Posts Categorized: Trojans


Spamvertised ‘Pizzeria Order Details’ themed campaign serving client-side exploits and malware

by

End and corporate users (and especially Pizza eaters), beware! Cybercriminals are currently spamvertising hundreds of thousands of emails, impersonating FLORENTINO`s Pizzeria, and enticing  users into clicking on a client-side exploits and malware serving link in order to cancel a $169.90 order that they never really made. More details:

Continue Reading »

Cybercriminals release ‘Sweet Orange’ – new web malware exploitation kit

by

From DIY (do-it-yourself) exploit generating tools, to efficient platforms for exploitation of end and corporate users, today’s efficiency-oriented cybercriminals are constantly looking for ways to monetize hijacked web traffic. In order to do so, they periodically introduce new features in the exploit kits, initiate new partnerships with managed malware/script crypting services, and do their best to stay ahead of the security industry. What are some of the latest developments in this field? Meet Sweet Orange, one of the most recently released web malware exploitation kits, available for sale at selected invite-only cybercrime-friendly communities. What’s so special about Sweet Orange? Does it […]

Continue Reading »

Hewlett-Packard shipping malware-infected compact flash cards

by

Earlier this week, HP’s Software Security Response Team issued a security bulletin, alerting users that certain HP ProCurve 5400 zl switches were shipped with malware installed on the associated compact flash cards. No details were given about the type of malware shipped to unaware customers. More details on the affected switches, including their serial numbers:

Continue Reading »

New underground service offers access to hundreds of hacked PCs

by

Want to buy anonymous access to hacked PCs, spam-free SMTP servers (Simple Mail Transfer Protocol), or compromised bank accounts? A newly launched underground Web service, is currently offering access to hundreds of hacked PCs, SMTP servers, and hacked bank accounts. Let’s take a deeper look:

Continue Reading »

Spamvertised ‘US Airways’ themed emails serving client-side exploits and malware

by

Cybercriminals are currently spamvertising yet another social-engineering driven malicious email campaign, this time impersonating U.S Airways. Upon clicking on the malicious links found in the emails, end and corporate users are exposed to client-side exploits courtesy of the BlackHole web malware exploitation kit. More details:

Continue Reading »

Spamvertised ‘Scan from a Hewlett-Packard ScanJet’ emails lead to client-side exploits and malware

by

Security researchers from Webroot have intercepted a currently spamvertised malicious campaign, impersonating Hewlett Packard, and enticing end and corporate users into downloading and viewing a malicious .htm attachment. More details:

Continue Reading »

Spamvertised Verizon-themed ‘Your Bill Is Now Available’ emails lead to ZeuS crimeware

by

Cybercriminals newest spamvertised malware campaign is brand-jacking Verizon Wireless in an attempt to trick end users into clicking on the malicious links embedded in the email. More details:

Continue Reading »

Spamvertised LinkedIn notifications serving client-side exploits and malware

by

Cybercriminals are currently spamvertising LinkedIn themed messages, in an attempt to trick end and corporate users into clicking on the malicious links embedded in the emails. The campaign is using real names of LinkedIn users in an attempt to increase the authenticity of the spamvertised campaign. More details:

Continue Reading »

Malicious USPS-themed emails circulating in the wild

by

Cybercriminals are currently spamvertising malicious USPS-themed emails, that entice end and corporate users into clicking on malicious links found in the emails. More details:

Continue Reading »

Rogue APKs continue to find new homes

by

by Armando Orozco We’ve been tracking rogue premium-sms Android apps for sometime now. Here’s an interesting site we came across offering a download of the Google Music application, but this one comes with a cost. This site serves up a premium-sms Trojan of the ransom variety. Targeting Russian speakers these Rogue’s, we call Android.FakeInst, offer to give access to the app but for a fee.                           

Continue Reading »