Clik here to view.
Segmented Russian “spam leads” offered for sale
By Dancho Danchev What is the Russian underground up to when it comes to ‘spear phishing’ attacks? How prevalent is the tactic among Russian cybercriminals? What “data acquisition tactics” do they rely...
View ArticleClik here to view.
New DIY hacked email account content grabbing tool facilitates cyber...
By Dancho Danchev What would an average cybercriminal do if he had access to tens of thousands of compromised email accounts? He’d probably start outsourcing the CAPTCHA solving process, in an attempt...
View ArticleClik here to view.
New DIY unsigned malicious Java applet generating tool spotted in the wild
By Dancho Danchev Just as we anticipated on numerous occassions in our series of blog posts exploring the emerging DIY (do it yourself) trend within the cybercrime ecosystem, novice cybercriminals...
View ArticleClik here to view.
Commercial Steam ‘information harvester/mass group inviter’ could lead to...
By Dancho Danchev Despite the fact that the one-to-many type of malicious campaign continues dominating the threat landscape, cybercriminals are constantly looking for new ways to better tailor their...
View ArticleClik here to view.
Fake BofA CashPro ‘Online Digital Certificate” themed emails lead to malware
By Dancho Danchev Over the past 24 hours, we intercepted tens of thousands of malicious emails attempting to socially engineering BofA’s CashPro users into downloading and executing a bogus online...
View ArticleClik here to view.
Spamvertised BBB ‘Your Accreditation Terminated” themed emails lead to Black...
By Dancho Danchev Over the past week, a cybercriminal/gang of cybercriminals whose activities we’ve been actively profiling over a significant period of time, launched two separate massive spam...
View ArticleClik here to view.
New ZeuS source code based rootkit available for purchase on the underground...
By Dancho Danchev We have recently spotted a new underground market ad, featuring a new commercially available malware bot+rootkit based on the ZeuS crimeware’s leaked source code. According to its...
View ArticleClik here to view.
Cybercriminals resume spamvertising ‘Re: Fwd: Wire Transfer’ themed emails,...
By Dancho Danchev Over the last couple of days, a cybercricriminal/gang of cybercriminals that we’ve been extensively profiling, resumed spamvertising tens of thousands of emails, in an attempt to...
View ArticleClik here to view.
‘ADP Package Delivery Notification’ themed emails lead to Black Hole Exploit Kit
By Dancho Danchev A currently ongoing malicious email campaign is impersonating ADP in an attempt to trick its customers into thinking that they’ve received a ‘Package Delivery Notification.’ In...
View ArticleClik here to view.
Cybercrime-friendly community branded HTTP/SMTP based keylogger spotted in...
By Dancho Danchev Utilizing basic site ‘stickiness’ and visitor retention practices, over the years, cybercrime-friendly communities have been vigorously competing to attract, satisfy, and retain their...
View ArticleClik here to view.
Hacked PCs as ‘anonymization stepping-stones’ service operates in the open...
By Dancho Danchev On the majority of occasions, cybercriminals will take basic OPSEC (Operational Security) precautions when using the Internet, in an attempt to make it harder for law enforcement to...
View ArticleClik here to view.
Fake ‘CNN Breaking News Alerts’ themed emails lead to Black Hole Exploit Kit
By Dancho Danchev Cybercriminals are currently mass mailing tens of thousands malicious ‘CNN Breaking News’ themed emails, in an attempt to trick users into clicking on the exploit-serving and...
View ArticleClik here to view.
Spotted: cybercriminals working on new Western Union based ‘money mule...
By Dancho Danchev Risk-forwarding is an inseparable part of the cybercrime ecosystem. Whether it’s the use of malware-infected hosts as stepping-stones, the issuing of License Agreements for your...
View ArticleClik here to view.
Malicious ‘BBC Daily Email’ Cyprus bailout themed emails lead to Black Hole...
By Dancho Danchev Cybercriminals are currently spamvertising tens of thousands of malicious emails impersonating BBC News, in an attempt to trick users into thinking that someone has shared a Cyprus...
View ArticleClik here to view.
‘ADP Payroll Invoice’ themed emails lead to malware
By Dancho Danchev Over the past week, we intercepted a massive ‘ADP Payroll Invoice” themed malicious spam campaign, enticing users into executing a malicious file attachment. Once users execute the...
View ArticleClik here to view.
‘Terminated Wire Transfer Notification/ACH File ID” themed malicious...
By Dancho Danchev A couple of days ago our sensors picked up two separate malicious email campaigns, both impersonating Data Processing Services, that upon successful client-side exploitation (courtesy...
View ArticleClik here to view.
New DIY RDP-based botnet generating tool leaks in the wild
By Dancho Danchev In times when we’re witnessing the most prolific and systematic abuse of the Internet for fraudulent and purely malicious activities, there are still people who cannot fully grasp the...
View ArticleClik here to view.
A peek inside the EgyPack Web malware exploitation kit
By Dancho Danchev On a daily basis we process multiple malicious campaigns that, in 95%+ of cases, rely on the market leading Black Hole Exploit Kit. The fact that this Web malware exploitation kit is...
View ArticleClik here to view.
DIY Java-based RAT (Remote Access Tool) spotted in the wild
By Dancho Danchev While the authors/support teams of some of the market leading Web malware exploitation kits are competing on their way to be the first kit to introduce a new exploit on a mass scale,...
View ArticleClik here to view.
Spamvertised ‘Re: Changelog as promised’ themed emails lead to malware
By Dancho Danchev We have recently intercepted a malicious spam campaign, that’s attempting to trick users into thinking that they’ve received a non-existent “changelog.” Once gullible and socially...
View Article