Pierluigi Paganini
August 22, 2013
Fraudsters target wire payment switch at US banks to steal millions using DDoS to divert the attention on fraudulent transactions. Cybercriminals are targeting the wire payment switch instead to hit directly into the banking accounts of individuals and businesses, this appears to be the last trend observed for recent attacks against numerous US banks. The wire payment switch […]
Pierluigi Paganini
July 25, 2013
KINS trojan is the name of the new banking malware that RSA researchers discovered thanks to an announcement on the Russian black market. Early 2013 RSA discovered traces of a news banking trojan named KINS, security experts have followed the evolution of the malware in the underground community. RSA researchers discovered an announcement on the Russian […]
Pierluigi Paganini
June 30, 2013
A new variant of Zeus trojan is offered for sale in the underground. It is a Self-propagating version that exploits Facebook, the RDP and the email. The criminal history taught us that after the diffusion of source code of malicious agent such as the popular Zeus it is possible to assist to a real explosion […]
Pierluigi Paganini
June 19, 2013
Security firm Group-IB has discovered on an forum in the underground the sale for Carberp banking Trojan source code at $5K. Carberp banking Trojan is experiencing a new youth in the underground, in the last months investigation at security firm Group-IB have identified in an underground forum the resumption of sale for the malware. The version proposed […]
Pierluigi Paganini
June 12, 2013
Is RBN (Russian Business Network) really linked to Facebook Zeus variant? Exclusive interview with WhiteHat who has investigated on the malware. RBN or ordinary crime, Zeus is appearing in new forms and using new infection channels but according some security analysts behind new a variant there could be the support of members of dangerous criminal organization RBN. As […]
Pierluigi Paganini
June 07, 2013
Principal security firms detected a new variant of Facebook Zeus malware that is exploiting the popular social network to target user’s bank accounts. A Facebook Zeus malware variant (aka ZeuS/ZBOT) has been detected by principal security firms confirming the longevity of malicious code and the ability of cybercrime to customize it according to its needs. Symantec […]
Pierluigi Paganini
May 17, 2013
Group-IB researchers have detected a new botnet named Kangoo that infected more than 150 000 machines mainly targeting Australian banks. Group-IB researchers have detected a new botnet named Kangoo that infected more than 150 000 machines, specialists dubbed it «Kangoo» due the presence of a kangaroo logo on the WEB-interface of the C&C administrative panel. The botnet mainly […]
Pierluigi Paganini
April 25, 2013
Public offer of Zeus FaaS service on Facebook My readers know very well the dynamic of cybercrime enterprise and in particular of the growing interest in monetization malicious codes such as malware, ransomware and more in general botnets. One of the most targeted sector is banking, the evolution of banking services, their introduction on mobile platforms made attractive targets for cyber criminals, one […]
Pierluigi Paganini
February 23, 2013
Recently I published an article on the attacks against Japanese banks using a new variant of the popular Zeus, one of the most prolific malware of recent history, security experts in fact have detected various versions of the popular malicious code that hit also mobile and social networking platforms. Due its flexibility the malware has […]
Pierluigi Paganini
February 17, 2013
Zeus malware is considered the most popular and prolific malicious code for banking, it is one of the privilege agent by cybercrime the use to sell various customized version in the underground to conduct sophisticated frauds. Security community has found it in different occasion and anyway it was a surprice, the malware has evolved in […]
