Tuesday, October 21, 2008

Massive SQL Injection Attacks - the Chinese Way

From copycats and "localizers" of Russian web malware exploitation kits , to suppliers of original hacking tools, the Chinese IT ...
Monday, October 20, 2008

Real-Time OSINT vs Historical OSINT in Russia/Georgia Cyberattacks

The original real-time OSINT analysis of the Russian cyberattacks against Georgia conducted on the 11th of August, not only closed the Russ...
Thursday, October 16, 2008

A Diverse Portfolio of Fake Security Software - Part Nine

Among the most recently spotted rogue security software applications and fake system maintenance tools are : pcvirusremover2008 .com (78.15...

TorrentReactor Compromised, 1.2M Users Database In the Wild

It appears that TorrentReactor.net, a highly popular torrent tracker, got compromised in September, with it's users database concisting ...
Wednesday, October 15, 2008

DDoS Attack Graphs from Russia vs Georgia's Cyberattacks

Part of Georgia's information warfare campaign aiming to minimize the bandwidth impact on its de-facto media platforms such as the web ...
Tuesday, October 14, 2008

The Cost of Anonymizing a Cybercriminal's Internet Activities

What would the perfect traffic anonymity service provider targeting cybercriminals consist of? A service operating in Russia that is on purp...

Quality Assurance in Malware Attacks - Part Two

Surprisingly, while opportunistic cybercriminals have long embraced the malware as a service model , and are offering managed lower detectio...
Thursday, October 09, 2008

Cybercriminals Abusing Lycos Spain To Serve Malware

Spanish cybercriminals have recently started taking advantage of the bogus accounts at Lycos Spain, which they seem to be registering on the...

Commoditization of Anti Debugging Features in RATs - Part Two

Yet another piece of malware promoted as a RAT (remote access tool) includes what's turning into the defacto set of anti-debugging feat...
Tuesday, October 07, 2008

Summarizing Zero Day's Posts for September

As usual, here's September's summary of all of my posts at Zero Day . You may also want to catch up and go through August's and...

A Diverse Portfolio of Fake Security Software - Part Eight

In the spirit of " taking a bite out of cybercrime ", here are the latest fake security software domains, typosquatted and already...

Web Based Malware Emphasizes on Anti-Debugging Features

Following the ongoing development of a particular web based malware, always comes handy in terms of assessing the commoditization of anti-d...
Monday, October 06, 2008

Fake Windows XP Activation Trojan Wants Your CVV2 Code

In a self-contradicting social engineering attempt, a malware author is offering to sale a ( updated version of Kardphisher) DIY fake Windo...
Friday, October 03, 2008

Inside a Managed Spam Service

A managed spam vendor always has to raise the stakes during its introduction period on the market. But what happens when a market follower ...

Syndicating Google Trends Keywords for Blackhat SEO

Several hundred Windows Live Spaces and AOL Journals , are currently syndicating the most popular keywords provided by Google Trends, and ar...
Thursday, October 02, 2008

Managed Fast Flux Provider - Part Two

We're slowly entering into a stage where RBN bullet proof hosting franchises are vertically integrating, and due to the requests from t...

Knock, Knock, Knockin' on Carder's Door

This video of Cha0's bust earlier this month in Turkey , is a perfect example of what happens when someone starts over-performing in the...