Cybercriminals impersonate Verizon Wireless, serve client-side exploits and malware
Verizon Wireless customers, beware!
For over a week now, cybercriminals have been persistently spamvertising millions of emails impersonating the company, in an attempt to trick current and prospective customers into clicking on the client-side exploits and malware serving links found in the malicious email.
Upon clicking on any of the links, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit.
More details:
RSA Conference Europe 2012 – recap
As many of you know, Webroot recently attended Europe’s most prestigious security conference, RSA Europe 2012, where I held a presentation on the topic of “Cyber Jihad vs Cyberterrorism – Separating Hype from Reality“.
Since a picture is worth a thousand words, here are some photos from this year’s RSA Europe conference:
Bogus Skype ‘Password successfully changed’ notifications lead to malware
Skype users, beware!
Cybercriminals are currently spamvertising millions of emails impersonating Skype, in an attempt to trick Skype users that their password has been successfully changed, and that in order to view their call history and change their account settings, they would need to execute the malicious attachment found in the emails.
More details:
‘Your UPS Invoice is Ready’ themed emails serve malware
Over the past 24 hours, cybercriminals launched yet another massive spam campaign, impersonating the United Parcel Service (UPS), in an attempt to trick its current and prospective customers into downloading and executing the malicious attachment found in the email. Upon execution, the malware opens a backdoor on the infected host, allowing the cybercriminals behind the campaign to gain complete control over the victim’s host.
More details:
Cybercriminals impersonate Delta Airlines, serve malware
Following the recently launched malicious campaigns impersonating KLM and American Airlines, cybercriminals are once again busy impersonating yet another company, this time it’s Delta Airlines.
More details:
PayPal ‘Notification of payment received’ themed emails serve malware
Sticking to their proven tactic of systematically rotating the impersonated brands, cybercriminals are currently spamvertising millions of emails impersonating PayPal, in an attempt to trick its users into downloading and executing the malicious attachment found in the legitimate looking email.
More details:
Russian cybercriminals release new DIY DDoS malware loader
On a daily basis, new market entrants into the cybercrime ecosystem attempt to monetize their coding skills by releasing and branding new DIY DDoS malware loaders. Largely dominated by “me too” features, these DIY malware loaders are purposely released with prices lower than the prices of competing bots, in an attempt by the cybercriminal behind them to gain market share – a necessary prerequisite for a successful long-term oriented business model.
In this post, I’ll profile a recently released Russian DDoS malware bot.
More details:
‘Regarding your Friendster password’ themed emails lead to Black Hole exploit kit
Cybercriminals are currently spamvertising millions of emails, impersonating Friendster, in an attempt to trick its current and prospective users into clicking on a malicious link found in the email.
Upon clicking on the link, users are exposed to the client-side exploits served by the latest version of the Black Hole exploit kit.
More details:
Malware campaign spreading via Facebook direct messages spotted in the wild
Trust is vital, and cybercriminals know that there’s a higher probability that you will click on a link sent by a trusted friend, not from a complete stranger.
Yesterday, one of my Facebook friends sent me a direct message indicating that his host has been compromised, and is currently being used to send links to a malicious .zip archive through direct messages to all of his Facebook friends.
More details:
‘Intuit Payroll Confirmation inquiry’ themed emails lead to the Black Hole exploit kit
Over the past 24 hours, cybercriminals launched two consecutive massive email campaigns, impersonating Intui Payroll’s Direct Deposit Service system, in an attempt to trick end and corporate users into clicking on the malicious links found in the mails.
Upon clicking on any of links found in the emails, users are exposed to the client-side exploits served by the latest version of the Black Hole exploit kit.
More details:
Spamvertised ‘KLM E-ticket’ themed emails serve malware
KLM customers, beware!
Cybercriminals are currently spamvertising millions of legitimate-looking emails, in an attempt to trick current and prospective KLM customers into executing the malicious attachment found in the email.
More details:
Bogus Facebook notifications lead to malware
In an attempt to trick users into getting themselves infected with malware, cybercriminals are currently spamvertising millions of emails impersonating Facebook.
More details: