Cybercrime

Pierluigi Paganini June 03, 2015
APWG Global Phishing Survey – Registered malicious domains increased in H2 2014

The APWG Global Phishing Survey 2H2014 seeks to understand what the phishers are doing, and how, by quantifying the scope of the global phishing problem. The Anti-Phishing Working Group (APWG) has published the “Global Phishing Survey 2H2014“, a report that comes with some interesting numbers on phishing activities. The Global Phishing Survey 2H2014 report states […]

Pierluigi Paganini June 02, 2015
New Rombertik Sample has originated in Nigeria

ThreatConnect has conducted further investigations on the Rombertik malware and traced a malicious sample they analyzed to a Nigeria-based man. Lately Rombertik have been making the headlines of security related news, I wrote on SecurityAffairs about the malware a few weeks ago, last update from security researchers at ThreatConnect is that a new analysis traced […]

Pierluigi Paganini June 02, 2015
NjRat campaign coming from Saudi Arabia is using old FakeAv tactics

Security experts discovered a new njRat campaign using old tactics, making use of compromised websites as a third layer, communication proxy. A recent post published on http://blog.0x3a.com/ it was described a new njRat campaign using old tactics, making use of compromised websites as a third layer, communication proxy. Using FakeAV tactics was in vogue some years […]

Pierluigi Paganini June 01, 2015
Google blocks Chrome extensions out of the official Store

The use of malicious Chrome extensions in the criminal ecosystem, so Google decided to restrict the use of extensions not available on the Chrome Web Store. The use of malicious Chrome extensions in the criminal ecosystem, so Google decided to restrict the use of extensions not available on the Chrome Web Store. With new policies […]

Pierluigi Paganini June 01, 2015
US financial industry moves under a rising wave of Cyberattacks and Zero-Day threats on I.R.S Tax Returns

US financial industry is under persistent attacks, the number of incidents that compromised confidentiality, integrity and availability of data are increasing. Financial industry in US maintains symptoms of persistent cyber-attacks among surprising cyber incidents and large-scale data breaches that compromised confidentiality, integrity and availability of user’s information. Several advanced hacking methods and the exploitation of zero-day flaws […]

Pierluigi Paganini May 30, 2015
Locker Ransomware Author Allegedly Releases Database Dump of Private Keys

Allegedly, the author of the “Locker” ransomware has uploaded a dump of the C2 server database, releasing private keys of infected hosts to the public. Allegedly, the author of the “Locker” ransomware has uploaded a dump of the C2 server database, releasing private keys of infected hosts worldwide to the public.  The “author” claims that […]

Pierluigi Paganini May 30, 2015
Locker Ransomware Utilizes a Unique Delivery Mechanism

The cyber security expert Michael Fratello has made a detailed analysis of the locker ransomware that implements a unique delivery mechanism On May 25th, 2015, a wave of reports came flooding in from users around the globe, claiming that their computers have become compromised.  Messages from users looking for help began appearing on forums such […]

Pierluigi Paganini May 27, 2015
Linux-based Moose worm turns routers into social network bots

Linux/Moose is a malware family that targets Linux-based consumer routers turning them into social network bots to use for illegal activities. ESET released a study about a new malware known as Moose worm that is compromising devices that have a weak or default credentials. The principal target of the Moose worm are the linux-based routers, […]

Pierluigi Paganini May 25, 2015
Why Carbanak C&C points to Russia Federal Security Service?

A security researcher at Trend Micro discovered that the malware used by the Carbanak cybergang is using a C&C server linked to the Russian FSB. Maxim Goncharov, security expert at Trend Micro, revealed that one of the most sophisticated malware used by the popular gang Carbanak is now pointing to Russia’s Federal Security Service (FSB). The […]

Pierluigi Paganini May 25, 2015
Fake Android Minecraft apps scammed million users

Experts at ESET have discovered over 30 scareware uploaded to the Google Play store over nine months masquerading as Minecraft cheats and tip guides. Do you completely trust mobile applications available on the official app store like Google Play? If your answer is yes, you’re wrong. ESET security researcher Lukas Stefanko has discovered 30 malicious apps uploaded […]