Russian Underground Cybercrime market offering sophisticated services

Security firm Trend Micro recent analyses the Russian crimeware markets and has found that malware tools and services range from one-time packages which cost just pennies to sophisticated packages and services which cost purchasers thousands of dollars per month. If you want to buy a botnet it wi...

Researchers caught espionage malware mastermind on webcam

In march 2011 CERT-Georgia has Discovered Cyber Espionage Attack Incident on country of Georgia. Advanced Malicious Software was Collecting Sensitive, Confidential Information about Georgian and American Security Documents and then uploading it to some of Command and Control Servers. After a...

Operation High Roller Banked on Fast-Flux Botnet to Steal Millions

A fraud ring that attacked financial transfer systems in an attempt to get at wealthy high-end banking customers used a complicated web of malware and compromised servers in several countries to walk off with an estimated $78 million earlier this year. While the attacks targeted financial systems...

Nitol Infections Fall, But Malware Still Popping Up

When Microsoft went after the Nitol botnet in September, one of the key details in the investigation was the fact that much of the botnet was built by pre-loading malware onto laptops during the manufacturing process in China. This was the clearest case yet of the phenomenon of certified pre-owne...

vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities

Title: ====== vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities Date: ===== 2012-10-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=721 VL-ID: ===== 721 Common Vulnerability Scoring System: ==================================== 8.3 Introduction: =============...

DarkBot Malware Circulation very fast via Skype

Two weeks back we reported that Security firm Trend Micro discovered a worm targeting Skype users with spam messages designed to infect machines with the Dorkbot ransomware has been discovered. This malware is spreading through a question/ phrase sent to the users by someone and the question is:...

Microsoft Settles With Kelihos Botnet Defendant, Says He Didn't Run the Network

Microsoft on Friday said it has reached a settlement with a Russian programmer it named as a defendant in a lawsuit related to the operation of the notorious Kelihos botnet. The company said that it no longer believes Andrey N. Sabelnikov was the operator of the botnet, but was instead responsibl...

Citadel Trojan Updates with Dynamic Config Mechanism that Streamlines Fraud Activity

The elusive authors of the Citadel Trojan have released a new version of their banking botnet malware and service. The latest version, the sixth since it debuted in January and dubbed Rain, includes a dynamic configuration mechanism that allows botmasters to inject malicious content to compromise...

Nitol Botnet Shares Code with Other China-Based DDoS Malware

Microsoft has learned that much of the code used by the Nitol malware family is copied from free malware resources hosted on Chinese websites. Microsoft posted portions of the code online this week where similar lines used for denial of service attack functionality are present in Nitol and on the...

Virus conducting DDoS attack from infected systems

Russian anti-virus company Doctor Web is warning users about the malicious program which is helping attackers carry out mass spam mailings and allow attacker to use victim's PC as slave of his DDOS Army. According to researchers from the company they have discovered a Trojan "Trojan.Proxy.23012"...

vOlk Botnet Framework 4.0 XSS / SQL Injection

Title: ====== vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities Date: ===== 2012-10-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=721 VL-ID: ===== 721 Common Vulnerability Scoring System: ==================================== 8.3 Introduction: =============...

vOlk Botnet Framework 4.0 - Multiple Vulnerabilities

vOlk Botnet Framework 4.0 - Multiple Vulnerabilities Title: ====== vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities Date: ===== 2012-10-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=721 VL-ID: ===== 721 Common Vulnerability Scoring System:...

vOlk Botnet Framework 4.0 - Multiple Vulnerabilities

Title: ====== vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities Date: ===== 2012-10-09 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=721 VL-ID: ===== 721 Common Vulnerability Scoring System: ==================================== 8.3 Introduction: =============...

Russian Web proxy with backdoors, Distributing malware

Antivirus company Symantec has detected a malicious campaign in which hackers managed to deceive thousands of people allegedly signed by a paid proxy service. They expose that hundreds of thousands of users signing up for a cheap and supposedly legitimate proxy service have ended up downloading...

Zitmo Growing More Sophisticated, Prevalent in Android

From July to September this year, there’s been an uptick in Zitmo or Zeus-in-the-Mobile mobile banking malware according to research revealed this week by network security firm FortiGuard Labs. Researchers argue that iterations of the malware variant that have come to Blackberry and Android phone...

Microsoft Report Exposes Malware Families Attacking Supply Chain

Less than a month after the Nitol botnet takedown, Microsoft has released data casting more scrutiny of supply chain security. In its latest Security Intelligence Report SIR for the first half of 2012, Microsoft has connected the most prevalent malware families involved in supply chain compromise...

Dorkbot Now Worming Its Way through Skype

The Dorkbot worm that fooled many a Facebook and Twitter user is now socially engineering Skype users into downloading the malware, whose payload now includes a mechanism to lock down machines. Various antivirus and security companies are reporting the latest iteration rummages through an infecte...

Proxy Service a Front for Malware Distribution

Hundreds of thousands of users who signed up for an inexpensive proxy service called Proxybox.name got quite a steal alright. They ended up installing a Trojan horse linked to a botnet first detected last summer. Researchers at Symantec reverse engineered the Backdoor.Proxybox malware and unearth...

vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities

Document Title: =============== vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=721 Release Date: ============= 2012-10-08 Vulnerability Laboratory ID VL-ID: ==================================== 7...

Hackers disrupt Interpol website against Anti-Islam film

A hacker group "Kosova Hacker's Security" based in the Middle East take down Interpol website yesterday. According to claim of Hackers, they are doing this cyber attack on a law enforcement agency to show their protest against the controversial Anti-Islam film, Innocence of Muslims. According to...