Collaborate Disseminate
Cybercriminals have recently released a new (v3 to be more precise indicating possible beneath the radar operation until now), commercially available, modular malware platform, including such cybercrime-friendly features like DNS Changer, Loaders, Inje… Continue reading New Commercially Available Modular Malware Platform Released On the Underground Marketplace
The exponential growth of mobile malware over the last couple of years, can be attributed to a variety of ‘growth factors’, the majority of which continue playing an inseparable role in the overall success and growth of the cybercrime ecosystem in gene… Continue reading A Peek Inside a Customer-ized API-enabled DIY Online Lab for Generating Multi-OS Mobile Malware
Malware artifacts, abandoned mass iframe embedded/injected campaigns, and low Quality Assurance (QA) campaigns, continue popping up on everyone’s radar, raising eyebrows as to the extend of incompetence, possible evasive tactics, plain simple lack of a… Continue reading Malicious Script Artifacts at China Green Dot Gov Dot Cn – A Reminiscence of Asprox’s Multi-Tasking Activities
The following is a brief summary of all of my posts at Webroot’s Threat Blog for October, 2013. You can subscribe to Webroot’s Threat Blog RSS Feed, or follow me on Twitter:
01. A peek inside a Blackhat SEO/cybercrime-friendly doorways management platform02. Newly launched ‘HTTP-based botnet setup as a service’ empowers novice cybercriminals with bulletproof hosting capabilities – part
Continue reading Summarizing Webroot’s Threat Blog Posts for October
The following is a brief summary of all of my posts at Webroot’s Threat Blog for September, 2013. You can subscribe to Webroot’s Threat Blog RSS Feed, or follow me on Twitter:
01. DIY malicious Android APK generating ‘sensitive information stealer’ spotted in the wild02. Scammers pop up in Android’s Calendar App03. Web-based DNS amplification DDoS attack mode supporting PHP script
Continue reading Summarizing Webroot’s Threat Blog Posts for September
Cybercriminals have just launched yet another massive spam campaign, this time attempting to trick Pinterest users into thinking that they’ve received an email confirmation request. In reality though, once users click on the links found in the maliciou… Continue reading Fake Pinterest ‘Don’t forget to confirm your email!’ Themed Emails Serve Client-side Exploits and Malware
A currently circulating malicious ‘Facebook notifications” themed spam campaign, attempts to trick Facebook’s users into thinking that they’ve received a notifications digest for the activity that (presumably) took place while they were logged out of F… Continue reading Spamvertised Facebook ‘You have friend suggestions, friend requests and photo tags’ Themed Emails Lead to Client-side Exploits and Malware
Remember when back in 2010, I established a direct connection between several mass Wordpress blogs compromise campaigns, with the campaign behind the compromised Web site of the U.S. Treasury, prompting the cybercriminal(s) behind it to redirect all th… Continue reading Dissecting FireEye’s Career Web Site Compromise
A currently ongoing malicious campaign relying on injected iFrames at legitimate Web sites, successfully segments mobile traffic, and exposes mobile users to fraudulent legitimately looking variants of the AndroidOS/FakeInst/Trojan-SMS.J2ME.JiFake mobi… Continue reading Rogue iFrame Injected Web Sites Lead to the AndroidOS/FakeInst/Trojan-SMS.J2ME.JiFake Mobile Malware
Over the years, I’ve been actively researching the money mule recruitment epidemic, providing actionable (real-time/historical) intelligence on their activities, exposing their DNS infrastructure, offering exclusive peek inside the Administration Panel… Continue reading Profiling a Novel, High Profit Margins Oriented, Legitimate Companies Brand-Jacking Money Mule Recruitment Scheme