Posts Tagged: keylogger


A peek inside a modular, Tor C&C enabled, Bitcoin mining malware bot

by

Cybercriminals continue to maliciously ‘innovate’, further confirming the TTP (tactics, techniques and procedure) observations we made in our Cybercrime Trends – 2013 assessment back in December, 2013, namely, that the diverse cybercrime ecosystem is poised for exponential growth. Standardizing the very basics of fraudulent and malicious operations, throughout the years, cybercriminals have successfully achieved a state of ‘malicious economies of scale, type of economically efficient model, successfully contributing to international widespread financial and intellectual property theft. Thanks to basic cybercrime disruption concepts, such as modular DIY (do-it-yourself) commercial and publicly obtainable malware/botnet generating tools. In 2014, both sophisticated and novice cybercriminals have […]

Continue Reading »

Cybercriminals release new Web based keylogging system, rely on penetration pricing to gain market share

by

In need of a fresh example of penetration pricing, within the cybercrime ecosystem, used by a cybercrime-friendly vendor in an attempt to quickly gain as much market share as possible in the over-supplied market segment for keylogging-specific systems? We’re about to give you a very fresh one. A newly released, commercially available PHP/MySQL based, keylogging-specific malware/botnet generating system, with full Unicode support, is currently being offered for $5o, with the binary re-build priced at $20, in a clear attempt by the vendor to initiate basic competitive pricing strategies to undermine the market relevance of competing propositions. Just like the Web […]

Continue Reading »

Newly released Web based DDoS/Passwords stealing-capable DIY botnet generating tool spotted in the wild

by

Driven by the never ending supply of newly released DIY (do it yourself) underground market releases, in combination with the systematically rebooted life cycles of releases currently in circulation, cybercriminals continue actively developing new cybercrime-friendly malware generating/botnet building applications. Motivated by the desire to further continue the monetization of this ever-green market segment, a key driving force behind the consequential rise of E-shops offering access to compromised accounting data like those we’ve extensively profiled at Webroot’s Threat Blog in the past, these cybercriminals continue to ‘innovate’ and reboot the life cycles of known releases through the systematic and persistent introduction of […]

Continue Reading »

Cybercriminals offer HTTP-based keylogger for sale, accept Bitcoin

by

By Dancho Danchev In 2013, Liberty Reserve and Web Money remain the payment method of choice for the majority of Russian/Eastern European cybercriminals. Cybercrime-as-a-Service underground market propositions, malware crypters, R.A.Ts (Remote Access Trojans), brute-forcing tools etc. virtually every underground market product/service is available for purchase through the use of these ubiquitous virtual currencies. What’s the situation on the international underground market? Next to accepting PayPal and consequently all major credit cards, we’ve been observing an increase in market propositions starting to accept Bitcoins. Is this a trend or a fad, and does the currency’s P2P model about to be embraced ecosystem-wide due to its (current) pseudo-anonymous […]

Continue Reading »

A peek inside a ‘life cycle aware’ underground market ad for a private keylogger

by

By Dancho Danchev What’s greed to some cybercriminals, is profit maximization to others, especially in times when we’re witnessing the maturing state of the modern cybercrime ’enterprise’. Many enter this vibrant marketplace as vendors without really realizing that, thanks to the increasing transparency within the cybercrime ecosystem, their basic and valued added services will be directly benchmarked against a competing vendor, sometime rendering their unique value proposition completely irrelevant. Others will take a different approach by releasing a ‘life cycle aware’ underground market ad and will still manage to generate some revenue, as well as secure a decent number of customers in the […]

Continue Reading »

Cybercrime-friendly community branded HTTP/SMTP based keylogger spotted in the wild

by

By Dancho Danchev Utilizing basic site ‘stickiness’ and visitor retention practices, over the years, cybercrime-friendly communities have been vigorously competing to attract, satisfy, and retain their visitors. From exclusive services available only to community members, to DIY cybercrime-friendly tools, the practice is still a common way for the community administrators to boost the underground reputation of their forum. However, there are certain communities that will use the underground reputation of their forum to boost their sales, by releasing private DIY cybercrime-friendly tools, and promoting them under the umbrella of the community brand. In this post, I’ll profile a HTTP/SMTP-based keylogger that’s been commercially available to […]

Continue Reading »

8 Tips for Filing Taxes Online Safely

by

By Mike Kronenberg Getting ready to file your taxes online — and doing it at the last minute? Well, cyber-scammers are ready for you. Thieves are schemers, and they’ve got a bag full of tricks to steal your identity. You might even be doing things to make their job easier. And if you use a PC at work to do your return,  identity theft could be as simple as a crook (or an unscrupulous coworker) digging around and finding sensitive files. One might send you an e-mail that offers a quick refund — or a warning about a problem with […]

Continue Reading »

Phishers Break WoW’s Magic Spell Over Gamers

by

By Curtis Fechner and Andrew Brandt While we’ve touched on the subject of World of Warcraft phishers (and the Trojans they attempt to spread) a handful of times in the past several months, it’s worth mentioning the ongoing problems phishing posts cause both players and Blizzard, the game’s operator. To recap, the official message board for World of Warcraft is under constant attack by phishers, who use stolen credentials to post message board articles containing malicious links under the names of the innocent players whose passwords have been stolen. The links, which can be tied to virtually any kind of […]

Continue Reading »