Wednesday, April 08, 2009

A Diverse Portfolio of Fake Security Software - Part Eighteen

With Microsoft's latest Security Intelligence Report indicating that scareware/fake security software continues growing , it's wort...

Inside a Zeus Crimeware Developer's To-Do List

Every then and now I get asked a similar question in regard to crimeware kits - which is the latest version of a particular crimeware/web ma...
Wednesday, April 01, 2009

Bogus LinkedIn Profiles Redirect to Malware and Rogue Security Software

From the automatically registered bogus LinkedIn profiles promoting pharmaceuticals campaign in February, to January's malware campaign...
Tuesday, March 31, 2009

Diverse Portfolio of Fake Security Software - Part Seventeen

The following are some of the currently active/about to go online rogue security software domains, and their associated payment gateways exp...

Summarizing Zero Day's Posts for March

The following is a brief summary of all of my posts at ZDNet's Zero Day for March. You can also go through previous summaries for Febru...
Thursday, March 26, 2009

A Diverse Portfolio of Fake Security Software - Part Sixteen

The following are some of the very latest typosquatted rogue security software domains pushed through blackhat SEO, web site compromises, an...
Wednesday, March 25, 2009

Embassy of Portugal in India Serving Malware

Yet another embassy web site is falling victim into a malware attack serving Adobe exploits to its visitors. As of last Friday, the official...
Thursday, March 19, 2009

Crimeware in the Middle - Limbo

While you were out - " Cybercrime-as-a-Service is finally taking off " and a $400 will get you in the hacking business. Such a men...
Wednesday, March 18, 2009

Ethiopian Embassy in Washington D.C Serving Malware

Oops, they keep doing it again and again. The web site of the Ethiopian Embassy in Washington D.C ( ethiopianembassy.org ) has been compromi...
Thursday, March 12, 2009

Who's Behind the Estonian DDoS Attacks from 2007?

The rush to claim responsibility for 2007's DDoS attacks against Estonia
Wednesday, March 11, 2009

Azerbaijanian Embassies in Pakistan and Hungary Serving Malware

The very latest addition to the "Compromised International Embassies Series" are the Hungarian and Pakistani embassies of the Repu...
Monday, March 09, 2009

Inside (Yet Another) Managed Spam Service

Several years ago, getting into the spam business used to involve the process of harvesting emails , figuring out ways to segment the databa...
Wednesday, March 04, 2009

Russian Homosexual Sites Under (Commissioned) DDoS Attack

From Russia with homophobia? A week long DDoS attack launched against Russia's most popular commercial homosexual sites has finally ende...

Summarizing Zero Day's Posts for February

The following is a brief summary of all of my posts at ZDNet's Zero Day for February. You can also go through previous summaries for Ja...
Thursday, February 26, 2009

Inside a DIY Image Spam Generating Traffic Management Kit

Whatever the spammer/pharma master or plain simple cybercriminal requires - the spamware vendors deliver so that a win-win-win scenario take...

Help! Someone Hijacked my 100k+ Zeus Botnet!

I've been looking for a similar chatter for a while now, given the existence of a remotely exploitable vulnerability in an old Zeus crim...
Tuesday, February 24, 2009

The Cost of Anonymizing a Cybercriminal's Internet Activities - Part Two

With VPN-enabled malware infected hosts easily acting as stepping stones thanks to modules within popular malware bots, next to commercial ...