- RSS Channel Showcase 3940047
- RSS Channel Showcase 2939283
- RSS Channel Showcase 6267097
- RSS Channel Showcase 9817050
Articles on this Page
- 07/17/12--10:37: _New Russian service...
- 07/18/12--10:30: _Cybercriminals impe...
- 07/19/12--07:32: _Webroot Bulletin Re...
- 07/19/12--10:30: _Russian Ask.fm spam...
- 07/20/12--10:30: _Spamvertised Intuit...
- 07/23/12--10:30: _Cybercriminals impe...
- 07/24/12--10:30: _Spamvertised Craigs...
- 07/25/12--10:30: _Cybercriminals impe...
- 07/26/12--10:30: _Spamvertised ‘Downl...
- 07/27/12--09:41: _Cybercriminals targ...
- 07/30/12--10:30: _Russian spammers re...
- 07/31/12--10:30: _Spamvertised ‘Your ...
- 08/01/12--10:30: _Spamvertised AICPA ...
- 08/02/12--10:30: _Spamvertised ‘PayPa...
- 08/06/12--10:30: _Beware of Malicious...
- 08/08/12--15:41: _Ongoing spam campai...
- 08/09/12--06:41: _Some Clarification…
- 08/09/12--10:30: _Millions of spamver...
- 08/10/12--10:30: _Cybercriminals impe...
- 08/13/12--10:30: _IRS themed spam cam...
- 07/19/12--07:32: Webroot Bulletin Regarding AV-Comparatives Results
- 07/19/12--10:30: Russian Ask.fm spamming tool spotted in the wild
- 07/20/12--10:30: Spamvertised Intuit themed emails lead to Black Hole exploit kit
- 07/24/12--10:30: Spamvertised Craigslist themed emails lead to Black Hole exploit kit
- 07/26/12--10:30: Spamvertised ‘Download your USPS Label’ themed emails serve malware
- 07/30/12--10:30: Russian spammers release Skype spamming tool
- 08/01/12--10:30: Spamvertised AICPA themed emails lead to Black Hole exploit kit
- 08/06/12--10:30: Beware of Malicious Olympic 2012 Android Apps
- 08/09/12--06:41: Some Clarification…
- 08/09/12--10:30: Millions of spamvertised emails lead to W32/Casonline
- 08/13/12--10:30: IRS themed spam campaign leads to Black Hole exploit kit
By Dancho Danchev On daily basis, hundreds of thousands of legitimate accounts across multiple social networks get compromised, to be later on abused as a platform for launching related cyber attacks and social engineering attempts. Recently, I came across a new Russian service offering access to compromised accounts across multiple social networks such as Vkontakte, [...]
By Dancho Danchev In an attempt to aggregate as much traffic as possible, cybercriminals systematically abuse popular brands and online services. Next to periodically rotating the brands, they also produce professional looking email templates, in an attempt to successfully brand-jack these companies, and trick their customers into interacting with the malicious emails. Today’s highlight is [...]
By Grayson Milbourne and Joe Jaroch If there is one thing that can be observed about the AV industry, it is that no solution is ever 100% effective at blocking malware. With this in mind, Webroot SecureAnywhere (WSA) was designed to protect users even in cases where undetected malicious software has made it onto the [...]
By Dancho Danchev On their way to occupy an even bigger market share, spammers constantly look for new ways to increase visitor conversion, and target as many users as possible with the least amount of time and money invested. For years, their tactics included the development of cybercrime friendly online communities, sophisticated harvesting and validation [...]
By Dancho Danchev Cybercriminals are currently spamvertising millions of emails impersonating Intuit, in an attempt to trick end and corporate users into clicking on the malicious links found in the emails. The emails pretend to be coming from Intuit’s PaymentNetwork and acknowledge the arrival of an incoming payment. In reality though, they redirect users to [...]
By Dancho Danchev Globetrotters, beware of these malicious emails! Cybercriminals are currently spamvertising millions of emails impersonating Booking.com, in an attempt to trick end and corporate users into downloading and executing the malicious archive attached to the emails. More details: Screenshot of a sample spamvertised email: The malicious Hotel-Reservation-Confirmation_from_Booking.exe (MD5: 7b60d5b4af4b1612cd2be56cfc4c1b92 ) executable is detected by 30 out [...]
