Articles on this Page
- 01/07/13--23:00: _Black Hole Exploit ...
- 01/08/13--23:00: _Spamvertised AICPA ...
- 01/09/13--23:00: _‘Please confirm you...
- 01/10/13--23:00: _Malicious DIY Java ...
- 01/13/13--23:00: _Fake ‘ADP Speedy No...
- 01/14/13--23:00: _Cybercriminals rele...
- 01/15/13--23:00: _‘Batch Payment File...
- 01/16/13--23:00: _Cybercriminals resu...
- 01/18/13--21:28: _Leaked DIY malware ...
- 01/20/13--23:00: _Email hacking for h...
- 01/21/13--23:00: _Android malware spr...
- 01/22/13--23:00: _Fake Intuit ‘Direct...
- 01/23/13--23:00: _Fake LinkedIn ‘Invi...
- 01/24/13--23:00: _Novice cybercrimina...
- 01/27/13--23:00: _Bogus ‘Your Paypal ...
- 01/28/13--23:00: _Fake ‘FedEx Online ...
- 01/29/13--23:00: _A peek inside a DIY...
- 01/30/13--23:00: _Malicious ‘Facebook...
- 01/31/13--23:00: _Fake Booking.com ‘C...
- 02/03/13--23:00: _Fake FedEx ‘Trackin...
- 01/10/13--23:00: Malicious DIY Java applet distribution platforms going mainstream
- 01/18/13--21:28: Leaked DIY malware generating tool spotted in the wild
- 01/20/13--23:00: Email hacking for hire going mainstream – part three
- 01/21/13--23:00: Android malware spreads through compromised legitimate Web sites
- 01/24/13--23:00: Novice cybercriminals experiment with DIY ransomware tools
- 01/29/13--23:00: A peek inside a DIY password stealing malware
By Dancho Danchev Historical cybercrime performance activity of multiple gangs and individuals has shown us that, in order for them to secure multiple revenue streams, they have the tendency to multi-task on multiple fronts while operating and serving the needs of customers within different cybercrime-friendly market segments. A logical question emerges in the context of [...]
By Dancho Danchev Certified Public Accountants (CPAs) are a common target for cybercriminals. Throughout 2012, we intercepted several campaigns directly targeting CPAs in an attempt to trick them into clicking on the malicious links found in the emails. Once they click on any of the links, they’re automatically exposed to the client-side exploits served by the [...]
By Dancho Danchev In 2012, fake flight reservation confirmations and bogus E-ticket verifications were a popular social engineering theme for cybercriminals. On numerous occasions, we intercepted related campaigns attempting to trick customers into clicking on malicious links, which ultimately exposed them to the client-side exploits served by the latest version of the Black Hole Exploit Kit. Apparently, [...]
By Dancho Danchev Despite the fact that on the majority of occasions cybercriminals tend to rely on efficient and automated exploitation techniques like the ones utilized by the market leading Black Hole Exploit Kit, they are no strangers to good old fashioned ‘visual social engineering’ tricks. Throughout 2012, we emphasized on the emerging trend of [...]
By Dancho Danchev Over the past week, cybercriminals have resumed spamvertising fake “ADP Immediate Notifications” in an attempt to trick users into clicking on the malicious links found in the emails. The links point to the latest version of the Black Hole Exploit Kit, and consequently, exploit CVE-2013-0422, affecting the latest version of Java. With no [...]
By Dancho Danchev For years, thanks to the currently mature human-driven ecosystem offering CAPTCHA-solving as a service, cybercriminals have been persistently and automatically abusing major Web properties by undermining the “chain of trust” that these properties rely on so extensively. Still living in a world supposedly dominated by malware-infected bots, this myopia has resulted in the [...]
By Dancho Danchev Cybercriminals are currently mass mailing tens of thousands of emails, impersonating the EFTPS (Electronic Federal Tax Payment System), in an attempt to trick its users into clicking on exploits and malware serving malicious links found in the emails. More details: Sample screenshot of the spamvertised email: Sample compromised URLs used in the [...]
