Monday, March 15, 2010

Koobface Redirectors and Scareware Campaigns Now Hosted in Moldova

Just how greedy has the Koobface gang become these days? Very greedy. In fact, their currently active scareware campaigns operate with a cha...
Friday, March 12, 2010

Scareware, Sinowal, Client-Side Exploits Serving Spam Campaign in the Wild

AS50215 Troyak-as customers are back, with an ugly mix of scareware, sinowal, and client-side exploits serving campaign using the " Y...
Thursday, March 11, 2010

Money Mule Recruiters on Yahoo!'s Web Hosting

UPDATED: Saturday, March 13, 2010 - Yahoo! Web Hosting abuse just pinged me that " We have investigated the sites and taken the necessa...
Wednesday, March 10, 2010

AS50215 Troyak-as Taken Offline, Zeus C&Cs Drop from 249 to 181

2nd update for Friday, March, 12, 2010 - Troyak-AS is down again - " This AS is not currently used to announce prefixes in the global ...
Tuesday, March 09, 2010

Don't Play Poker on an Infected Table - Part Three

The monetization of phony online gambling networks -- clearly tolerating systematic violation of their TOS -- is continuing with the scammer...
Tuesday, March 02, 2010

Summarizing Zero Day's Posts for February

The following is a brief summary of all of my posts at ZDNet's Zero Day for February, 2010. You can also go through previous summar...
Thursday, February 25, 2010

Fotolog's FTLog Malware Campaign Serves Bogus Video Codecs

Don't Play Poker on an Infected Table - Part Two

Over the past week and a half, cybercriminals have been aggressively spamvertising a growing portfolio of domains, relying on deceptive adve...
Monday, February 15, 2010

IRS/PhotoArchive Themed Zeus/Client-Side Exploits Serving Campaign in the Wild

UPDATED: Monday, February 22, 2010 - Another typosquatted domains portfolio is being spamvertised, including two new name servers, parked on...