Quantcast
Channel: Webroot Blog
Viewing all 1110 articles
Browse latest View live

Russian cybercriminals release new DIY DDoS malware loader

0
0
By Dancho Danchev On a daily basis, new market entrants into the cybercrime ecosystem attempt to monetize their coding skills by releasing and branding new DIY DDoS malware loaders. Largely dominated by “me too” features, these DIY malware loaders are purposely released with prices lower than the prices of competing bots, in an attempt by [...]

PayPal ‘Notification of payment received’ themed emails serve malware

0
0
By Dancho Danchev Sticking to their proven tactic of systematically rotating the impersonated brands, cybercriminals are currently spamvertising millions of emails impersonating PayPal, in an attempt to trick its users into downloading and executing the malicious attachment found in the legitimate looking email. More details: Screenshot of the spamvertised  email: Detection rate for the malicious [...]

Cybercriminals impersonate Delta Airlines, serve malware

0
0
By Dancho Danchev Following the recently launched malicious campaigns impersonating KLM and American Airlines, cybercriminals are once again busy impersonating yet another company, this time it’s Delta Airlines. More details: Screenshot of the spamvertised email: Detection rate for the malicious attachment: MD5: fe02ffade8660c89633862888ec3b1a8 detected by 3 out of 43 antivirus vendors as ZIP/Bredolab.A!Camelot; Mal/BredoZp-B. What’s [...]

‘Your UPS Invoice is Ready’ themed emails serve malware

0
0
By Dancho Danchev Over the past 24 hours, cybercriminals launched yet another massive spam campaign, impersonating the United Parcel Service (UPS), in an attempt to trick its current and prospective customers into downloading and executing the malicious attachment found in the email. Upon execution, the malware opens a backdoor on the infected host, allowing the [...]

Bogus Skype ‘Password successfully changed’ notifications lead to malware

0
0
By Dancho Danchev Skype users, beware! Cybercriminals are currently spamvertising millions of emails impersonating Skype, in an attempt to trick Skype users that their password has been successfully changed, and that in order to view their call history and change their account settings, they would need to execute the malicious attachment found in the emails. [...]

RSA Conference Europe 2012 – recap

0
0
By Dancho Danchev As many of you know, Webroot recently attended Europe’s most prestigious security conference, RSA Europe 2012, where I held a presentation on the topic of “Cyber Jihad vs Cyberterrorism – Separating Hype from Reality“. Since a picture is worth a thousand words, here are some photos from this year’s RSA Europe conference: [...]

Cybercriminals impersonate Verizon Wireless, serve client-side exploits and malware

0
0
By Dancho Danchev Verizon Wireless customers, beware! For over a week now, cybercriminals have been persistently spamvertising millions of emails impersonating the company, in an attempt to trick current and prospective customers into clicking on the client-side exploits and malware serving links found in the malicious email. Upon clicking on any of the links, users [...]

Spamvertised ‘BT Business Direct Order’ themed emails lead to malware

0
0
By Dancho Danchev Over the past 24 hours, cybercriminals have been spamvertising millions of emails targeting customers of BT’s Business Direct in an attempt to trick its users into executing the malicious attachment found in the emails. Upon executing it, the malware opens a backdoor on the infected host, allowing the cybercriminals behind the campaign [...]

Cybercriminals spamvertise millions of British Airways themed e-ticket receipts, serve malware

0
0
By Dancho Danchev Cybercrimianals are currently mass mailing millions of emails in an attempt to trick British Airways customers into executing the malicious attachment found in the spamvertised emails. Upon execution, the malware opens a backdoor on the infected host, allowing the cybercriminals behind the campaign to gain complete control over the infected host. More [...]

Cybercriminals spamvertise millions of bogus Facebook notifications, serve malware

0
0
By Dancho Danchev Recently, cybercriminals spamvertised yet another massive email campaign, impersonating the world’s most popular social network – Facebook. It was similar to a previously profiled spam campaign imitating Facebook. However, in this case the cybercriminals behind it relied on attached malicious archives, compared to including exploits and malware serving links in the email. More [...]

