Wednesday, October 29, 2008

Pseudo Email Marketing Tools Empowering Spammers

Largely ignoring its real life applicability, a vendor of "email marketing" tools continues the development of a DIY spamming tool...
Tuesday, October 28, 2008

A Diverse Portfolio of Fake Security Software - Part Eleven

The following portfolio of fake security software appear to have been integrated within traffic redirection doorways during the weekend, con...

Money Mules Syndicate Actively Recruiting Since 2002

Money mules have already been an inseparable part of the underground ecosystem. And while others try to hide their activities by outsourcing...
Friday, October 24, 2008

Compromised Portfolios of Legitimate Domains for Sale

Is the demand for access to compromised legitimate portfolios of domains -- where the price is based on the pagerank and is shaped by the n...
Wednesday, October 22, 2008

A Diverse Portfolio of Fake Security Software - Part Ten

Popping up like mushrooms, these are the very latest rogue security software domains for your case building, cross-checking, or blackholing ...
Tuesday, October 21, 2008

Massive SQL Injection Attacks - the Chinese Way

From copycats and "localizers" of Russian web malware exploitation kits , to suppliers of original hacking tools, the Chinese IT ...
Monday, October 20, 2008

Real-Time OSINT vs Historical OSINT in Russia/Georgia Cyberattacks

The original real-time OSINT analysis of the Russian cyberattacks against Georgia conducted on the 11th of August, not only closed the Russ...
Thursday, October 16, 2008

A Diverse Portfolio of Fake Security Software - Part Nine

Among the most recently spotted rogue security software applications and fake system maintenance tools are : pcvirusremover2008 .com (78.15...

TorrentReactor Compromised, 1.2M Users Database In the Wild

It appears that TorrentReactor.net, a highly popular torrent tracker, got compromised in September, with it's users database concisting ...
Wednesday, October 15, 2008

DDoS Attack Graphs from Russia vs Georgia's Cyberattacks

Part of Georgia's information warfare campaign aiming to minimize the bandwidth impact on its de-facto media platforms such as the web ...
Tuesday, October 14, 2008

The Cost of Anonymizing a Cybercriminal's Internet Activities

What would the perfect traffic anonymity service provider targeting cybercriminals consist of? A service operating in Russia that is on purp...

Quality Assurance in Malware Attacks - Part Two

Surprisingly, while opportunistic cybercriminals have long embraced the malware as a service model , and are offering managed lower detectio...
Thursday, October 09, 2008

Cybercriminals Abusing Lycos Spain To Serve Malware

Spanish cybercriminals have recently started taking advantage of the bogus accounts at Lycos Spain, which they seem to be registering on the...

Commoditization of Anti Debugging Features in RATs - Part Two

Yet another piece of malware promoted as a RAT (remote access tool) includes what's turning into the defacto set of anti-debugging feat...
Tuesday, October 07, 2008

Summarizing Zero Day's Posts for September

As usual, here's September's summary of all of my posts at Zero Day . You may also want to catch up and go through August's and...

A Diverse Portfolio of Fake Security Software - Part Eight

In the spirit of " taking a bite out of cybercrime ", here are the latest fake security software domains, typosquatted and already...