Pierluigi Paganini May 05, 2019
A hacker has taken over at least 29 IoT botnets

Hacker “Subby” brute-forces the backends of 29 IoT botnets that were using weak or default credentials. A hacker that goes online with the moniker ‘Subby’ took over 29 IoT botnets in the past few weeks with brute-force attacks. The hacker ‘Subby’ took over 29 IoT botnets in the past few weeks brute-forcing the back end […]

Pierluigi Paganini March 13, 2015
US Government proposed an amendment to fight botnets

Obama Administration proposes giving courts more power to issue botnet injunctions, a measure necessary to fight the diffusion of malicious infrastructures. The US Government has proposed an amendment that would enable the Department of Justice to seek an injunction to prevent the diffusion of botnets. The Obama’s Administration would add activities like the operation of a […]

Pierluigi Paganini May 23, 2014
Nemanja, a botnet of thousand POSs, Grocery Management and Accounting Systems

Experts at Intelligence firm IntelCrawler have detected a new botnet dubbed Nemanja composed by compromised POS terminals, accounting systems and grocery management platforms. On March 2014 experts at IntelCrawler have identified Nemanja, one of the biggest botnets based on compromised POS terminals, accounting systems and grocery management platforms. Cyber-threat intelligence company IntelCrawler is one of the companies most active […]

Pierluigi Paganini April 10, 2014
The Extortion is a common practice in the cyber criminal ecosystem

According principal security firms, extortion, ransom and blackmail are pillars of illicit activities, cyber criminals are adapting them to the cyber context. Extrotion is becoming a worrying inclination in the cyber criminal ecosystem, the number of targeted attacks that request money in change of a suspension of the hostilities and to give back to the victims […]

Pierluigi Paganini March 20, 2014
Fraudulent infrastructure behind 5M harvested Russian phone numbers service

Danchev profiling a service which proposes more than 5M harvested mobile phone numbers has discovered a fraudulent architecture used for illicit purposes. Cybercrime has targeted mobile industry more than ever, the number of attacks is on the rise and the proposal in the underground of tools and services for mobile market is rapidly growing. The […]

Pierluigi Paganini March 19, 2014
NSA programs MYSTIC and RETRO spies phone calls on global scale, also on past conversations

Documents leaked by Snowden reveals that NSA has built a surveillance system capable of recording all the phone calls of a foreign country. The information on the surveillance capabilities of the National Security Agency is updated on a daily base and last news is that the agency has the necessary technology to record all the […]

Pierluigi Paganini March 17, 2014
QUANTUMHAND – NSA impersonates Facebook to inject malware

Recent revelations on TURBINE platform include also a disturbing truth, NSA used QUANTUMHAND exploits to implant malware in Facebook users’ machines. Last Week Ryan Gallagher and Glenn Greenwald revealed the existence of TURBINE platform, a sophisticated hacking architecture used to take control of botnet C&C servers managed by cybercrime. One of the details revealed by the journalists raised a heated […]

Pierluigi Paganini March 14, 2014
TURBINE, how NSA has plundered botnets to the cybercrime

TURBINE is the codename for a sophisticated hacking platform to take control of C&C servers managed by cybercrime. The NSA has been hijacking the botnets managed by cybercrime to its own purpose, this is the last revelation on questionable activities of the agency. Also this last revelation is based on documents leaked by Snowden, the news was […]

Pierluigi Paganini February 18, 2014
Profiling hacking for hire services offered in the underground

Security expert Dancho Danchev profiled hacking for hire services offered in the underground, providing an indication of their prices. In the past we have already analyzed the diffusion in the underground of hacking for hire services, a term coined to define the sale of hacking services made by cyber criminals for a limited period of time. Surfing […]

Pierluigi Paganini February 16, 2014
Discovered thousands of FTP servers infected by malware

Hold Security reported it has discovered a list of credentials for close to 7,800 FTP servers being circulated in cybercrime forums in the Deep Web. FTP servers are considered a privileged target for cyber criminals, hackers can exploit them for example to spread malware infecting webservers that rely on FTP applications for updates. The Hold Security firm […]