Posts Tagged: DIY


DIY malicious domain name registering service spotted in the wild

by

Security researchers and security vendors are constantly profiling and blocking the malicious operations launched by organized crime groups on the Internet. In an attempt to increase the life cycle of their malicious campaigns, cybercriminals rely on a set of domains hosted on bulletproof servers. In addition to this tactic, they also rely on fast-fluxing, a technique where a domain’s IP automatically rotates on a specific time interval, with IPs from the botnet’s infected population — state of the art bulletproof hosting in a combination with cybercrime-friendly domain registrar. In order to make it even harder for the security community to disrupt their campaigns, cybercriminals also implement the […]

Continue Reading »

Cybercriminals abuse major U.S SMS gateways, release DIY Mail-to-SMS flooders

by

Largely driven by a widespread adoption of growth and efficiency oriented strategies applied by cybercriminals within the entire spectrum of the cybercrime ecosystem, we’ve witnessed the emergence and development of the mobile device market segment over the past few years. Motivated by the fact that more people own a mobile device than a PC, cybercriminals quickly adapted and started innovating in an attempt to capitalize on this ever-growing market segment within their portfolio of fraudulent operations. In this post I’ll profile a DIY Mail-to-SMS flooder that’s abusing a popular feature offered by international and U.S based mobile carriers – the […]

Continue Reading »

Russian cybercriminals release new DIY SMS flooder

by

Just like in every market, in the underground ecosystem demand too, meets supply on a regular basis. Thanks to the systematically released DIY SMS flooding applications, cybercriminals have successfully transformed this market segment into a growing and professionally oriented niche market. From the active abuse of the features offered by legitimate infrastructure providers such as ICQ and Skype, to the abuse of Web-based SMS sending gateways, cybercriminals continue developing and releasing point’n’click DIY SMS flooding tools. In this post, I’ll profile one of the most recently released DIY SMS flooders, this time relying on 23 publicly available SMS-sending Web services, […]

Continue Reading »

Managed Ransomware-as-a-Service spotted in the wild

by

Over the past several quarters, we’ve witnessed the rise of the so called Police Ransomware also known as Reveton. From fully working host lock down tactics, to localization in multiple languages and impersonation of multiple international law enforcement agencies, its authors proved that they have the means and the motivation to continue developing the practice, while earning tens of thousands of fraudulently obtained funds. What’s driving the growth of Police Ransomware? What’s the current state of this market segment? Just how easy is it to start distributing Police Ransomware and earn fraudulently obtained funds in between? In this post, I’ll […]

Continue Reading »

Cybercriminals abuse Skype’s SMS sending feature, release DIY SMS flooders

by

Cybercriminals are masters of abusing legitimate infrastructure for their malicious purposes. From phishing sites and Black Hole exploit kit landing URLs hosted on compromised servers, abuse of legitimate web email service providers’ trusted DKIM verified ecosystem, to the systematic release of DIY spamming tools utilizing a publicly obtainable database of user names as potential “touch points”, cybercriminals are on the top of their game. In this post, I’ll profile a recently advertised DIY SMS flooder using Skype’s infrastructure for disseminating the messages, and assess the potential impact it could have on end and corporate users. More details:

Continue Reading »

Cybercriminals generate malicious Java applets using DIY tools

by

Who said there’s such a thing as a trusted Java applet? In situations where malicious attackers cannot directly exploit client-side vulnerabilities on the targeted host, they will turn to social engineering tricks, like legitimate-looking Java Applets, which will on the other hand silently download the malicious payload of the attacker, once the user confirms he trusts the Applet. Let’s profile a DIY (do-it-yourself) malicious Java Applet generator currently available for download at selected cybercrime-friendly online communities:

Continue Reading »