Author Archives: Dancho Danchev

The following is a brief summary of all of my posts at Webroot’s Threat Blog for February, 2014. You can subscribe to Webroot’s Threat Blog RSS Feed, or follow me on Twitter:

01. Cybercriminals release Socks4/Socks5 based Alexa PageRank boosting application
02. Market leading ‘standardized cybercrime-friendly E-shop’ service brings 2500+ boutique E-shops online
03. Managed TeamViewer based

Continue reading Summarizing Webroot’s Threat Blog Posts for February→

The following is a brief summary of all of my posts at Webroot’s Threat Blog for January, 2014. You can subscribe to Webroot’s Threat Blog RSS Feed, or follow me on Twitter:

01. ‘Adobe License Service Center Order NR’ and ‘Notice to appear in court’ themed malicious spam campaigns intercepted in the wild
02. New “Windows 8 Home Screen’ themed passwords/game keys stealer spotted in the

Continue reading Summarizing Webroot’s Threat Blog Posts for January→

A currently circulating across Facebook, multi-layered monetization tactics utilizing, Turkish users targeting, malicious campaign, is attempting to trick users into thinking that they need to install a fake Adobe Flash Player, displayed on a fake YouT… Continue reading Facebook Spreading, Amazon AWS/Cloudflare/Google Docs Hosted Campaign, Serves P2P-Worm.Win32.Palevo→

And, (not surprisingly) they’re back! The cybercriminal(s) behind the 1 million+ clicks strong Febipos/Carfekab rogue Chrome/Firefox extensions dropping malicious campaign, continue utilizing the already infected ‘population’ for the purpose of dissemi… Continue reading Dissecting the Ongoing Febipos/Carfekab Rogue Chrome/Firefox Extensions Dropping, Facebook Circulating Malicious Campaign→

What “better” time to spread malicious “joy”, then during the Holidays? Cybercriminals are still busy maintaining a fake Adobe Flash Player serving, Facebook spreading campaign, which I originally intercepted during the Holidays, utilizing Google redir… Continue reading Fake Adobe Flash Player Serving Campaign Utilizes Google Hosting/Redirection Infrastructure, Spreads Across Facebook→

The following is a brief summary of all of my posts at Webroot’s Threat Blog for December, 2013. You can subscribe to Webroot’s Threat Blog RSS Feed, or follow me on Twitter:

 
01. Cybercrime-friendly VPN service provider pitches itself as being ‘recommended by Edward Snowden’
02. Commercial Windows-based compromised Web shells management application spotted in the wild
03. Compromised

Continue reading Summarizing Webroot’s Threat Blog Posts for December→

Last week, immediately after I published the initial analysis detailing a massive privacy-violating “Who’s Viewed Your Profile” campaign, that was circulating across Facebook, the cybercriminals behind it, supposedly took it offline, with one of the ma… Continue reading Continuing Facebook “Who’s Viewed Your Profile” Campaign Affects Another 190k+ Users, Exposes Malicious Cybercrime Ecosystem→

A massive privacy-violating, Facebook circulating “Who’s Viewed Your Profile” campaign, has been operating beneath the radar, exposing over 800,000 users internationally, to a cocktail of PUAs (Potentially Unwanted Applications), rogue Firefox Add-ons … Continue reading Facebook Circulating ‘Who’s Viewed Your Profile’ Campaign Exposes 800k+ Users to CrossRider PUA/Rogue Firefox Add-ons/Android Adware AirPush→

The following is a brief summary of all of my posts at Webroot’s Threat Blog for November, 2013. You can subscribe to Webroot’s Threat Blog RSS Feed, or follow me on Twitter:

01. Google-dorks based mass Web site hacking/SQL injecting tool helps f… Continue reading Summarizing Webroot’s Threat Blog Posts for November→

A currently ongoing malicious campaign using compromised sites as the primary traffic acquisition tactic, is attempting to socially engineer users (English and Russian speaking) into thinking that they’re using an outdated version of their browser, and… Continue reading Fake Chrome/Firefox/Internet Explorer/Safari Updates Expose Users to Android Malware→