Wednesday, October 01, 2008

Web Based Malware Eradicates Rootkits and Competing Malware

A tiny 20kb antivirus module within "yet another web based malware in the wild", promises to get rid of all Zeus variants, and als...
Tuesday, September 30, 2008

Identifying the Gpcode Ransomware Author

Interesting article, but it implies that there has been a shortage of quality OSINT regarding the campaigners behind the recent Gpcode targ...

A Diverse Portfolio of Fake Security Software - Part Seven

In case you haven't heard - Microsoft and the Washington state are suing a U.S based -- naturally -- "scareware" vendor Branc...
Monday, September 29, 2008

Modified Zeus Crimeware Kit Comes With Built-in MP3 Player

Modified versions of popular open source crimeware kits rarely make the headlines due to the fact that anyone can hijack a crimeware kit...

The Commercialization of Anti Debugging Tactics in Malware

Commoditization or commercialization, Themida or Code Virtualizer, individually crypting or outsourcing to an experienced malware crypting ...
Friday, September 26, 2008

Hijacking a Spam Campaign's Click-through Rate

This spammer is DomainKeys verified , a natural observation considering that the spam compaign which I discussed last Wednesday is using bo...
Thursday, September 25, 2008

250k of Harvested Hotmail Emails Go For?

$50 in this particular case, however, keeping in mind that the email harvester is anything but ethical, this very same database will be sold...
Wednesday, September 24, 2008

A Diverse Portfolio of Fake Security Software - Part Six

Thanks to misconfigured traffic management kits, not taking advantage of all the built-in features that could have made a research a little ...

Two Copycat Web Malware Exploitation Kits in the Wild

We're slowly entering into "can you find the ten similarities" stage in respect to web malware exploitation kits, and their co...
Wednesday, September 17, 2008

Spam Campaign Abusing Yahoo's Services

Think spammers.Yahoo.com trusts Yahoo.com, consequently, a spam campaign that using bogus Yahoo.com email accounts, and spamming only Yahoo ...
Tuesday, September 16, 2008

EstDomains and Intercage VS Cybercrime

Surreal, especially when you get to read that EstDomains has " ruthlessly suspended over five thousand domains only for last week ...
Monday, September 15, 2008

Skype Spamming Tool in the Wild - Part Two

The less technologically sophisticated lone cybercriminals have always enjoyed the benefits of stand alone DIY applications. From DIY exploi...

Adult Network of 1448 Domains Compromised

With millions of malware infected PCs participating in a botnet, the probability that a high profile end user whose domain portfolio consist...
Wednesday, September 10, 2008

Summarizing August's Threatscape

Following the previous summaries of June's and July's threatscape based on all the research published during the month, it's t...
Thursday, September 04, 2008

Summarizing Zero Day's Posts for August

Here's a concise summary of all of my posts at Zero Day for August. If interested, consider going through July's summary , subscrib...
Wednesday, September 03, 2008

The Commoditization of Anti Debugging Features in RATs

Is it a Remote Administration Tool (RAT) or is it malware ? That's the rhetorical question , since RATs are not supposed to have built...

Copycat Web Malware Exploitation Kits are Faddish

For the cheap cybercriminals not wanting to invest a couple of thousand dollars into purchasing a cutting edge web malware exploitation kit ...