Monthly Archives:: July 2012


Spamvertised ‘Your Ebay funds are cleared’ themed emails lead to Black Hole exploit kit

by

Cybercriminals are currently mass mailing millions of emails impersonating eBay and PayPal in an attempt to trick end and corporate users into clicking on the malicious links found in the emails. Upon clicking on any of them, user are exposed to the client-side exploits served by the Black Hole exploit kit. More details:

Continue Reading »

Russian spammers release Skype spamming tool

by

Taking advantage of DIY spamming tools and harvested databases of user names, cybercriminals have been systematically abusing multiple instant messaging services in an attempt to trick as many users as possible into interacting with their malicious campaign. In this post, I’ll profile a newly released DIY Skype spamming tool, discuss its main features, and whether or not it can lead to an increase in the overall spam levels affecting Microsoft’s Skype. More details:

Continue Reading »

Cybercriminals target Twitter, spread thousands of exploits and malware serving tweets

by

Twitter users, beware! Over the past several days, cybercriminals have been persistently spamvertising thousands of exploits and malware serving links across the most popular micro blogging service. Upon clicking on the clicks, users are exposed to the exploits served by the Black Hole web malware exploitation kit. What’s so special about this campaign? What’s the detection rate of the malware it drops? Where does it phone back once it’s executed? Have we seen additional malware phone back to the same command and control servers, indication a connection between these campaigns? Let’s find out. More details:

Continue Reading »

Spamvertised ‘Download your USPS Label’ themed emails serve malware

by

Cybercriminals are currently spamvertising millions of emails impersonating the United States Postal Service (USPS), in an attempt to trick end and corporate users into downloading and unpacking the malicious .zip attachment distributed by them. What’s so special about this campaign? Where is the malicious sample phoning back to? Are there more malware samples that also phoned back to the same command control servers in the past? Let’s find out. More details:

Continue Reading »

Russian Ask.fm spamming tool spotted in the wild

by

On their way to occupy an even bigger market share, spammers constantly look for new ways to increase visitor conversion, and target as many users as possible with the least amount of time and money invested. For years, their tactics included the development of cybercrime friendly online communities, sophisticated harvesting and validation of emails and user names across popular Web services, abusing the Domain Keys Identified Mail (DKIM) trust established between the most popular providers of free Web based email, development of DIY image spam generating platforms, conversion of malware-infected hosts into spam spewing zombies, and most importantly, efficient ways to bypass […]

Continue Reading »

Webroot Bulletin Regarding AV-Comparatives Results

by

If there is one thing that can be observed about the AV industry, it is that no solution is ever 100% effective at blocking malware. With this in mind, Webroot SecureAnywhere (WSA) was designed to protect users even in cases where undetected malicious software has made it onto the system. AV-Comparatives recently published results for June’s “Real World” Protection Test. This test aims to replicate a real world experience for how malware would infect a PC. The scores indicate how many threats were detected vs. missed.

Continue Reading »