Cyber Crime

Pierluigi Paganini March 08, 2014
Tor network is increasingly attractive for cybercrime

Cyber criminals are abusing even more Tor Network for illegal activities, from botnet management to money laundering, the number of services is increasing. Tor network is even more used by cyber criminals to cover their illegal activities, the Tor community has observed, for example an alarming increase in the number of malware that abuse of […]

Pierluigi Paganini March 07, 2014
Dendroid – A new Android RAT available on the underground

Symantec discovered a new HTTP Android Remote administration tool, named Dendroid, available on the underground market for only $300. Symantec researchers have discovered a new android malware toolkit dubbed Dendroid, early 2014 the company also detected AndroRAT, an Android Remote admin tool which is believed to be the first malware APK binder. Thanks to the diffusion of the Google […]

Pierluigi Paganini March 06, 2014
FireEye 2013 Advanced Threat Report on APTs campaigns

FireEye issued the 2013 Advanced Threat Report, the study provides a high-level overview of the computer network attacks by APTs discovered by the company.   Today I desire to analyze with you the data proposed by FireEye in the 2013 Advanced Threat Report (ATR), the study provides a high-level overview of the computer network attacks discovered […]

Pierluigi Paganini March 06, 2014
Trend Micro report on Chinese Mobile Underground Market

This report provides a brief overview of some basic underground activities in the mobile space in China, describing products and services. Security firm Trend Micro issued an interesting report on Chinese cybercrime which is increasingly targeting mobile platforms thanks to a vast underground offer of services and tools. Trend Micro Mobile Cybercriminal Underground Market report analyzes […]

Pierluigi Paganini March 04, 2014
SOHO pharming attack hit more that 300,000 devices worldwide

Researchers at Team Cymru published a detailed report on a large scale SOHO pharming attack that hit more that 300,000 devices worldwide. Another mass compromise of small office/home office (SOHO) wireless routers has been uncovered by researchers from security firm Team Cymru. The hackers adopted different techniques to exploit the numerous flaws discovered in the last months […]

Pierluigi Paganini March 02, 2014
Russia Today hacked, tensions from Crimea to cyberspace

Russia Today media agency has been hacked by unknown attackers just after Putin’s order to move troops to the Crimea was approved by the Parliament. The tension between Russia and Ukraine also has repercussions in the cyberspace where Russia Today, Russian principal news channel website ( has been hacked and defaced by an unknown group of […]

Pierluigi Paganini March 01, 2014
More than 360 million stolen credentials available on the black market

Hold Security firm discovered more than 360 million newly stolen credentials and around 1.25 billion email addresses available for sale on the black market. The Hold Security firm has discovered a huge volume of data for sale on the online black market, it includes credentials from more than 360 million accounts and around 1.25 billion email addresses. […]

Pierluigi Paganini February 26, 2014
YouTube ads network serving Caphaw Banking Trojan

YouTube users were targeted by a classic drive-by download attack by exploiting client Java software vulnerabilities and serving Caphaw Banking Trojan. What about using YouTube to spread malware? YouTube is a video-sharing website on which users can upload, view and share videos, it has great appeal to the users and represents one of the bastions of the Internet. The website was […]

Pierluigi Paganini February 24, 2014
iBanking Mobile Bot Source Code available for sale in the underground

iBanking is a new mobile banking Trojan available for sale in the underground for $5,000 according the RSA’s FraudAction Group.  The source code for iBanking banking trojan has been leaked online through an underground forum, this kind of news reports a serious threat from the cybercrime ecosystem. Like happened for other trojan, including Zeus and Carberp, the […]

Pierluigi Paganini February 23, 2014
Banking trojan hit a large number of Islamic Mobile Banking Customers

Security researchers at InterCrawler discovered a Banking trojan which infected a large number of devices the Middle East belonging to Islamic Banks. IntelCrawler cyber intelligence firm discovered a large fraud campaign against major Islamic banking institutions. The attackers have used a sizable mobile botnet, more than 27 000 intercepted SMS-messages were detected between April 2013 and […]