WhatsApp users, watch out! The cybercriminal(s) behind the most recently profiled campaigns impersonating T-Mobile, and Sky, have just launched yet another malicious spam campaign, this time targeting WhatsApp users with fake “Voice Message Notification/1 New Voicemail” themed emails. Once unsuspecting users execute the fake voice mail attachment, their PCs will attempt to drop additional malware on the hosts. The good news? We’ve got you (proactively) covered.
Posts Tagged: cybercrime
Thanks to the growing adoption of mobile banking, in combination with the utilization of mobile devices to conduct financial transactions, opportunistic cybercriminals are quickly capitalizing on this emerging market segment. Made evident by the release of Android/BlackBerry compatible mobile malware bots. This site is empowering potential cybercriminals with the necessary ‘know-how’ when it comes to ‘cashing out’ compromised accounts of E-banking victims who have opted-in to receive SMS notifications/phone verification, whenever a particular set of financial events take place on their bank accounts. A new commercially available Android, BlackBerry (work in progress) — supporting mobile malware bot is being pitched by […]
A currently ongoing malicious spam campaign is attempting to trick users into thinking that they’ve received a legitimate Excel ‘Company Reports’ themed file. In reality through, once socially engineered users execute the malicious attachment on their PCs, it automatically opens a backdoor allowing the cybercriminals behind the campaign to gain complete access to their host, potentially abusing it a variety of fraudulent ways.
We’ve intercepted a currently circulating malicious spam campaign, tricking users into thinking that they’ve received a scanned document sent from a Xerox WorkCentre Pro device. In reality, once users execute the malicious attachment, the cybercriminal(s) behind the campaign gain complete control over the now infected host.
Compromised, hacked hosts and PCs are a commodity in underground markets today. More cybercriminals are populating the market segment with services tailored to fellow cybercriminals looking for access to freshly compromised PCs to be later abused in a variety of fraudulent/malicious ways, all the while taking advantage of their clean IP reputation. Naturally, once the commoditization took place, cybercriminals quickly realized that the supply of such hosts also shaped several different market segments. They offered tools and services that specialize in the integration of this supply into various cybercrime-friendly tools and platforms, empowering virtually anyone using them with the desired degree […]
British users, watch what you execute on your PCs! Over the last week, cybercriminals have launched several consecutive malicious spam campaigns targeting users of Sky, as well as owners of Samsung Galaxy devices, into thinking that they’ve received a legitimate MMS notification to their email address. In reality though, these campaigns ‘phone back’ to the same command and control botnet server, indicating that they’re related.
At Webroot’s Threat Blog, we often discuss the dynamics of the cybercrime ecosystem. Through the prism of basic business, marketing and economic theories, the idea is to help make them easy to comprehend by most readers. Constructively raising awareness on some of the driving factors behind the epidemic growth of cybercrime. We also often emphasize on concepts such as standardization, vertical integration, for hire, rent or on demand business models, commoditization and economies of scale. This further highlights the legitimate market-like state of the underground marketplace, in terms of the variety of business models, pricing schemes, and current/long term centered […]
We’ve intercepted an ongoing malicious campaign, relying on injected/embedded iFrames at Web sites acting as intermediaries for a successful client-side exploits to take place. Let’s dissect the campaign, expose the malicious domains portfolio/infrastructure it relies on, as well as directly connect it with historical malicious activity, in this particular case, a social engineering campaign pushing fake browser updates.
Think someone forwarded you an important attachment? Think twice. Cybercriminals are currently mass mailing tens of thousands of malicious emails attempting to trick the recipient into thinking that someone has forwarded a file to them. In reality, once socially engineered users execute the malicious attachments, their PCs automatically become part of the botnet operated by the cybercriminals behind the campaign, allowing them to gain complete control over the affected PCs, and consequently abuse the access for related fraudulent purposes.
The never-ending supply of access to compromised/hacked PCs — the direct result of the general availability of DIY/cracked/leaked malware/botnet generating tools — continues to grow in terms of the number and variety of such type of underground market propositions. With more cybercriminals entering this lucrative market segment, on their way to apply well proven and efficient monetization schemes to these hacked PCs, cybercrime-friendly affiliate networks naturally capitalize on the momentum, ensuring a win-win business process for the participants and the actual owners of the network. In this post, I’ll highlight yet another newly launched such E-shop, currently possessing access to […]