Clik here to view.
Cybercrime-friendly service offers access to tens of thousands of compromised...
By Dancho Danchev Among the first things a cybercriminal will (automatically) do, once they gain access to a compromised host, is to retrieve account/credential data. From compromised FTP credentials,...
View ArticleClik here to view.
Madi/Mahdi/Flashback OS X connected malware spreading through Skype
By Dancho Danchev Over the past few days, we intercepted a malware campaign that spreads through Skype messages, exclusively coming from malware-infected friends or colleagues. Once users click on the...
View ArticleClik here to view.
Cybercriminals selling valid ‘business card’ data of company executives...
By Dancho Danchev Over the last couple of years, the industry’s and the media’s attention has been shifting from mass widespread malware campaigns to targeted attacks most commonly targeting human...
View ArticleClik here to view.
A peek inside the ‘Zerokit/0kit/ring0 bundle’ bootkit
By Dancho Danchev In a diversified underground marketplace, where multiple market players interact with one another on a daily basis, there are the “me too” developers, and the true “innovators” whose...
View ArticleClik here to view.
DIY Skype ring flooder offered for sale
By Dancho Danchev Thanks to the ease of generating a botnet, in 2013, stolen accounting data on a mass scale is a no longer a hot underground item, it’s a commodity, one that’s being offered by...
View ArticleClik here to view.
Spamvertised ‘Your order for helicopter for the weekend’ themed emails lead...
By Dancho Danchev Cybercriminals are currently mass mailing tens of thousands of emails, in an attempt to trick users into thinking that the order for their “air transportation services has been...
View ArticleClik here to view.
A peek inside a ‘life cycle aware’ underground market ad for a private keylogger
By Dancho Danchev What’s greed to some cybercriminals, is profit maximization to others, especially in times when we’re witnessing the maturing state of the modern cybercrime ’enterprise’. Many enter...
View ArticleClik here to view.
BitCoin Jackers Ask: “What’s in Your Wallet?”
By Adam McNeil With all the recent media coverage and extreme changes of the BitCoin value, it should come as no surprise that malware authors are trying to capitalize on the trends. These people...
View ArticleClik here to view.
American Airlines ‘You can download your ticket’ themed emails lead to malware
By Dancho Danchev Cybercriminals are currently spamvertising tens of thousands of emails impersonating American Airlines in an attempt to trick its customers into thinking that they’ve received a...
View ArticleClik here to view.
Cybercriminals offer spam-friendly SMTP servers for rent
By Dancho Danchev In times when modern cybercriminals take advantage of the built-in SMTP engines in their malware platforms, as well as efficient and systematic abuse of Web-based email service...
View ArticleClik here to view.
How mobile spammers verify the validity of harvested phone numbers – part two
By Dancho Danchev Just as we anticipated earlier this year in our “How mobile spammers verify the validity of harvested phone number” post, mobile spammers and cybercriminals in general will continue...
View ArticleClik here to view.
A peek inside a (cracked) commercially available RAT (Remote Access Tool)
By Dancho Danchev In an attempt to add an additional layer of legitimacy to their malicious software, cybercriminals sometimes simply reposition them as Remote Access Tools, also known as R.A.Ts. What...
View ArticleClik here to view.
DIY Russian mobile number harvesting tool spotted in the wild
By Dancho Danchev Earlier this year we profiled a newly released mobile/phone number harvesting application, a common tool in the arsenal of mobile spammers, as well as vendors of mobile spam services....
View ArticleClik here to view.
DIY SIP-based TDoS tool/number validity checker offered for sale
By Dancho Danchev Over the past year, we observed an increase in publicly available managed TDoS (Telephony Denial of Service) services. We attribute this increase to the achieved ‘malicious economies...
View ArticleClik here to view.
CAPTCHA-solving Russian email account registration tool helps facilitate...
By Dancho Danchev Just how challenged are cybercriminals when they’re being exposed to CAPTCHAs in 2013? Not even bothering to “solve the problem” by themselves anymore, thanks to the cost-efficient,...
View ArticleClik here to view.
Historical OSINT – The ‘Boston Marathon explosion’ and ‘Fertilizer plant...
By Dancho Danchev Following the recent events, opportunistic cybercriminals have been spamvertising tens of thousands of malicious emails in an attempt to capitalize on on the latest breaking news....
View ArticleClik here to view.
Fake ‘DHL Delivery Report’ themed emails lead to malware
By Dancho Danchev Over the past couple of days, cybercriminals have launched two consecutive malware campaigns impersonating DHL in an attempt to trick users into thinking that they’ve received a...
View ArticleClik here to view.
Cybercriminals impersonate Bank of America (BofA), serve malware
By Dancho Danchev Relying on tens of thousands of fake “Your transaction is completed” emails, cybercriminals have just launched yet another malicious spam campaign attempting to socially engineer Bank...
View ArticleClik here to view.
How fraudulent blackhat SEO monetizers apply Quality Assurance (QA) to their...
By Dancho Danchev How are cybercriminals most commonly abusing legitimate Web traffic? On the majority of occasions, some will either directly embed malicious iFrames on as many legitimate Web sites as...
View ArticleClik here to view.
Managed ‘Russian ransomware’ as a service spotted in the wild
By Dancho Danchev In 2013, you no longer need to posses sophisticated programming skills to manage a ransomware botnet, potentially tricking tens of thousands of gullible users, per day, into...
View Article