Monday, November 10, 2008

Zeus Crimeware Kit Gets a Carding Layout

With cybercriminals clearly expressing their nostalgia for several notorious and already shut down credit card fraud communities, they seem ...
Thursday, November 06, 2008

DIY Phishing Pages With Command and Control Interfaces

The day when DIY phishing pages start coming with manuals is the day when consciously or subconsciously a phisher is lowering down the entry...
Tuesday, November 04, 2008

Summarizing Zero Day's Posts for October

Here's a brief summary of all of my posts at Zero Day for October. You can also go through previous summaries for September , August a...
Monday, November 03, 2008

A Diverse Portfolio of Fake Security Software - Part Twelve

These very latest rogue security software domains have been in circulation -- blackhat SEO, SQL injections, traffic redirection scripts -- s...

Modified Zeus Crimeware Kit Gets a Performance Boost

Oops, they did it again - modifying an open source crimeware kit like Zeus in order to improve its performance, fix previously known bugs, ...
Wednesday, October 29, 2008

Pseudo Email Marketing Tools Empowering Spammers

Largely ignoring its real life applicability, a vendor of "email marketing" tools continues the development of a DIY spamming tool...
Tuesday, October 28, 2008

A Diverse Portfolio of Fake Security Software - Part Eleven

The following portfolio of fake security software appear to have been integrated within traffic redirection doorways during the weekend, con...

Money Mules Syndicate Actively Recruiting Since 2002

Money mules have already been an inseparable part of the underground ecosystem. And while others try to hide their activities by outsourcing...
Friday, October 24, 2008

Compromised Portfolios of Legitimate Domains for Sale

Is the demand for access to compromised legitimate portfolios of domains -- where the price is based on the pagerank and is shaped by the n...
Wednesday, October 22, 2008

A Diverse Portfolio of Fake Security Software - Part Ten

Popping up like mushrooms, these are the very latest rogue security software domains for your case building, cross-checking, or blackholing ...
Tuesday, October 21, 2008

Massive SQL Injection Attacks - the Chinese Way

From copycats and "localizers" of Russian web malware exploitation kits , to suppliers of original hacking tools, the Chinese IT ...
Monday, October 20, 2008

Real-Time OSINT vs Historical OSINT in Russia/Georgia Cyberattacks

The original real-time OSINT analysis of the Russian cyberattacks against Georgia conducted on the 11th of August, not only closed the Russ...
Thursday, October 16, 2008

A Diverse Portfolio of Fake Security Software - Part Nine

Among the most recently spotted rogue security software applications and fake system maintenance tools are : pcvirusremover2008 .com (78.15...

TorrentReactor Compromised, 1.2M Users Database In the Wild

It appears that TorrentReactor.net, a highly popular torrent tracker, got compromised in September, with it's users database concisting ...
Wednesday, October 15, 2008

DDoS Attack Graphs from Russia vs Georgia's Cyberattacks

Part of Georgia's information warfare campaign aiming to minimize the bandwidth impact on its de-facto media platforms such as the web ...
Tuesday, October 14, 2008

The Cost of Anonymizing a Cybercriminal's Internet Activities

What would the perfect traffic anonymity service provider targeting cybercriminals consist of? A service operating in Russia that is on purp...