Microsoft Takes Down Kelihos Botnet

Continuing its legal assault on botnet operators and the hosting companies that the criminals use for their activities, Microsoft has announced new actions against a group of people it contends are responsible for the operation of the Kelihos botnet. The company has also helped to take down the...

Mac trojan poses as PDF to open botnet backdoor

Mac trojan poses as PDF to open botnet backdoor There's another Mac OS X Trojan out in the wild, and it might be heading your way.If you open the file, which could appear as an emailed attachment or as a Web link, the document, written in traditional Chinese ideograms, does indeed display. But a...

Mac trojan poses as PDF to open botnet backdoor

Mac trojan poses as PDF to open botnet backdoor There's another Mac OS X Trojan out in the wild, and it might be heading your way.If you open the file, which could appear as an emailed attachment or as a Web link, the document, written in traditional Chinese ideograms, does indeed display. But a...

New Aldi Botnet Aims to Be "People's Bot" for Under $10

A new, exceptionally cheap botnet builder has surfaced called Aldi Bot and is for sale online for as little as US $8. Aldi Bot first appeared in August and is named after the popular supermarket chain, according to a post this week on GData’s SecurityBlog. Its authors initially offered it for €10...

Aldi Bot - Buy a Botnet just in 10 Euros

Aldi Bot - Buy a Botnet just in 10 Euros Researchers of German security firm G Data have discovered that a bot builder dubbed "Aldi Bot" is currently being offered for that much on underground forums. The Aldi Bot Builder appears to be based on the ZeuS source code. The malware has nothing to do...

Aldi Bot - Buy a Botnet just in 10 Euros

Aldi Bot - Buy a Botnet just in 10 Euros Researchers of German security firm G Data have discovered that a bot builder dubbed "Aldi Bot" is currently being offered for that much on underground forums. The Aldi Bot Builder appears to be based on the ZeuS source code. The malware has nothing to do...

German Web-Servers HTTP Flooding DDoS

A Distributed Denial of Service DDoS threat by a Bitcoin Mining botnet has been reported...

Vulnerability Discovered in SpyEye Botnet, Exploit Available for Download

Vulnerability Discovered in SpyEye Botnet, Exploit Available for Download Blind SQL injection Vulnerability Discovered in SpyEye Botnet by S4uR4 r00tw0rm.com Exploit : Vulnn type : Blind SQL injection vuln script : frmcardsedit.php Affected version : ALL May use any botnet from : What is SpyEye ?...

Vulnerability Discovered in SpyEye Botnet, Exploit Available for Download

Vulnerability Discovered in SpyEye Botnet , Exploit Available for Download Blind SQL injection Vulnerability Discovered in SpyEye Botnet by S4uR4 r00tw0rm.com Exploit : Vulnn type : Blind SQL injection vuln script : frmcardsedit.php Affected version : ALL May use any botnet from...

Ice IX: Not Cool At All

My colleague Jorge Mieres recently found a C&C server of a botnet based on a malicious program called Ice IX. As announced on several user forums, Ice IX is a bot created using the source code of ZeuS 2.0.8.9, which became publicly available in May. The author of the new bot says the program...

BitCoin Forum Hacked, Injected With Bill Cosby Images

A hacker compromised a digital currency forum, bitcointalk.org, stealing email addresses and hashed passwords, reading messages, and, of all things, peppering the site with images Bill Cosby, according to a report from SC Magazine. The report claims that the attacker gained root access and starte...

HTTP DDoS Attacks Still Reign Supreme

Despite the media’s love-affair with Anonymous style cyber-anarchy and vigilante-hacktivism, the vast majority of DDoS attacks are carried out by criminals seeking financial gain, not activists, according to a new research report. The top four targets of DDoS attacks in the second quarter were...

Android Malware Increasing, AutoRun Attacks Still Prevalent

The recent trend of attackers focusing their attention on mobile platforms such as Android, Symbian and iOs is continuing to accelerate, researchers say, and the threats to smartphones are becoming more and more sophisticated and dangerous. Android is becoming the focus of much of the attention...

Cyber war against Israel have taken very dangerous turn

Cyber war against Israel have taken very dangerous turn The Cyber war between Egypt and Israel have taken very dangerous turn by setting normal internet users as target for botnet attacks. Since week ago some Egyptian hackers attacked so many Israeli's gov communities and organizations on the...

Cyber war against Israel have taken very dangerous turn

Cyber war against Israel have taken very dangerous turn The Cyber war between Egypt and Israel have taken very dangerous turn by setting normal internet users as target for botnet attacks. Since week ago some Egyptian hackers attacked so many Israeli's gov communities and organizations on the...

Ice IX, the First Crimeware Based on the Leaked ZeuS Sources

After rumors about the supposed merger between SpyEye and ZeuS, and the public release of the source of the latter, it was logical that the range of possibilities opened up even more for new cybercriminals into the ecosystem of crimeware. Consistent with this, it was only a matter of time for the...

A Miner Botnet: Bitcoin Mining Goes Peer-to-Peer

Identifying a botnet is not an easy task sometimes, especially when one gets lost in different components like droppers, infectors and other bad stuff. Some two weeks ago, Jose Nazario from Arbor Networks pointed me to a new varmint that appears to be another peer-to-peer bot. When executed, the...

Malicious Spam Spikes to 'Epic' Level

There has been a huge spike in spam volume in the last few days, including a massive amount of malicious spam with infected attachments, and researchers say that levels of junk mail are now far higher than they were before the takedown of the notorious Spamit affiliate program last fall. Research...

VSploit Mariposa DNS Query Module

This module queries known Mariposa Botnet DNS records. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VSploit Mariposa DNS Query Module', 'Description' = 'This module queries known Mariposa...

VSploit Zeus DNS Query Module

This module queries known Zeus Botnet DNS records. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VSploit Zeus DNS Query Module', 'Description' = 'This module queries known Zeus Botnet DNS...