Articles on this Page
- 07/30/13--00:00: _Custom USB sticks b...
- 07/31/13--00:00: _DIY commercially-av...
- 08/02/13--00:00: _‘Malware-infected h...
- 08/02/13--12:00: _New ‘Hacked shells ...
- 08/05/13--00:00: _Fake ‘iPhone Pictur...
- 08/05/13--08:30: _Potentially Unwante...
- 08/06/13--00:00: _Malicious Bank of A...
- 08/07/13--10:00: _Cybercriminals spam...
- 08/08/13--11:00: _One-stop-shop for s...
- 08/09/13--00:00: _Fake ‘Apple Store G...
- 08/12/13--00:00: _Newly launched mana...
- 08/13/13--00:00: _Cybercrime-friendly...
- 08/14/13--00:00: _From Vietnam with t...
- 08/15/13--08:00: _DIY Craigslist emai...
- 08/16/13--00:00: _Bulletproof TDS/Doo...
- 08/19/13--00:00: _DIY automatic cyber...
- 08/20/13--13:01: _[Video] ThreatVlog,...
- 08/26/13--09:50: _[Video] ThreatVlog,...
- 08/28/13--00:00: _Cybercriminals offe...
- 08/29/13--00:00: _Cybercrime-friendly...
- 08/05/13--00:00: Fake ‘iPhone Picture Snapshot Message’ themed emails lead to malware
- 08/05/13--08:30: Potentially Unwanted Applications and You
- 08/20/13--13:01: [Video] ThreatVlog, Episode 1: Tor and Apple exploits revealed
- 08/26/13--09:50: [Video] ThreatVlog, Episode 2: Keyloggers and your privacy
By Dancho Danchev When Microsoft disabled AutoRun on XP and Vista back in February, 2011, everyone thought this was game over for the bad guys who were abusing the removable media distribution/infection vector in particular. However, pragmatic and market demand-driven opportunistic cybercrime-friendly vendors quickly realized that this has opened up a new business opportunity, that is, if they ever […]
By Dancho Danchev A newly launched underground market service, aims to automate the unethical penetration testing process, by empowering virtually all of its (paying) customers with what they claim is ‘private exploitation techniques’ capable of compromising any Web site. More details: Sample screenshots of the DIY automatic Web site hacking service+colors of the displayed output: […]
By Dancho Danchev Malware-infected hosts with clean IP reputation have always been a desirable underground market item. On the majority of occasions, they will either be abused as distribution/infection vector, used as cash cows, or as ‘stepping stones’, risk-forwarding the responsibility, and distorting the attribution process, as well as adding an additional OPSEC (Operational Security) layer […]
By Dancho Danchev Whether it’s abusing the ‘Long Tail’ of the Web by systematically and efficiently exploiting tens of thousands of legitimate Web sites, or the quest to compromise few, but high-trafficked, high page rank empowered Web sites, compromised shell accounts are an inseparable part of the cybercrime ecosystem. Aiming to fill in a niche in […]
By Dancho Danchev We’ve just intercepted a currently circulating malicious spam campaign that’s attempting to trick iPhone owners into thinking that they’ve received a ‘picture snapshot message’. Once users execute the malicious attachment, their PCs automatically join the botnet operated by the cybercriminal/gang of cybercriminals, whose activities we’ve been closely monitoring over the last couple […]
By Adam McNeil PUA’s (Potentially Unwanted Applications) are often nuisance applications which serve little purpose other than using your computer as a gateway for online advertisements or as a catalyst to deliver annoying applications that may pester you to the point where you want to throw your computer out a window. Anti-Malware companies usually have […]
threatadam8-2-2013 12-03-12 PM8-2-2013 12-35-03 PM8-2-2013 12-31-33 PM8-2-2013 12-31-43 PM
By Dancho Danchev Bank of America (BofA) customers, watch what you click on! A currently ongoing malicious spam campaigns is attempting to entice BofA customers into clicking on the client-side exploit serving URLs found in legitimate looking ‘Statement of Expenses’ themed emails. Once users with outdated third-party applications and browser plugins click on the link, an […]
By Dancho Danchev British users, watch what you execute on your PCs! An ongoing malicious spam campaign is impersonating U.K’s O2 mobile carrier, in an attempt to trick its customers into executing a fake ‘MMS message” attachment found in the emails. Once socially engineered users do so, their PCs automatically join the botnet operated by […]
