Cybercriminals continue to efficiently populate their botnets, through the systematic and persistent spamvertising of tens of thousands of fake emails, for the purpose of socially engineering gullible end users into executing the malicious attachments found in the rogue emails. We’ve recently intercepted a currently circulating malicious campaign, impersonating Barkeley Futures Limited, tricking users into thinking that they’ve received a legitimate “Customer Daily Statement”.
Posts Tagged: social engineering
Cybercriminals continue spamvertising tens of thousands of malicious emails on their way to socially engineer gullible end users, ultimately increasing their botnet’s infected population through the systematic and persistent rotation of popular brands. We’ve recently intercepted a currently circulating malicious campaign enticing users into executing the fake attachment. More details:
Despite the prevalence of Web based client-side exploitation tools as the cybercrime ecosystem’s primary infection vector, in a series of blog posts, we’ve been emphasizing on the emergence of managed/hosted/DIY malicious Java applet generating tools/platforms, highlighting the existence of a growing market segment relying on ‘visual social engineering’ vectors for the purpose of tricking end users into executing malicious/rogue/fake Java applets, ultimately joining a cybercriminal’s botnet. We’ve recently spotted yet another Web based Java drive-by generating tool, and decided to take a peek inside the malicious infrastructure supporting it.
Relying on the systematic and persistent spamvertising of tens of thousands of fake emails, as well as the impersonation of popular brands for the purpose of socially engineering gullible users into downloading and executing malicious attachments found in these emails, cybercriminals continue populating their botnets. We’ve recently intercepted a currently circulating malicious campaign, impersonating JJ Black Consultancy. More details:
PayPal users, watch what you click on! We’ve recently intercepted a currently circulating malicious spamvertised campaign which is impersonating PayPal in an attempt to trick socially engineered end users into clicking on the malware-serving links found in the emails. More details: Sample screenshot of the spamvertised email:
Cybercriminals continue populating their botnets through the persistent spamvertising of tens of thousands of legitimately looking malicious emails, impersonating popular brands, in an attempt to trick socially engineered users into clicking on the malicious links found within the emails. We’ve recently intercepted an actively circulating spamvertised campaign which is impersonating HM’s Revenue & Customs Department and enticing users into clicking on the malware-serving links found in the emails. More details:
In a cybercrime ecosystem, dominated by client-side exploits serving Web malware exploitation kits, cybercriminals continue relying on good old fashioned social engineering tricks in an attempt to trick gullible end users into knowingly/unknowingly installing malware. In a series of blog posts, we’ve been highlighting the existence of DIY (do-it-yourself), social engineering driven, Java drive-by type of Web based platforms, further enhancing the current efficient state of social engineering driven campaigns. Let’s take a peek inside yet another Web based DIY Java applet distribution platform, discuss its features, and directly connect to the Rodecap botnet, whose connections with related malicious campaigns have been established in several previously […]
With millions of Android users continuing to acquire new apps through Google Play, cybercriminals continue looking for efficient and profitable ways to infiltrate Android’s marketplace using a variety of TTPs (tactics, techniques and procedures). Largely relying on the ubiquitous for the cybercrime ecosystem, affiliate network based revenue sharing scheme, segmented cybercrime-friendly underground traffic exchanges, as well as mass and efficient compromise of legitimate Web sites, for the purpose of hijacking legitimate traffic, the market segment for Android malware continues flourishing. We’ve recently spotted, yet another, commercially available DIY cybercrime-friendly (legitimate) APK injecting/decompiling app. The tool is capable of facilitating premium-rate SMS fraud on […]
Deceptive vendors of PUAs (Potentially Unwanted Applications) continue relying on a multitude of traffic acquisition tactics, which in combination with the ubiquitous for the market segment ‘visual social engineering‘, continue tricking tens of thousands of users into installing the privacy-violating applications. With the majority of PUA campaigns, utilizing legitimately looking Web sites, as well as deceptive EULAs (End User License Agreements), in 2014, the risk-forwarding practice for the actual privacy-violation, continues getting forwarded to the socially engineered end user. We’ve recently intercepted a rogue portfolio consisting of hundreds of thousands of blackhat SEO friendly, legitimate applications, successfully exposing users to the Sevas-S PUA, through a […]
Here at Webroot, we are constantly on the lookout for malevolent Android apps. In most cases, you do something malicious with your app and you get marked accordingly, but it’s not always that simple. Two weeks ago an app called “Virus Shield” popped up on the Google Play store. Within days, Virus Shield became Google Play’s #1 paid app. With thousands of reviews and a 4.7 star rating, who would question it? Well, a few people did, the code was looked at, and Google pulled it from the store. They have even gone as far as to make amends with those […]