Cybercriminals offer spam-friendly SMTP servers for rent – part two

by

We continue to spot new cybercrime ecosystem propositions for spam-ready, cybercrime-friendly SMTP (Simple Mail Transfer Protocol) targeting QA (Quality Assurance) aware cybercriminals looking to gain access to dedicated mail servers with clean IP reputation, ensuring that their campaigns will reach the recipient’s Inbox. Relying on ‘in-house’ built infrastructure or direct outsourcing to bulletproof hosting providers, these services continue empowering prospective customers with managed, popular spam software compatible services, potentially exposing millions of users to fraudulent or malicious email campaigns. Let’s discuss yet another managed service offering spam-ready SMTP servers, and connect it to malicious campaigns that have directly interacted with […]

Continue Reading »

New cybercrime-friendly iFrames-based E-shop for traffic spotted in the wild

by

Thanks to the free, commercial availability of mass Web site hacking tools, in combination with hundreds of thousands of misconfigured and unpatched Web sites, blogs and forums currently susceptible to exploitation, cybercriminals are successfully monetizing the compromise process. They are setting up iFrame based traffic E-shops and offering access to hijacked legitimate traffic to be later on converted to malware-infected hosts. Despite the fact that the iFrame traffic E-shop that I’ll discuss in this post is pitching itself as a “legitimate traffic service”, it’s also explicitly emphasizing on the fact that iFrame based traffic is perfectly suitable to be used […]

Continue Reading »

Commercially available Blackhat SEO enabled multi-third-party product licenses empowered VPSs spotted in the wild

by

Standardization is the cybercrime ecosystem’s efficiency-oriented mentality to the general business ‘threat’ posed by inefficiencies and lack of near real-time capitalization on (fraudulent/malicious) business opportunities. Ever since the first (public) discovery of managed spam appliances back in 2007, it has become evident that cybercriminals are no strangers to basic market penetration/market growth/market development business concepts. Whether it’s the template-ization of malware-serving sites, money mule recruitment, spamming or blackhat SEO, this efficiency-oriented mentality can be observed in virtually each and every market segment of the ecosystem. In this post, I’ll discuss a recent example of standardization, in particular, a blackhat SEO […]

Continue Reading »

DDoS for hire vendor ‘vertically integrates’ starts offering TDoS attack capabilities

by

DDoS for hire has always been an inseparable part of the portfolio of services offered by the cybercrime ecosystem. With DDoS extortion continuing to go largely under-reported, throughout the last couple of years — mainly due to the inefficiencies in the business model — the practice also matured into a ‘value-added’ service offered to cybercriminals who’d do their best to distract the attention of a financial institution they’re about to (virtually) rob. Operating online — under both private and public form — since 2008, the DDoS for hire service that I’ll discuss in the this post is not just offering DDoS  attack and […]

Continue Reading »

‘T-Mobile MMS message has arrived’ themed emails lead to malware

by

A circulating malicious spam campaign attempts to trick T-Mobile customers into thinking that they’ve received a password-protected MMS. However, once gullible and socially engineered users execute the malicious attachment, they automatically compromise the confidentiality and integrity of their PCs, allowing the cybercriminals behind the campaign to gain complete control of their PCs.

Continue Reading »

ThreatVlog Episode 7: Phishing schemes are on the rise

by

In this edition of the Webroot ThreatVlog, Grayson Milbourne talks about the rise of digital phisihing schemes on the internet and how they affect the victims. He then unveils a brand new product from Webroot that is designed to keep users protected from websites that are malicious in nature that could be trying to capture credit card and other personal information.

Continue Reading »

Newly launched ‘HTTP-based botnet setup as a service’ empowers novice cybercriminals with bulletproof hosting capabilities – part two

by

The emergence and sophistication of DIY botnet generating tools has lowered the entry barriers into the world of cybercrime. With ever-increasing professionalism and QA (Quality Assurance) applied by cybercriminals, in combination with  bulletproof cybercrime-friendly hosting providers, these tactics represent key success factors for an increased life cycle of any given fraudulent/malicious campaign. Throughout the years, we’ve witnessed the adoption of multiple bulletproof hosting infrastructure techniques for increasing the life cycle of campaigns,with a clear trend towards diversification, rotation or C&C communication techniques, and most importantly, the clear presence of a KISS (Keep It Simple Stupid) type of pragmatic mentality; especially in […]

Continue Reading »

A peek inside a Blackhat SEO/cybercrime-friendly doorways management platform

by

The perceived decline in the use of blackhat SEO (search engine optimization) tactics for delivering malicious/fraudulent content over the last couple of years, does not necessarily mean that cybercriminals have somehow abandoned the concept of abusing the world’s most popular search engines. The fact is, this tactic remains effective at reaching users who, on the majority of occasions, trust that that the search result links are malware/exploit free. Unfortunately, that’s not the case. Cybercriminals continue introducing new tactics helping fraudulent adversaries to quickly build up and aggregate millions of legitimate visitors, to be later on exposed to online scams or directly […]

Continue Reading »

Yet another subscription-based stealth Bitcoin mining tool spotted in the wild

by

As we anticipated in our series of blog posts highlighting the growing use of DIY/subscription based stealth Bitcoin miners, cybercriminals continue populating this newly emerged market segment, with new, undetected, cryptor-friendly stealth Bitcoin mining tools. This is being done to empower fellow cybercriminals with the necessary tools to help them monetize the malware-infected hosts that they either already have access to, or intend to purchase through one of the, ubiquitous for the cybercrime ecosystem, malware-infected hosts as a service type of underground market propositions. In post, I’ll discuss the existence of yet another DIY stealth Bitcoin mining tool, in particular how […]

Continue Reading »