malware serving tweets

0
0
By Dancho Danchev Twitter users, beware! Over the past several days, cybercriminals have been persistently spamvertising thousands of exploits and malware serving links across the most popular micro blogging service. Upon clicking on the clicks, users are exposed to the exploits served by the Black Hole web malware exploitation kit. What’s so special about this [...]

Russian spammers release Skype spamming tool

0
0
By Dancho Danchev Taking advantage of DIY spamming tools and harvested databases of user names, cybercriminals have been systematically abusing multiple instant messaging services in an attempt to trick as many users as possible into interacting with their malicious campaign. In this post, I’ll profile a newly released DIY Skype spamming tool, discuss its main features, [...]

Spamvertised ‘Your Ebay funds are cleared’ themed emails lead to Black Hole exploit kit

0
0
By Dancho Danchev Cybercriminals are currently mass mailing millions of emails impersonating eBay and PayPal in an attempt to trick end and corporate users into clicking on the malicious links found in the emails. Upon clicking on any of them, user are exposed to the client-side exploits served by the Black Hole exploit kit. More [...]

Spamvertised AICPA themed emails lead to Black Hole exploit kit

0
0
By Dancho Danchev Certified public accountants, beware what you click on! Cybercriminals are currently spamvertising millions of emails impersonating AICPA (American Institute of Certified Public Accountants) in an attempt to trick users into clicking on the client-side exploits and malware serving links found in the emails. More details: Screenshot of the spamvertised email: Upon clicking [...]

Spamvertised ‘PayPal has sent you a bank transfer’ themed emails lead to Black Hole exploit kit

0
0
By Dancho Danchev Sticking to their well proven social engineering tactics consisting of systematic rotation of the abused brands, cybercriminals are currently spamvertising millions of emails impersonating PayPal, in an attempt to trick end and corporate users into interacting with the malicious campaign. Once the interaction takes place, users are exposed to the client-side exploits [...]

Beware of Malicious Olympic 2012 Android Apps

0
0
By Joe McManus There are too many events happening at one time during the Olympics, which might tempt you to install an app for that. But be careful of what you install. Not all apps are what they appear to be. As an example let’s look at the app called “London Olympics Widget”. More details: [...]

Ongoing spam campaign impersonates LinkedIn, serves exploits and malware

0
0
By Dancho Danchev Remember the LinkedIn exploits and malware serving campaigns which I profiled in March, and May? Over the past 24 hours, cybercriminals launched the most recent spam campaign impersonating LinkedIn, in an attempt to trick LinkedIn’s users into clicking on the client-side exploits and malware serving links found in the emails. More details: [...]

Some Clarification…

0
0
By Nathan Collier Recently Webroot posted a blog about an app called “London Olympics Widget” which was found in a third party market that may need further clarification.  This app is what we consider a Potentially Unwanted Application (PUA).  PUAs are apps are not considered to be good, nor are they considered malware either.  They [...]

Millions of spamvertised emails lead to W32/Casonline

0
0
By Dancho Danchev Thanks to a mature monetization model introduced by vendors of bogus online gambling software, cybercriminals continue mass mailing millions of emails in an attempt to earn revenue for each and every new installation of the promoted software. In this post, I’ll profile several prolific spam campaigns attempting to trick users into visiting [...]

Cybercriminals impersonate AT&T’s Billing Service, serve exploits and malware

0
0
By Dancho Danchev Cybercriminals have launched yet another massive spam campaign, this time impersonating AT&T’s Billing Center, in an attempt to trick end and corporate users into downloading a bogus Online Bill. Once gullible and socially engineered users click on any of the links found in the malicious emails, they’re automatically redirected to a Black [...]

IRS themed spam campaign leads to Black Hole exploit kit

0
0
By Dancho Danchev Recently, cybercriminals launched yet another massive spam campaign, this time impersonating the Internal Revenue Service (IRS) in an attempt to trick tax payers into clicking on a link pointing to a bogus Microsoft Word Document. Once the user clicks on it, they are redirected to a Black Hole exploit kit landing URL, [...]
Viewing all 1110 articles
Browse latest View live




Latest Images