Cybercrime

Pierluigi Paganini March 20, 2014
Fraudulent infrastructure behind 5M harvested Russian phone numbers service

Danchev profiling a service which proposes more than 5M harvested mobile phone numbers has discovered a fraudulent architecture used for illicit purposes. Cybercrime has targeted mobile industry more than ever, the number of attacks is on the rise and the proposal in the underground of tools and services for mobile market is rapidly growing. The […]

Pierluigi Paganini March 20, 2014
FireEye discovered Android spying components in Winspy RAT

FireEye experts investigating on a spear-phishing campaign on an US-based financial institution discovered that common WinSpy RAT was adapted to hit Android devices. FireEye Security Researchers have recently identified a new variant of Winspy RAT that can infect users’ PC and also their Android Devices during synchronization operations. We have a long discussed about the increment for […]

Pierluigi Paganini March 19, 2014
Linux Operation Windigo hit 500000 PC and 25000 dedicated servers

Antivirus Firm ESET has been tracking and investigating the operation behind Linux_Ebury uncovering a sophisticated campaign called Operation Windigo. Operation Windigo is the name of a sophisticated malware-based campaign uncovered by security Experts at ESET, that exploiting the Linux/Ebury backdoor has impacted more 500,000 computers and 25,000 dedicated servers. ESET Researchers collaborated with CERT-Bund, the European Organization […]

Pierluigi Paganini March 15, 2014
A sophisticated phishing scheme is targeting Google Docs Users

Security Researchers at Symantec detected a new Sophisticated Phishing Scam that is targeting the Google Docs Users with complex social engineering tricks. Phishing is still considerable as one of the major cyber threats, its impact on the IT industry is devastating considering that attackers are adopting new techniques even more sophisticated.  Principal security firms and CERTs […]

Pierluigi Paganini March 12, 2014
162,000 WordPress instances abused for DDoS attack

Sucuri firm detected a large DDOS attack that leveraged thousands of unsuspecting WordPress websites as indirect amplification vectors. The security community is threatened by a new botnet composed at least 162,000 WordPress-powered websites abused to run DDoS attacks. The technique of attack allows to flood a target with requests sent by WordPress servers that received a […]

Pierluigi Paganini March 10, 2014
The marketing approach of cybercrime to phishing emails

Mark Sparshott, director at Proofpoint, explained that cybercrime manages phishing emails using techniques similar to those used by the marketing industry. Phishing is still considerable on of principal cyber threats for Internet users, it is even more used to spread malware and link to compromised websites, for this reason cybercriminals are adopting new and innovative […]

Pierluigi Paganini March 09, 2014
DNS amplification botnet available in the underground

Security expert Dancho Danchev profiled a recently released DNS amplification DDoS service available for sale in the underground. Recently the cyber security expert Dancho Danchev profiled new DNS amplification DDoS bot available in the underground, a privileged attack tool for the criminal ecosystem. DDoS attacks observed last year were characterized by an increased magnitude because attackers adopted new techniques […]

Pierluigi Paganini March 08, 2014
Tor network is increasingly attractive for cybercrime

Cyber criminals are abusing even more Tor Network for illegal activities, from botnet management to money laundering, the number of services is increasing. Tor network is even more used by cyber criminals to cover their illegal activities, the Tor community has observed, for example an alarming increase in the number of malware that abuse of […]

Pierluigi Paganini March 07, 2014
Dendroid – A new Android RAT available on the underground

Symantec discovered a new HTTP Android Remote administration tool, named Dendroid, available on the underground market for only $300. Symantec researchers have discovered a new android malware toolkit dubbed Dendroid, early 2014 the company also detected AndroRAT, an Android Remote admin tool which is believed to be the first malware APK binder. Thanks to the diffusion of the Google […]

Pierluigi Paganini March 06, 2014
Trend Micro report on Chinese Mobile Underground Market

This report provides a brief overview of some basic underground activities in the mobile space in China, describing products and services. Security firm Trend Micro issued an interesting report on Chinese cybercrime which is increasingly targeting mobile platforms thanks to a vast underground offer of services and tools. Trend Micro Mobile Cybercriminal Underground Market report analyzes […]