Posts Categorized: Keyloggers


‘Windstream bill’ themed emails serving client-side exploits and malware

by

Cybercriminals are currently spamvertising millions of emails impersonating the Windstream Corporation, in an attempt to trick end and corporate users into clicking on links found in the malicious email. Upon clicking on the links hosted on compromised web sites, users are exposed to client-side exploits served by the BlackHole web malware exploitation kit. More details:

Continue Reading »

Spamvertised CareerBuilder themed emails serving client-side exploits and malware

by

End and corporate users, and especially CareerBuilder users, beware! Cybercriminals are currently spamvertising millions of emails impersonating the popular jobs portal CareerBuilder in an attempt to trick users into  clicking on client-side exploits serving links. The current campaign, originally circulating in the wild since 26 Apr, 2012, is a great example of a lack of QA (quality assurance) since they’re spamvertising a binary that’s largely detected by the security community. More details:

Continue Reading »

Spamvertised ‘Pizzeria Order Details’ themed campaign serving client-side exploits and malware

by

End and corporate users (and especially Pizza eaters), beware! Cybercriminals are currently spamvertising hundreds of thousands of emails, impersonating FLORENTINO`s Pizzeria, and enticing  users into clicking on a client-side exploits and malware serving link in order to cancel a $169.90 order that they never really made. More details:

Continue Reading »

Cybercriminals release ‘Sweet Orange’ – new web malware exploitation kit

by

From DIY (do-it-yourself) exploit generating tools, to efficient platforms for exploitation of end and corporate users, today’s efficiency-oriented cybercriminals are constantly looking for ways to monetize hijacked web traffic. In order to do so, they periodically introduce new features in the exploit kits, initiate new partnerships with managed malware/script crypting services, and do their best to stay ahead of the security industry. What are some of the latest developments in this field? Meet Sweet Orange, one of the most recently released web malware exploitation kits, available for sale at selected invite-only cybercrime-friendly communities. What’s so special about Sweet Orange? Does it […]

Continue Reading »

Hewlett-Packard shipping malware-infected compact flash cards

by

Earlier this week, HP’s Software Security Response Team issued a security bulletin, alerting users that certain HP ProCurve 5400 zl switches were shipped with malware installed on the associated compact flash cards. No details were given about the type of malware shipped to unaware customers. More details on the affected switches, including their serial numbers:

Continue Reading »

New underground service offers access to hundreds of hacked PCs

by

Want to buy anonymous access to hacked PCs, spam-free SMTP servers (Simple Mail Transfer Protocol), or compromised bank accounts? A newly launched underground Web service, is currently offering access to hundreds of hacked PCs, SMTP servers, and hacked bank accounts. Let’s take a deeper look:

Continue Reading »

Spamvertised ‘US Airways’ themed emails serving client-side exploits and malware

by

Cybercriminals are currently spamvertising yet another social-engineering driven malicious email campaign, this time impersonating U.S Airways. Upon clicking on the malicious links found in the emails, end and corporate users are exposed to client-side exploits courtesy of the BlackHole web malware exploitation kit. More details:

Continue Reading »

Spamvertised ‘Scan from a Hewlett-Packard ScanJet’ emails lead to client-side exploits and malware

by

Security researchers from Webroot have intercepted a currently spamvertised malicious campaign, impersonating Hewlett Packard, and enticing end and corporate users into downloading and viewing a malicious .htm attachment. More details:

Continue Reading »

Spamvertised Verizon-themed ‘Your Bill Is Now Available’ emails lead to ZeuS crimeware

by

Cybercriminals newest spamvertised malware campaign is brand-jacking Verizon Wireless in an attempt to trick end users into clicking on the malicious links embedded in the email. More details:

Continue Reading »

Spamvertised LinkedIn notifications serving client-side exploits and malware

by

Cybercriminals are currently spamvertising LinkedIn themed messages, in an attempt to trick end and corporate users into clicking on the malicious links embedded in the emails. The campaign is using real names of LinkedIn users in an attempt to increase the authenticity of the spamvertised campaign. More details:

Continue Reading »