Posts Tagged: Managed Service


A peek inside a newly launched all-in-one E-shop for cybercrime-friendly services

by

Cybercriminals continue diversifying their portfolios of standardized fraudulent services, in an attempt to efficiently monetize their malicious ‘know-how’, further contributing to the growth of the cybercrime ecosystem. In a series of blog posts highlighting the emergence of the boutique cybercrime-friendly E-shops, we’ve been emphasizing on the over-supply of compromised/stolen accounting data, efficiently aggregated through the TTPs (tactics, techniques and procedures) described in our “Cybercrime Trends – 2013” observations. We’ve recently spotted a newly launched all-in-one cybercrime-friendly E-shop, offering a diversified portfolio of managed/DIY services/products, exposing a malicious infrastructure worth keeping an eye on. Let’s take a peek inside the E-shop’s inventory […]

Continue Reading »

Newly launched ‘HTTP-based botnet setup as a service’ empowers novice cybercriminals with bulletproof hosting capabilities – part three

by

In a series of blog posts throughout 2013, we emphasized on the lowering of the entry barriers into the world of cybercrime, largely made possible by the rise of managed services, the re-emergence of the DIY (do-it-yourself) trend, and the development of niche market segments, like the practice of setting up and offering bulletproof hosting for a novice cybercriminal’s botnet generating platform. The proliferation of these easy to use, once only found in the arsenal of tools of the sophisticated cybercriminals, tools, is the direct result of cybercrime ecosystem leaks, cracked/pirated versions, or a community-centered approach applied by their authors, […]

Continue Reading »

New vendor of ‘professional DDoS for hire service’ spotted in the wild

by

In a series of blog posts, we’ve highlighted the emergence of easy to use, publicly obtainable, cracked or leaked, DIY (Do It Yourself) DDoS (Distributed Denial of Service) attack tools. These services empower novice cybercriminals with easy to use tools, enabling them to monetize in the form of ‘vendor’ type propositions for DDoS for hire services. Not surprisingly, we continue to observe the growth of this emerging (international) market segment, with its participants continuing to professionalize, while pitching their services to virtually anyone who’s willing to pay for them. However, among the most common differences between the international underground marketplace and, for […]

Continue Reading »

Yet another Bitcoin accepting E-shop offering access to thousands of hacked PCs spotted in the wild

by

The never-ending supply of access to compromised/hacked PCs — the direct result of the general availability of DIY/cracked/leaked malware/botnet generating tools — continues to grow in terms of the number and variety of such type of underground market propositions. With more cybercriminals entering this lucrative market segment, on their way to apply well proven and efficient monetization schemes to these hacked PCs, cybercrime-friendly affiliate networks naturally capitalize on the momentum, ensuring a win-win business process for the participants and the actual owners of the network. In this post, I’ll highlight yet another newly launched such E-shop, currently possessing access to […]

Continue Reading »

Novice cyberciminals offer commercial access to five mini botnets

by

With the increased public availability of leaked/cracked DIY malware/botnet generating tools, cybercriminals continue practically generating new botnets on the fly, in order to monetize the process by offering access to these very same botnets at a later stage in the botnet generation process. In addition to monetizing the actual process of setting up and hosting the botnet’s C&C (command and control) servers, novice cybercriminals continue selling direct access to their newly generated botnets, empowering other novice cybercriminals with the foundations for further disseminating and later on monetizing other pieces of malicious software, part of their own arsenal of fraudulent/malicious tools. […]

Continue Reading »

Cybercriminals offer spam-friendly SMTP servers for rent – part two

by

We continue to spot new cybercrime ecosystem propositions for spam-ready, cybercrime-friendly SMTP (Simple Mail Transfer Protocol) targeting QA (Quality Assurance) aware cybercriminals looking to gain access to dedicated mail servers with clean IP reputation, ensuring that their campaigns will reach the recipient’s Inbox. Relying on ‘in-house’ built infrastructure or direct outsourcing to bulletproof hosting providers, these services continue empowering prospective customers with managed, popular spam software compatible services, potentially exposing millions of users to fraudulent or malicious email campaigns. Let’s discuss yet another managed service offering spam-ready SMTP servers, and connect it to malicious campaigns that have directly interacted with […]

Continue Reading »

Commercially available Blackhat SEO enabled multi-third-party product licenses empowered VPSs spotted in the wild

by

Standardization is the cybercrime ecosystem’s efficiency-oriented mentality to the general business ‘threat’ posed by inefficiencies and lack of near real-time capitalization on (fraudulent/malicious) business opportunities. Ever since the first (public) discovery of managed spam appliances back in 2007, it has become evident that cybercriminals are no strangers to basic market penetration/market growth/market development business concepts. Whether it’s the template-ization of malware-serving sites, money mule recruitment, spamming or blackhat SEO, this efficiency-oriented mentality can be observed in virtually each and every market segment of the ecosystem. In this post, I’ll discuss a recent example of standardization, in particular, a blackhat SEO […]

Continue Reading »

DIY automatic cybercrime-friendly ‘redirectors generating’ service spotted in the wild

by

Redirectors are a popular tactic used by cybercriminal on their way to trick Web filtering solutions. And just as we’ve seen in virtually ever segment of the underground marketplace, demand always meets supply. A newly launched, DIY ‘redirectors’ generating service, aims to make it easier for cybercriminals to hide the true intentions of their campaign through the use of ‘bulletproof redirector domains’. Let’s take a peek inside the cybercriminal’s interface, list all the currently active redirectors, as well as the actual pseudo-randomly generated redirection URLs. More details:

Continue Reading »

From Vietnam with tens of millions of harvested emails, spam-ready SMTP servers and DIY spamming tools

by

How would a cybercriminal differentiate his unique value proposition (UVP) in order to attract new customers wanting to purchase commoditized underground market items like, for instance, harvested and segmented email databases? He’d impress them with comprehensiveness and ‘vertically integrated’ products and services. At least that’s what the cybercriminals behind the cybercrime-friendly market proposition I’m about to profile in this post are doing. Tens of millions of harvested and segmented email databases, spam-ready bulletproof SMTP servers and DIY spamming tools, this one-stop-shop for novice spammers is also a great example of an OPSEC-unaware vendor who’s not only accepting Western Union/Money Gray payments, […]

Continue Reading »

Cybercrime-friendly underground traffic exchange helps facilitate fraudulent and malicious activity

by

Throughout the last couple of years, the persistent demand for geolocated traffic coming from both legitimate traffic exchanges or purely malicious ones — think traffic acquisition through illegally embedded iFrames — has been contributing to the growing market segment where traffic is bought, sold and re-sold, for the sole purpose of monetizing it through illegal means. The ultimately objective? Expose users visiting compromised, or blackhat SEO-friendly automatically generated sites with bogus content, to fraudulent or malicious content in the form of impersonations of legitimate Web sites seeking accounting data, or client-side exploits silently served in an attempt to have an […]

Continue Reading »