By Dancho Danchev Cybercriminals are currently spamvertising millions of emails impersonating the popular Craigslist site, in an attempt to trick users into clicking on client-side exploits and malware serving URLs courtesy of the Black Hole exploit kit. More details: Screenshot of the spamvertised email: Spamvertised URls: hxxp://institut66.fr/genidpo.html; hxxp://tomix.cal24.pl/lidcr.html; hxxp://well-ship.com/genidpo.html; hxxp://www.windscreen-wiper.com/lidcr.html; hxxp://wzm1982.com.cn/lidcr.html; hxxp://iconnectzone.com/wp-includes/waral.html Client-side exploits serving URL: hxxp://historyalmostany.org/main.php?page=ed0a25d616022c57 – 184.108.40.206 Upon clicking on [...]
By Dancho Danchev Not fearing prosecution, cybercriminals regularly impersonate law enforcement online in an attempt to socially engineer end users and corporate users into interacting with their malicious campaigns. From 419 scams, police ransomware, to law enforcement themed malware-serving email campaigns, cybercriminals continue abusing the international branches of various law enforcement agencies. In this post, [...]
By Dancho Danchev Cybercriminals are currently spamvertising millions of emails impersonating the United States Postal Service (USPS), in an attempt to trick end and corporate users into downloading and unpacking the malicious .zip attachment distributed by them. What’s so special about this campaign? Where is the malicious sample phoning back to? Are there more malware samples [...]
By Dancho Danchev Twitter users, beware! Over the past several days, cybercriminals have been persistently spamvertising thousands of exploits and malware serving links across the most popular micro blogging service. Upon clicking on the clicks, users are exposed to the exploits served by the Black Hole web malware exploitation kit. What’s so special about this [...]
By Dancho Danchev Taking advantage of DIY spamming tools and harvested databases of user names, cybercriminals have been systematically abusing multiple instant messaging services in an attempt to trick as many users as possible into interacting with their malicious campaign. In this post, I’ll profile a newly released DIY Skype spamming tool, discuss its main features, [...]
By Dancho Danchev Cybercriminals are currently mass mailing millions of emails impersonating eBay and PayPal in an attempt to trick end and corporate users into clicking on the malicious links found in the emails. Upon clicking on any of them, user are exposed to the client-side exploits served by the Black Hole exploit kit. More [...]
By Dancho Danchev Certified public accountants, beware what you click on! Cybercriminals are currently spamvertising millions of emails impersonating AICPA (American Institute of Certified Public Accountants) in an attempt to trick users into clicking on the client-side exploits and malware serving links found in the emails. More details: Screenshot of the spamvertised email: Upon clicking [...]
By Dancho Danchev Sticking to their well proven social engineering tactics consisting of systematic rotation of the abused brands, cybercriminals are currently spamvertising millions of emails impersonating PayPal, in an attempt to trick end and corporate users into interacting with the malicious campaign. Once the interaction takes place, users are exposed to the client-side exploits [...]
By Joe McManus There are too many events happening at one time during the Olympics, which might tempt you to install an app for that. But be careful of what you install. Not all apps are what they appear to be. As an example let’s look at the app called “London Olympics Widget”. More details: [...]
By Dancho Danchev Remember the LinkedIn exploits and malware serving campaigns which I profiled in March, and May? Over the past 24 hours, cybercriminals launched the most recent spam campaign impersonating LinkedIn, in an attempt to trick LinkedIn’s users into clicking on the client-side exploits and malware serving links found in the emails. More details: [...]
By Nathan Collier Recently Webroot posted a blog about an app called “London Olympics Widget” which was found in a third party market that may need further clarification. This app is what we consider a Potentially Unwanted Application (PUA). PUAs are apps are not considered to be good, nor are they considered malware either. They [...]
By Dancho Danchev Thanks to a mature monetization model introduced by vendors of bogus online gambling software, cybercriminals continue mass mailing millions of emails in an attempt to earn revenue for each and every new installation of the promoted software. In this post, I’ll profile several prolific spam campaigns attempting to trick users into visiting [...]
By Dancho Danchev Cybercriminals have launched yet another massive spam campaign, this time impersonating AT&T’s Billing Center, in an attempt to trick end and corporate users into downloading a bogus Online Bill. Once gullible and socially engineered users click on any of the links found in the malicious emails, they’re automatically redirected to a Black [...]
By Dancho Danchev Recently, cybercriminals launched yet another massive spam campaign, this time impersonating the Internal Revenue Service (IRS) in an attempt to trick tax payers into clicking on a link pointing to a bogus Microsoft Word Document. Once the user clicks on it, they are redirected to a Black Hole exploit kit landing URL, [...]