Major Career Web Sites Hit by Spammers Attack

What is the future of spamming next to managed spamming appliances, like the ones already offered for use on demand? It’s targeted spamming going beyond the segmentation of the already harvested emails on per country basis, and including other variables such as city of residence, employment history, education, spoken languages, to ultimately set up the perfect foundation for targeted spamming and malware campaigns.

Go through the complete assessment of the tool used for extracting personal data from major career sites as well.

Custom DDoS Attacks Within Popular Malware Diversifying

One of the many Chinese script kiddies' favorite malware tools has been recently updated with several other DDoS attack capabilities built within, as well as with a nasty bandwidth allocation and measurement option introduced within. In case you remember, this was the very same malware tool I used as an example of how open source malware is prone to extend its lifecycle, and enjoy unique functionalities added on behalf of third-party contributors to the open source project.

The ongoing development of the tool showcases several important key points, namely, how a market share leader's products in a certain region, Korea in this case, often receive the attention of malware authors embedding product-specific DoS attacks within, and also, the fact that the average script kiddies are continuing getting empowered with access to DDoS tools going beyond the average HTTP request flooders and ICMP flooding attacks. Furthermore, realizing the PSYOPs effect that could be created out of the popularity of this DIY malware, a specific Anti CNN version was released during the Anti CNN attack campaigns, and as you can also see, ABC.com is hard coded as an example of a site to be attacked.

From an unrestricted warfare perspective, what is the difference between someone who has on purposely infected themselves with malware to appear as an infected hosts in this malware's C&C, and when traced back as a participant in the DDoS attacks simply states she's been infected with malware, next to those infected hosts who were unknowingly participating in the DDoS attacks? There wouldn't be any.

Stealing Sensitive Databases Online - the SQL Style

In a perfect world from a malicious SQL-ers perspective, mom and pop E-shops filling market niches and generating modest but noticeable revenue streams, have their E-shops vulnerable and exploitable to web application vulnerabilities, with their SQL databases available for extraction in an unencrypted form.

In reality, reconnaissance through search engine's indexes to build a hit list of E-shops with a higher probability for exploitation, is what malicious attackers who lack the skills and capacity to build a botnet, even invest money into renting one on demand and collecting the output in the form of credit cards numbers and accounting data, have been doing for the past of couple of years. Moreover, as I've already pointed out and provided relevant examples, it's perhaps even more disturbing to see the automated process of building such hitlists, verifying that they're exploitable, remotely exploiting them by embedding malicious links within their pages, and of this made possible through the use of botnets.

The whole is greater than the sum of its parts, and while some are putting time and efforts into figuring out whether or not a specific vulnerability is exploited, and through the use of which hundreds of thousands web sites again end up injected with automatically loading links to malicious domains, the bad guys are keeping it simple, sometimes way too simple to end up with the most successful and efficient ways to achieve their objectives. Furthermore, waging verbal warfare on whether or not XSS are a greater security risk than currently perceived, is definitely making a lot of malicious attackers out there enjoy the lack of situational awareness of those who are supposed to have a better grasp of what they're up to, not what they might be up to.

The bottom line - from a malicious economies of scale perspective, are massive SQL injections attacks serving malware to a speculated number of hundreds of thousands susceptible to clien-side attacks exploitation site visitors, more effective, than obtaining the low-hanging databases in a site-specific vulnerability manner? Depends entirely on what the bad guys are trying to obtain, access to as many infected hosts as possible to be later on used for phishing, spamming, stepping stones, hosting and distribution of malware and conducting OSINT for corporate espionage by segmenting the infected population into organizations of importance, or access to "the whole" benefits package coming with having a complete access over an Internet connected host.