Tor Anonymizing network overload caused by Mevade Botnet

Recently, Tor Project Director - Roger Dingledine described a sudden increase in Tor users on the Tor Network after the events related to disclosure of the PRISM surveillance program, Since August 19, 2013, there has been an impressive growth in the number of Tor users. At first, No one knew who ...

Malvertising Campaign Redirects to Blackhole Exploit Kit

Online ad networks have proven efficient tools in spreading malware to a large number of sites simultaneously. Attackers who manage to spike an ad distribution service can potentially have millions of eyeballs on a malicious ad for a fraction of the cost it would take to buy or build spam lists,...

Huge Botnet Found Using Tor Network for Communications

In the wake of the revelations surrounding the NSA’s domestic surveillance and intelligence-gathering operations, security experts said there would likely be a natural uptick in the usage of privacy focused tools such as Tor, PGP and other encryption services. In the case of Tor, there has been...

Obad Trojan First to Spread Via Mobile Botnet

The keepers of the mobile Obad Trojan realize the window of opportunity they have to spread the malware on Android devices may be closing since the vulnerability the Trojan exploits has been patched in Android 4.3. That could explain why Kaspersky Lab researchers have spotted a recent spike in...

Kelihos P2P Botnet Leveraging Composite Blocking Lists

Kelihos, the peer-to-peer botnet with nine lives, keeps popping up with new capabilities that enable it to sustain itself and make money for its keepers by pushing spam, harvesting credentials and even stealing Bitcoins. According to a number of sources, Kelihos is now leveraging legitimate and...

China hit by massive DDoS attack causing the Internet inaccessibility for hours

During the weekend China's Internet was taken down by a powerful distributed denial of service DDoS attack on the .cn domain slowed and blocked Internet access inaccessibility for hours. Security expert clarified that China could have been perpetrated by sophisticated hackers or by a single...

DirtJumper Variant Drive Now Includes Mitigation Bypass

Drive, a variant of the do-it-yourself DDoS toolkit DirtJumper, holds a unique position among malware that organizations targeted by these debilitating attacks need to be aware of. Researchers at Arbor Networks revealed today that a new version of Drive has been spotted with features that enable ...

Bitbot (C2 Web Panel) - gate2.php Multiple Vulnerabilities

Bitbot C2 Web Panel - gate2.php Multiple Vulnerabilities Exploit Title: Bitbot C2 Panel gate2.php SQLi + XSS Date: 08/19/2013 Exploit Author: Brian Wallace bwall aka @botnethunter Software Link: https://sourceforge.net/p/flippingbitbot/wiki/Home/ Vulnerable Virtual Machine including Bitbot Tested...

Bitbot (C2 Web Panel) - 'gate2.php' Multiple Vulnerabilities

Exploit Title: Bitbot C2 Panel gate2.php SQLi + XSS Date: 08/19/2013 Exploit Author: Brian Wallace bwall aka @botnethunter Software Link: https://sourceforge.net/p/flippingbitbot/wiki/Home/ Vulnerable Virtual Machine including Bitbot Tested on: Debian/Ubuntu from StringIO import StringIO import...

New Jigsaw Hacking Tool Spotted in Attacks

If you’ve run an internal phishing exercise, chances are you may have used Jigsaw, an open source penetration testing tool that enables security teams to automatically generate email address combinations from a minimal amount of public information. As with other open source security and networkin...

Joomla Patches Blackhole Zero Day Vulnerability

Attackers have been abusing websites for months that are hosted on Joomla, WordPress and other content management platforms. One gaping vulnerability can open the door for a cybercrime group, for example, to build a formidable botnet, or lure victims to malware that can cash out a bank account or...

New Attack Leverages Mobile Ad Network to Deliver Android Malware

Ad networks have been a key component of the malware and cybercrime ecosystem for a long time and their role is becoming more and more complicated, as researchers from WhiteHat Security showed at Black Hat recently. That problem is now moving to the mobile Web, and researchers at Palo Alto Networ...

New Botnet Campaign 'Fort Disco' Brute-Forcing Thousands of WordPress, Joomla Websites

Password theft has been a growing problem within the security community. Researchers at Arbor Networks have uncovered a botnet called Fort Disco that was used to compromise more than 6000 websites based on popular CMSs such as WordPress, Joomla and Datalife Engine. The Fort Disco botnet is...

New Botnet Campaign 'Fort Disco' Brute-Forcing Thousands of WordPress, Joomla Websites

Password theft has been a growing problem within the security community. Researchers at Arbor Networks have uncovered a botnet called Fort Disco that was used to compromise more than 6000 websites based on popular CMSs such as WordPress, Joomla and Datalife Engine. The Fort Disco botnet is...

Russian Cyber Criminals selling hacked websites access in Underground stores

Underground sites more commonly offer access to networks of compromised machines or stolen credit card information. Webroot has uncovered a criminal underground store dedicated to selling access to more than tens of thousands of hacked legitimate websites. Their customers can buy an administrator...

Microsoft: 88 Percent of Citadel Botnets Down

Nearly two months after the company was part of an operation to disrupt a large number of Citadel botnets, Microsoft said that 88 percent of the botnets spawned by that malware have been taken down. Citadel is a Trojan designed specifically to steal financial information from a variety of sources...

Fake FBI Ransomware Targeting OS X Users

The Federal Bureau of Investigation issued an alert yesterday warning users about a strain of ransomware purporting to come from the FBI that is targeting Mac OS X machines. This time, the ransomware isn’t malware at all, but a website that uses JavaScript to load numerous iframes. The webpage...

Malicious Pinterest browser plugin stealing passwords and spreading spam

Social networking sites are unfortunately now major interest to malicious cyber criminals, spreading malware and building botnet army to steal money direct from your keyboards. Janne Ahlberg, a security professional from Finland found and analysed an interesting piece of malicious code, offered a...

Malicious Pinterest browser plugin stealing passwords and spreading spam

Social networking sites are unfortunately now major interest to malicious cyber criminals, spreading malware and building botnet army to steal money direct from your keyboards. Janne Ahlberg, a security professional from Finland found and analysed an interesting piece of malicious code, offered a...

Android vulnerability allows hackers to modify apps without breaking signatures

Almost all Android handsets are vulnerable to a flaw that could allow hackers to seize control of a device to make calls, send texts, or build a mobile botnet, has been uncovered by Bluebox Security .i.e almost 900 million Android devices globally. Or simply, The Flaw allow hackers to modify any...