Posts Tagged: Monetization


Newly launched managed ‘compromised/hacked accounts E-shop hosting as service’ standardizes the monetization process

by

Regular readers of Webroot’s Threat Blog are familiar with our “A Peek Inside a Boutique Cybercrime-Friendly E-shop” series, originally started in 2012, highlighting the trend emerging at the time of boutique based E-shops selling access to compromised/hacked accounts. Popping up on our radars on systematic basis, this maturing market segment is already entering in a new life cycle stage in early 2014. The current stage is the direct result of the ongoing efficiency-oriented mentality applied by cybercriminals over the years in the face of the active implementation of tactics such as, for instance, templatization, ultimately leading to standardization of key […]

Continue Reading »

Deceptive ads targeting German users lead to the ‘W32/SomotoBetterInstaller’ Potentially Unwanted Application (PUA)

by

We’ve just intercepted yet another campaign serving deceptive ads, this time targeting German-speaking users into downloading and installing the privacy-invading ‘FLV Player’ Potentially Unwanted Application (PUA), part of Somoto’s pay-per-install network. More details:

Continue Reading »

Rogue ads target EU users, expose them to Win32/Toolbar.SearchSuite through the KingTranslate PUA

by

By Dancho Danchev Who would need a virtually unknown, but supposedly free, desktop based application in order to translate texts between multiple languages? Tens of thousands of socially engineered European ads, who continue getting exposed to the rogue ads served through Yieldmanager’s network, are promoting more Potentially Unwanted Applications (PUAs) courtesy of Bandoo Media Inc and their subsidiary Koyote-Lab Inc. More details:

Continue Reading »

iLivid ads lead to ‘Searchqu Toolbar/Search Suite’ PUA (Potentially Unwanted Application)

by

By Dancho Danchev Our sensors recently picked up an advertisement using Yieldmanager’s ad network, enticing users into downloading the iLivid PUA (Potentially Unwanted Application) on their PCs. Operated by Bandoo Media Inc., the application installs the privacy invading “Searchqu Toolbar”. More details:

Continue Reading »

New commercially available DIY invisible Bitcoin miner spotted in the wild

by

By Dancho Danchev Just as we anticipated in our previous analysis of a commercially available Bitcoin miner, cybercriminals continue “innovating” on this front by releasing more advanced and customizable invisible Bitcoin miners for fellow cybercriminals to take advantage of. In this post, we’ll profile yet another invisible Bitcoin miner, once again available for purchase on the international cybercrime-friendly marketplace, emphasize on its key differentiation features, as well as provide MD5s of known miner variants. More details:

Continue Reading »

Fake ‘Change Facebook Color Theme’ events lead to rogue Chrome extensions

by

Cybercriminals have recently launched a privacy-violating campaign spreading across Facebook in an attempt to trick Facebook’s users into installing a rogue Chrome extension. Once installed, it will have access to all the data on all web sites, as well as access to your tabs and browsing history. More details:

Continue Reading »

A peek inside a boutique cybercrime-friendly E-shop – part five

by

Seeking financial liquidity for their fraudulently obtained assets, novice cybercriminals continue launching new DIY cybercrime-friendly e-shops offering access to compromised accounts, harvested email databases, and accounts that have been purchased using stolen credit card data,  in an attempt to diversify their portfolio and, consequently, increase the probability of a successful purchase from their shops. In this post, I’ll profile one of the most recently launched cybercrime-friendly e-shops, continuing the “A peek inside a boutique cybercrime-friendly E-shop” series. More details:

Continue Reading »

A peek inside a boutique cybercrime-friendly E-shop – part four

by

Over the past couple of months, I’ve been periodically profiling the monetization tactics applied by novice cybercriminals, a market segment of less technically sophisticated individuals looking for ways to cash out on their fraudulent Web activities. The rise of this market segment can be contributed to the rise of managed cybercrime-friendly services and DIY tools, allowing everyone an easy entry into the world of cybercrime. In this post, I’ll profile yet another recently launched cybercrime-friendly E-shop, and emphasize the emergence of these over-the-counter (OTC) trading E-shops. More details:

Continue Reading »

Cybercriminals populate Scribd with bogus adult content, spread malware using Comodo Backup

by

On their way to convert legitimate traffic into malware-infected hosts using web malware exploitation kits, cybercriminals have been actively experimenting with multiple traffic acquisition techniques over the past couple of years. From malvertising (the process of displaying malicious ads), to compromised high-trafficked web sites, to blackhat SEO (search engine optimization), the tools in their arsenal have been systematically maturing to become today’s sophisticated traffic acquisition platforms delivering millions of unique visits from across the world, to the cybercriminals behind the campaigns. What are some of the latest campaigns currently circulating in the wild? How are cybercriminals monetizing the hijacked traffic? Are […]

Continue Reading »