By Dancho Danchev In a series of blog posts, we’ve been highlighting the ease, automation, and sophistication of today’s customer-ized managed spam ‘solutions’, setting up the foundations for a successful fraudulent or purely malicious spam campaign, like the ones we intercept and protect against on a daily basis. From bulletproof spam-friendly SMTP servers, to segmented […]
By Dancho Danchev Apple Store users, beware! A currently ongoing malicious spam campaign is attempting to trick users into thinking that they’ve successfully received a legitimate ‘Gift Card’ worth $200. What’s particularly interesting about this campaign is that the cybercriminal(s) behind it are mixing the infection vectors by relying on both a malicious attachment and […]
By Dancho Danchev Among the most common misconceptions about the way a novice cybercriminal would approach his potential victims has to do with the practice of having him looking for a ‘seed’ population to infect, so that he can then use the initially infected users as platform to scale his campaign. In reality though, that used […]
By Dancho Danchev Throughout the last couple of years, the persistent demand for geolocated traffic coming from both legitimate traffic exchanges or purely malicious ones — think traffic acquisition through illegally embedded iFrames — has been contributing to the growing market segment where traffic is bought, sold and re-sold, for the sole purpose of monetizing […]
By Dancho Danchev How would a cybercriminal differentiate his unique value proposition (UVP) in order to attract new customers wanting to purchase commoditized underground market items like, for instance, harvested and segmented email databases? He’d impress them with comprehensiveness and ‘vertically integrated’ products and services. At least that’s what the cybercriminals behind the cybercrime-friendly market proposition […]
By Dancho Danchev In need of a good reason to start using Craigslist ‘real email anonymization’ option? We’re about to give you a pretty good one. For years, the popular classified Web site has been under fire from spammers using DIY email collecting tools, allowing them to easily obtain fresh and valid emails to later be abused in fraudulent/malicious campaigns. […]
By Dancho Danchev Operating in the open since 2009, a bulletproof hosting provider continues offering services for white, grey, and black projects, as they like to describe them, and has been directly contributing to the epidemic growth of cybercrime to the present day through its cybercriminal-friendly services. From Traffic Distribution Systems (TDS), to doorways, pharmaceutical scams, spam domains and warez, […]
By Dancho Danchev Redirectors are a popular tactic used by cybercriminal on their way to trick Web filtering solutions. And just as we’ve seen in virtually ever segment of the underground marketplace, demand always meets supply. A newly launched, DIY ‘redirectors’ generating service, aims to make it easier for cybercriminals to hide the true intentions […]
What is Tor? Is it really secure? What about the Apple App Store approval process? Are all these applications really looked at? In today’s episode, Grayson Milbourne covers the exploitation of the Tor network through Firefox and a proof of concept showing just how insecure Apple app testing can be.
Commercial and black hat keyloggers can infect any device, from your PC at home to the phone in your hand. What exactly are these programs trying to steal? How can this data be used harmfully against you? And what can you do to protect all your data and devices from this malicious data gathering? In […]
By Dancho Danchev We continue to observe an increase in underground market propositions for spam-ready bulletproof SMTP servers, with the cybercriminals behind them trying to differentiate their unique value proposition (UVP) in an attempt to attract more customers. Let’s profile the underground market propositions of what appears to be a novice cybercriminal offering such spam-ready […]
By Dancho Danchev The list of monetization tactics a cybercriminal can take advantage of, once they manage to hijack a huge portion of Web traffic, is virtually limitless and is entirely based on his experience within the cybercrime ecosystem. Through the utilization of blackhat SEO (search engine optimization), RFI (Remote File Inclusion), DNS cache poisoning, or […]