Posts Categorized: Keyloggers


Malicious USPS-themed emails circulating in the wild

by

Cybercriminals are currently spamvertising malicious USPS-themed emails, that entice end and corporate users into clicking on malicious links found in the emails. More details:

Continue Reading »

Spamvertised ‘Your tax return appeal is declined’ emails serving client-side exploits and malware

by

Cybercriminals are currently spamvertising with IRS (Internal Revenue Service) themed emails, enticing end and corporate users into downloading and viewing a malicious .htm attachment. More details:

Continue Reading »

Spamvertised ‘Your accountant license can be revoked’ emails lead to client-side exploits and malware

by

Cybercriminals are currently spamvertising a malicious email campaign that’s designed to trick you into clicking on a bogus complaint.pdf link which ultimately leads to client-side exploits and malware. The campaign is launched by the same gang that launched the “Spamvertised ‘Termination of your CPA license’ ” malicious campaign last month. More details:

Continue Reading »

A peek inside the Darkness (Optima) DDoS Bot

by

With politically motivated DDoS (distributed denial of service attack) attacks proliferating along with the overall increase in the supply of managed “DDoS for hire” services, it’s time to get back the basics, and find out just what makes an average DDoS bot used by cybercriminals successful. Continuing the “A peek inside…” series, in this post I’ll profile the Darkness X (Optima) DDoS bot, available for purchase at selected cybercrime-friendly online communities since 2009. More details:

Continue Reading »

BlackHole exploit kits gets updated with new features

by

According to independent sources, the author of the most popular web malware exploitation kit currently dominating the threat landscape, has recently issued yet another update to the latest version of the kit v1.2.2. More details:

Continue Reading »

A peek inside the Elite Malware Loader

by

Just like today’s modern economy, in the cybercrime ecosystem supply, too, meets demand on a regular basis. With malware coding for hire propositions increasing thanks to the expanding pool of talented programmers looking for ways to enter the cybercrime ecosystem, it shouldn’t be surprising that  cybercriminals are constantly releasing new malware loaders, cryptors, remote access trojans, or issuing updates to web malware exploitation kits on a periodic basis, using the outsourcing market model. Continuing the “Peek inside…” series, in this post I’ll profile the Elite Malware Loader. In the wild since 2009,  the malware loader is still under active development […]

Continue Reading »

A peek inside the Ann Malware Loader

by

The ever-adapting cybercrime ecosystem is constantly producing new underground releases in the form of malware loaders, remote access trojans (RATs), malware cryptors, Web, IRC and P2P based command and control interfaces, all with the clear objective  to undermine current security solutions. Continuing the “A peek inside…” series, in this post I will profile a malware loader recently advertised within the cybercrime ecosystem , namely, the Ann Malware Loader.

Continue Reading »

Report: 3,325% increase in malware targeting the Android OS

by

Which is the most targeted mobile operating system? According to the recently released 2011 Mobile Threats Report from our partners at Juniper Networks, that’s the Android OS. Key summary points from the report:

Continue Reading »

Researchers intercept two client-side exploits serving malware campaigns

by

Security researchers from Webroot have intercepted two currently live client-side exploits serving malware campaigns that have already managed to infect over 20,000 PCs across the globe, primarily in the United States. Based upon detailed analysis, it can be concluded that both campaigns are launched by the same cybercriminal. More details:

Continue Reading »

Researchers spot Citadel, a ZeuS crimeware variant

by

Security researchers from “Tracking Cyber Crime” have spotted a new ZeuS crimeware variant, that’s based on the leaked ZeuS source code from last year. Dubbed Citadel, the crimeware is positioned as a universal spyware system, whose modular nature allows cybercriminals to offer flexibly priced value-added services such as managed malware crypting, and managed web injects as a service. Some of Citadel’s core features include:

Continue Reading »