Nuclear Exploit Pack goes 2.0

0
0
By Dancho Danchev In times when the market leading Black Hole Exploit Kit continues to gain market share, competing products are prone to emerge. What is the competition up to? Has it managed to differentiate itself from the market leading product or is it basically a “me too” exploit kit lacking any significant features worth emphasizing on? [...]

BofA ‘Online Banking Passcode Reset’ themed emails serve client-side exploits and malware

0
0
By Dancho Danchev Cybercriminals are currently mass mailing millions of emails, in an attempt to trick Bank of America customers into clicking on the exploit and malware-serving link found in the spamvertised email. Relying on bogus “Online Banking Passcode Changed” notifications and professionally looking email templates, the campaign is the latest indication of the systematic [...]

‘ADP Immediate Notification’ themed emails lead to Black Hole Exploit Kit

0
0
By Dancho Danchev Newsflash, the cybercriminals behind the recently profiled malicious campaign impersonating Bank of America, launched yet another massive spam campaign, this time targeting ADP customers. Upon clicking on the link found in the malicious email, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. [...]

USPS ‘Postal Notification’ themed emails lead to malware

0
0
By Dancho Danchev Cybercriminals are currently mass mailing millions of emails impersonating The United States Postal Service (USPS), in an attempt to trick its customers into downloading and executing the malicious .zip archive linked in the bogus emails. Upon execution, the malware opens a backdoor on the affected host, allowing the cybercriminals behind the campaign [...]

‘Fwd: Scan from a Xerox W. Pro’ themed emails lead to Black Hole Exploit Kit

0
0
By Dancho Danchev On a periodic basis, malicious cybercriminals spamvertise millions of emails attempting to trick end users into thinking that they’ve received a scanned document. Upon clicking on the links found in these emails, or viewing the malicious .html attachment, users are automatically exposed to the client-side exploits served by the latest version of [...]

‘Your Discover Card Services Blockaded’ themed emails serve client-side exploits and malware

0
0
By Dancho Danchev Cybercriminals are currently spamvertising millions of emails impersonating Discover, in an attempt to trick cardholders into clicking on the client-side exploits serving URLs found in the malicious emails. Upon clicking on the links, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit. More [...]

‘Payroll Account Holded by Intuit’ themed emails lead to Black Hole Exploit Kit

0
0
By Dancho Danchev Intuit users, beware! Cybercriminals are currently mass mailing millions of emails impersonating Intuit’s Direct Deposit Service, in an attempt to trick its users into clicking on the malicious links found in the legitimate-looking emails. Upon clicking on any of them, users are exposed to the client-side exploits served by the latest version [...]

‘American Express Alert: Your Transaction is Aborted’ themed emails serve client-side exploits and malware

0
0
By Dancho Danchev American Express cardholders, beware! Over the past week, cybercriminals mass mailed millions of emails impersonating American Express, in an attempt to trick its customers into clicking on the malicious links found in the emails. Upon clicking on any of the links, users are redirected to a malicious URL serving cllient-side exploits courtesy of [...]

Cybercriminals abuse major U.S SMS gateways, release DIY Mail-to-SMS flooders

0
0
By Dancho Danchev Largely driven by a widespread adoption of growth and efficiency oriented strategies applied by cybercriminals within the entire spectrum of the cybercrime ecosystem, we’ve witnessed the emergence and development of the mobile device market segment over the past few years. Motivated by the fact that more people own a mobile device than [...]

‘PayPal Account Modified’ themed emails lead to Black Hole Exploit Kit

0
0
By Dancho Danchev A cybercriminal/group of cybercriminals that’s been responsible for a series of malware attacks that I’ve been recently profiling, continues to systematically rotate the impersonated brands and the actual malicious payload dropped by the market leading Black Hole Exploit Kit. The prospective target of their latest campaign? PayPal users. More details: Sample screenshot [...]
Viewing all 1110 articles
Browse latest View live




Latest Images