By Dancho Danchev Over the past 24 hours, cybercriminals resumed spamvertising fake Vodafone MMS themed emails, in an attempt to trick the company’s customers into executing the malicious attachment found in these emails. More details: Sample screenshot of the spamvertised email: Detection rate for the malicious executable: MD5: bafebf4cdf640520e6266eb05b55d7c5 – detected by 21 out of [...]
By Dancho Danchev How easy is it to create an undetected piece of malware these days? Too easy to be true! With more DIY malware botnets and DIY malware generating tools continuing to leak at public cybercrime-friendly forums, today’s novice cybercriminals have access to sophisticated point’n'click malware generating tools that were once only available in [...]
By Dancho Danchev Just as we anticipated on two occasions in 2012, managed email hacking for hire services continue popping-up at publicly accessible cybercrime-friendly communities, a trend that’s largely driven by the demand for such services by unethical competition, “friends”, or current/ex-spouses. Often pitched as “forgotten password recovery” services, they rely on social engineering, brute-forcing, and [...]
By Dancho Danchev Over the past 24 hours, our sensor networks picked up an interesting website infection affecting a popular Bulgarian website for branded watches, which ultimately redirects and downloads premium rate SMS Android malware on the visiting user devices. The affected Bulgarian website is only the tip of the iceberg, based on the diversified portfolio of malicious domains known [...]
By Dancho Danchev Cybercriminals are currently spamvertising tens of thousands of fake emails, impersonating Intuit, in an attempt to trick its customers and users into clicking on the malicious links found in the emails. Once users click on any of the links, they’re exposed to the client-side exploits served by the latest version of the [...]
By Dancho Danchev LinkedIn users, watch what you click on! Over the past 24 hours, cybercriminals have launched yet another massive spam campaign, impersonating LinkedIn, in an attempt to trick its users into clicking on the malicious links found in the bogus “Invitation Notification” themed emails. Once they click on the links, users are automatically [...]
By Dancho Danchev For years, the DIY (do-it-yourself) trend has been evident across the entire cybercrime ecosystem. From the early exploits generating DIY tools that set the foundations for the upcoming “malicious economies of scale” trend to emerge, to the ongoing leaks of DIY botnet and malware generating tools that were once only available to advanced [...]
By Dancho Danchev Financial institutions and online payment processors are a common target for cybercriminals, who systematically brand-jack and abuse the reputation of their trusted brands, in an attempt to scam or serve malware to their customers. Over the past 24 hours, cybercriminals have launched yet another spam campaign, impersonating PayPal, in an attempt to [...]
By Dancho Danchev Users of FedEx’s Online Billing service, watch out! Cybercriminals are currently mass mailing tens of thousands of emails impersonating the company, in an attempt to trick its customers into clicking on exploits and malware dropping links found in the legitimate-looking emails. More details: Sample screenshot of the spamvertised email: Sample client-side exploits serving [...]
By Dancho Danchev On a daily basis, we continue to observe the emergence of the DIY (do-it-yourself) trend within the entire cybercrime ecosystem. And although the DIY activity cannot be compared to the malicious impact caused by “cybercrime-as-a-service” managed underground market propositions, it allows virtually anyone to enter the profitable world of cybercrime, thanks to [...]
By Dancho Danchev In December, 2012, we intercepted a professional-looking email that was impersonating Facebook Inc. in an attempt to trick its users into thinking that they’ve received an “Account Cancellation Request“. In reality, once users clicked on the links, their hosts were automatically exploited through outdated and already patched client-side vulnerabilities, which dropped malware on the affected [...]
By Dancho Danchev Cybercriminals are mass mailing tens of thousands of emails, impersonating Booking.com, in an attempt to trick its users into thinking that their credit card was not accepted. Users are then urged to click on a fake “Print Booking Details” link, which leads them to the malware used in the campaign. More details: [...]
By Dancho Danchev On a daily basis, we intercept hundreds of thousands of fraudulent or malicious emails whose purpose is to either infect users with malicious software or turn them into victims of fraudulent schemes. About 99% of these campaigns rely on social engineering tactics, and in the cases where they don’t include direct links to [...]