Clik here to view.
Collaboration Fuels Rapid Growth of Citadel Trojan
Late last month I wrote about Citadel, an “open source” version of the ZeuS Trojan whose defining feature is a social networking platform where users can report and fix programming bugs, suggest and...
View ArticleClik here to view.
Banking on Badb in the Underweb
Underground Web sites can be a useful barometer for the daily volume of criminal trade in goods like stolen credit card numbers and hijacked PayPal or eBay accounts. And if the current low prices at...
View ArticleClik here to view.
Hacked Inboxes Lead to Bank Fraud
Hacked and phished email accounts increasingly are serving as the staging grounds for bank fraud schemes targeting small businesses. The scams are decidedly low-tech and often result in losses of just...
View ArticleClik here to view.
Aghast at Avast’s iYogi Support
The makers of Avast antivirus software are warning users about a new scam involving phone calls from people posing as customer service reps for the company and requesting remote access to user...
View ArticleTwitter Bots Target Tibetan Protests
Twitter bots — zombie accounts that auto-follow and send junk tweets hawking questionable wares and services — can be an annoyance to anyone who has even a modest number of followers. But...
View ArticleClik here to view.
Microsoft Takes Down Dozens of Zeus, SpyEye Botnets
Microsoft today announced the execution of a carefully planned takedown of dozens of botnets powered by ZeuS and SpyEye — powerful banking Trojans that have helped thieves steal more than $100 million...
View ArticleClik here to view.
Researchers Clobber Khelios Spam Botnet
Experts from across the security industry collaborated this week to quarantine more than 110,000 Microsoft Windows PCs that were infected with the Khelios worm, a contagion that forces infected PCs to...
View ArticleClik here to view.
Service Automates Boobytrapping of Hacked Sites
Hardly a week goes by without news of some widespread compromise in which thousands of Web sites that share a common vulnerability are hacked and seeded with malware. Media coverage of these mass...
View ArticleClik here to view.
OpenX Promises Fix for Rogue Ads Bug
Hackers are actively exploiting a dangerous security vulnerability in OpenX — an online ad-serving solution for Web sites — to run booby-trapped ads that serve malware and browser exploits across...
View ArticleClik here to view.
Feds Arrest ‘Kurupt’ Carding Kingpin?
The Justice Department on Monday trumpeted the arrest of a Dutch man wanted for coordinating the theft of roughly 44,000 credit card numbers. The government hasn’t released many details about the...
View ArticleClik here to view.
Spy Software Aims to Corral Money Mules
Borrowing from the playbook of corporations seeking better ways to track employee productivity, some cybercriminal gangs are investing in technologies that help them keep closer tabs on their most...
View ArticleClik here to view.
Cyberheist Smokescreen: Email, Phone, SMS Floods
It was early October 2011, and I was on the treadmill checking email from my phone when I noticed several hundred new messages had arrived since I last looked at my Gmail inbox just 20 minutes...
View ArticleClik here to view.
DoItQuick: Fast Domains for Dirty Deeds
A new service offered in the cybercriminal underground is geared toward spammers, scammers and malware purveyors interested in mass-registering dozens of dodgy domains in one go. DoItQuick offers mass...
View ArticleClik here to view.
Triple DDoS vs. KrebsOnSecurity
“When nobody hates you, nobody knows you’re alive.” – Diplomacy, by Chris Smither During the last week of July, a series of steadily escalating cyber attacks directed at my Web site and hosting...
View ArticleClik here to view.
‘Booter Shells’ Turn Web Sites into Weapons
Hacked Web sites aren’t just used for hosting malware anymore. Increasingly, they are being retrofitted with tools that let miscreants harness the compromised site’s raw server power for attacks aimed...
View ArticleClik here to view.
Inside a ‘Reveton’ Ransomware Operation
The U.S Federal Bureau of Investigation is warning about an uptick in online extortion scams that impersonate the FBI and frighten people into paying fines to avoid prosecution for supposedly...
View ArticleClik here to view.
Donkey Express: Mules Take Over the Mail
This blog has featured several stories on reshipping scams, which recruit willing or unwitting U.S. citizens (“mules”) to reship abroad pricey items that are paid for with stolen credit cards. Today’s...
View ArticleClik here to view.
Microsoft Disrupts ‘Nitol’ Botnet in Piracy Sweep
Microsoft said Thursday that it convinced a U.S. federal court to grant it control over a botnet believed to be closely linked to counterfeit versions Windows that were sold in various computer stores...
View ArticleClik here to view.
ID Theft Service Tied to Payday Loan Sites
A Web site that sells Social Security numbers, bank account information and other sensitive data on millions of Americans appears to be obtaining at least some of its records from a network of hacked...
View ArticleClik here to view.
Espionage Hackers Target ‘Watering Hole’ Sites
Security experts are accustomed to direct attacks, but some of today’s more insidious incursions succeed in a roundabout way — by planting malware at sites deemed most likely to be visited by the...
View Article
