by Blog Staff | Nov 13, 2012 | Industry Intel, Threat Lab
Largely driven by a widespread adoption of growth and efficiency oriented strategies applied by cybercriminals within the entire spectrum of the cybercrime ecosystem, we’ve witnessed the emergence and development of the mobile device market segment over the past few years. Motivated by the fact that more people own a mobile device than a PC, cybercriminals quickly adapted and started innovating in an attempt to capitalize on this ever-growing market segment within their portfolio of fraudulent operations.
In this post I’ll profile a DIY Mail-to-SMS flooder that’s abusing a popular feature offered by international and U.S based mobile carriers – the ability to SMS any number through an email message. The DIY SMS flooder exclusively targets U.S users.
More details:
(more…)
by Blog Staff | Nov 12, 2012 | Industry Intel, Threat Lab
American Express cardholders, beware!
Over the past week, cybercriminals mass mailed millions of emails impersonating American Express, in an attempt to trick its customers into clicking on the malicious links found in the emails. Upon clicking on any of the links, users are redirected to a malicious URL serving cllient-side exploits courtesy of the Black Hole Exploit Kit.
More details:
(more…)
by Blog Staff | Nov 9, 2012 | Industry Intel, Threat Lab
Intuit users, beware!
Cybercriminals are currently mass mailing millions of emails impersonating Intuit’s Direct Deposit Service, in an attempt to trick its users into clicking on the malicious links found in the legitimate-looking emails. Upon clicking on any of them, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit.
More details:
(more…)
by Blog Staff | Nov 8, 2012 | Industry Intel, Threat Lab
Cybercriminals are currently spamvertising millions of emails impersonating Discover, in an attempt to trick cardholders into clicking on the client-side exploits serving URLs found in the malicious emails. Upon clicking on the links, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit.
More details:
(more…)
by Blog Staff | Nov 7, 2012 | Industry Intel, Threat Lab
On a periodic basis, malicious cybercriminals spamvertise millions of emails attempting to trick end users into thinking that they’ve received a scanned document. Upon clicking on the links found in these emails, or viewing the malicious .html attachment, users are automatically exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit.
In this post, I will profile two currently circulating malicious campaigns. The first is mimicking a Xerox Pro printer, and the second is claiming to be a legitimate Wire Transfer. Both of these campaigns point to the same client-side exploits serving URL, indicating that they’ve been launched by the same cybercriminal/gang of cybercriminals.
More details: (more…)
by Blog Staff | Nov 6, 2012 | Industry Intel, Threat Lab
Cybercriminals are currently mass mailing millions of emails impersonating The United States Postal Service (USPS), in an attempt to trick its customers into downloading and executing the malicious .zip archive linked in the bogus emails.
Upon execution, the malware opens a backdoor on the affected host, allowing the cybercriminals behind the campaign to gain complete control over the host.
More details:
(more…)
by Blog Staff | Nov 2, 2012 | Industry Intel, Threat Lab
Newsflash, the cybercriminals behind the recently profiled malicious campaign impersonating Bank of America, launched yet another massive spam campaign, this time targeting ADP customers. Upon clicking on the link found in the malicious email, users are exposed to the client-side exploits served by the latest version of the Black Hole Exploit Kit.
More details:
(more…)
by Blog Staff | Nov 1, 2012 | Industry Intel, Threat Lab
Cybercriminals are currently mass mailing millions of emails, in an attempt to trick Bank of America customers into clicking on the exploit and malware-serving link found in the spamvertised email. Relying on bogus “Online Banking Passcode Changed” notifications and professionally looking email templates, the campaign is the latest indication of the systematic rotation of impersonated brands in an attempt to cover as many market segments as possible.
More details:
(more…)
by Blog Staff | Oct 31, 2012 | Industry Intel, Threat Lab
In times when the market leading Black Hole Exploit Kit continues to gain market share, competing products are prone to emerge. What is the competition up to? Has it managed to differentiate itself from the market leading product or is it basically a “me too” exploit kit lacking any significant features worth emphasizing on?
In this post, I’ll profile the recently advertised Nuclear Exploit Pack v.2.0, elaborate on its features, and discuss whether or not it has the potential to outpace the market leader (Black Hole Exploit Kit) in terms of market share.
More details:
(more…)
by Blog Staff | Oct 30, 2012 | Industry Intel, Threat Lab
Recently, cybercriminals spamvertised yet another massive email campaign, impersonating the world’s most popular social network – Facebook.
It was similar to a previously profiled spam campaign imitating Facebook. However, in this case the cybercriminals behind it relied on attached malicious archives, compared to including exploits and malware serving links in the email.
More details:
(more…)
