Collaboration Fuels Rapid Growth of Citadel Trojan
Late last month I wrote about Citadel, an “open source” version of the ZeuS Trojan whose defining feature is a social networking platform where users can report and fix programming bugs, suggest and...
View ArticleBanking on Badb in the Underweb
Underground Web sites can be a useful barometer for the daily volume of criminal trade in goods like stolen credit card numbers and hijacked PayPal or eBay accounts. And if the current low prices at...
View ArticleHacked Inboxes Lead to Bank Fraud
Hacked and phished email accounts increasingly are serving as the staging grounds for bank fraud schemes targeting small businesses. The scams are decidedly low-tech and often result in losses of just...
View ArticleAghast at Avast’s iYogi Support
The makers of Avast antivirus software are warning users about a new scam involving phone calls from people posing as customer service reps for the company and requesting remote access to user...
View ArticleTwitter Bots Target Tibetan Protests
Twitter bots — zombie accounts that auto-follow and send junk tweets hawking questionable wares and services — can be an annoyance to anyone who has even a modest number of followers. But...
View ArticleMicrosoft Takes Down Dozens of Zeus, SpyEye Botnets
Microsoft today announced the execution of a carefully planned takedown of dozens of botnets powered by ZeuS and SpyEye — powerful banking Trojans that have helped thieves steal more than $100 million...
View ArticleResearchers Clobber Khelios Spam Botnet
Experts from across the security industry collaborated this week to quarantine more than 110,000 Microsoft Windows PCs that were infected with the Khelios worm, a contagion that forces infected PCs to...
View ArticleService Automates Boobytrapping of Hacked Sites
Hardly a week goes by without news of some widespread compromise in which thousands of Web sites that share a common vulnerability are hacked and seeded with malware. Media coverage of these mass...
View ArticleOpenX Promises Fix for Rogue Ads Bug
Hackers are actively exploiting a dangerous security vulnerability in OpenX — an online ad-serving solution for Web sites — to run booby-trapped ads that serve malware and browser exploits across...
View ArticleFeds Arrest ‘Kurupt’ Carding Kingpin?
The Justice Department on Monday trumpeted the arrest of a Dutch man wanted for coordinating the theft of roughly 44,000 credit card numbers. The government hasn’t released many details about the...
View ArticleSpy Software Aims to Corral Money Mules
Borrowing from the playbook of corporations seeking better ways to track employee productivity, some cybercriminal gangs are investing in technologies that help them keep closer tabs on their most...
View ArticleCyberheist Smokescreen: Email, Phone, SMS Floods
It was early October 2011, and I was on the treadmill checking email from my phone when I noticed several hundred new messages had arrived since I last looked at my Gmail inbox just 20 minutes...
View ArticleDoItQuick: Fast Domains for Dirty Deeds
A new service offered in the cybercriminal underground is geared toward spammers, scammers and malware purveyors interested in mass-registering dozens of dodgy domains in one go. DoItQuick offers mass...
View ArticleTriple DDoS vs. KrebsOnSecurity
“When nobody hates you, nobody knows you’re alive.” – Diplomacy, by Chris Smither During the last week of July, a series of steadily escalating cyber attacks directed at my Web site and hosting...
View Article‘Booter Shells’ Turn Web Sites into Weapons
Hacked Web sites aren’t just used for hosting malware anymore. Increasingly, they are being retrofitted with tools that let miscreants harness the compromised site’s raw server power for attacks aimed...
View ArticleInside a ‘Reveton’ Ransomware Operation
The U.S Federal Bureau of Investigation is warning about an uptick in online extortion scams that impersonate the FBI and frighten people into paying fines to avoid prosecution for supposedly...
View ArticleDonkey Express: Mules Take Over the Mail
This blog has featured several stories on reshipping scams, which recruit willing or unwitting U.S. citizens (“mules”) to reship abroad pricey items that are paid for with stolen credit cards. Today’s...
View ArticleMicrosoft Disrupts ‘Nitol’ Botnet in Piracy Sweep
Microsoft said Thursday that it convinced a U.S. federal court to grant it control over a botnet believed to be closely linked to counterfeit versions Windows that were sold in various computer stores...
View ArticleID Theft Service Tied to Payday Loan Sites
A Web site that sells Social Security numbers, bank account information and other sensitive data on millions of Americans appears to be obtaining at least some of its records from a network of hacked...
View ArticleEspionage Hackers Target ‘Watering Hole’ Sites
Security experts are accustomed to direct attacks, but some of today’s more insidious incursions succeed in a roundabout way — by planting malware at sites deemed most likely to be visited by the...
View Article
More Pages to Explore .....