Lucene search
K

19 matches found

ThreatPost
ThreatPost
added 2016/11/08 5:16 p.m.10 views

TrickBot Banking Trojan Adds New Browser Manipulation Tools

The TrickBot banking Trojan, a close relative to Dyre, has a growing target list and new browser manipulation techniques, experts at IBM X-Force said. “We expect to see it amplify infection campaigns and fraud attacks, sharpen its aim on business and corporate accounts,” wrote Limor Kessem,...

0.1AI score
Exploits0References5
The Hacker News
The Hacker News
added 2014/07/17 6:4 a.m.10 views

New Pushdo Malware Hacks 11,000 Computers in Just 24 Hours

One of the oldest active malware families, Pushdo, is again making its way onto the Internet and has recently infected more than 11,000 computers in just 24 hours. Pushdo, a multipurpose Trojan, is primarily known for delivering financial malware such as ZeuS and SpyEye onto infected computers or...

7AI score
Exploits0
ThreatPost
ThreatPost
added 2013/09/18 3:23 p.m.14 views

Shylock/Caphaw Banking Malware Infections on the Rise

Two dozen major U.S. and European banks are in the crosshairs of the Shylock, or Caphaw, financial malware of late, and victims who trade with one of the 24 financial institutions are at risk of giving up their credentials and losing assets in their accounts. Malware researchers have noticed a ri...

1AI score
Exploits0
ThreatPost
ThreatPost
added 2013/05/31 2:15 p.m.29 views

Peer-to-Peer Botnet Takedowns a Challenge

The FBI, Justice Department and technology companies have had success shutting down botnets that rely on a centralized infrastructure and command and control servers to communicate with bots, steal data or send malicious commands. Peer-to-peer botnets, however, have proven more difficult to take...

0.2AI score
Exploits0References4
ThreatPost
ThreatPost
added 2013/05/17 12:25 p.m.13 views

PushDo Malware DGA Now Generates .KZ Domains

For every punch a hacker throws, there is a counter from a security company, and then, inevitably, the hacker adjusts again. That’s what’s happening right now with the PushDo malware. This week, Dell SecureWorks, Damballa Lab and Georgia Tech University combined on a research report exposing the...

7.5AI score
Exploits0References3
ThreatPost
ThreatPost
added 2013/05/15 4:6 p.m.12 views

PushDo Malware Returns with Domain Generation Algorithm

Four times since 2008, authorities and technology companies have taken the prolific PushDo malware and Cutwail spam botnet offline. Yet much like the Energizer Bunny, it keeps coming back for more. In early March, researchers at Damballa discovered a new version of the malware that had adopted a...

0.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2011/04/04 8:32 p.m.13 views

Pushdo/Cutwail: August, 2010

One of the world’s most prolific botnets and a leading source of spam, denial of service attacks and malware, Pushdo was brought down by researchers at the security firm Last Line of Defense, who worked with hosting providers to seize 30 command-and-control servers involved in the botnet...

1.4AI score
Exploits0References3
ThreatPost
ThreatPost
added 2011/03/17 4:8 p.m.8 views

Rustock Botnet: Dead Or Just Reloading?

Reports indicate that the massive drop in spam levels are linked to the sudden disappearance of the Rustock botnet. However, recent history suggests the interruption may only be temporary. Spamhaus’s Composite Spam Blocklist CBL claims that dozens of Rustock’s internet servers, which for years ha...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2011/03/16 1:20 a.m.23 views

New Analysis Shows Pushdo Botnet Sent Trillions of Spam Emails, Generated Millions in Profits

A new, detailed analysis of the operations of the infamous Cutwail/Pushdo botnet shows that the network, which had been he target of several takedown attempts in the last couple of years, is not only amazingly resilient, but also is incredibly prolific, with one section of the botnet sending more...

6.5AI score
Exploits0References4
ThreatPost
ThreatPost
added 2010/10/26 5:47 p.m.9 views

Bredolab Botnet Crackdown Could Have Wide Impact

A Dutch cyber crime unit has disrupted the operation of the Bredolab botnet and arrested an Armenian man believed to be the operator of the global malware distribution hub. In a statement on Monday, the Dutch Public Ministry said that the country’s High Tech Crime Team THTC, working in cooperatio...

7.4AI score
Exploits0References6
ThreatPost
ThreatPost
added 2010/10/13 4:7 p.m.86 views

U.S. Reigns As Most Bot-Infected Country

The U.S. has by far the highest number of bot-infected computers of any country in the world, with nearly four times as many infected PCs as the country in second place, Brazil, according to a new report by Microsoft. The quarterly report on malicious software and Internet attacks shows that whil...

9.3CVSS0.6AI score0.99945EPSS
Exploits33References3
ThreatPost
ThreatPost
added 2010/10/05 2:56 p.m.14 views

Spam Volume Is Way Down…But Why?

The volume of spam e-mail is down…way down. That’s the good news. But experts aren’t exactly sure what’s caused the precipitous drop in spam e-mail or how long it will last. As Brian Krebs reports on his blog, mail security firm M86 is seeing a 40% decline in spam volume since the beginning of...

0.9AI score
Exploits0References4
ThreatPost
ThreatPost
added 2010/08/30 3:19 p.m.8 views

Some Pushdo Variants Resuming Spam Operations

A few days after the majority of the command-and-control servers belonging to one of the variants of the Pushdo botnet were taken offline, some researchers say that there are indications that portions of the botnet are back to their old tricks, downloading new spam templates for a resumption of...

0.6AI score
Exploits0References3
ThreatPost
ThreatPost
added 2010/08/27 3:48 p.m.8 views

Researchers Cripple Pushdo Botnet

Researchers have made a huge dent in a major variant of the Pushdo botnet, virtually crippling the network by working with hosting providers to take down about two thirds of the command-and-control servers involved in the botnet. Pushdo for years has been one of the major producers of spam and...

0.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2010/03/22 8:44 p.m.12 views

MS Live CAPTCHAS Busted by PushDo Botnet

The prolific Pushdo spam botnet has found a new way to penetrate Microsoft’s Live.com by exploiting weaknesses in the audio captchas designed to prevent automated scripts from accessing the popular email service. Read the full article. The Register...

1AI score
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2010/02/18 12:0 a.m.3 views

Pushdo Denial of Service Attack

Pushdo is an advanced downloader which will first infect the system and then download a spam module titled Cutwail and a third party malware. Several reasons account for Pushdo's ability to go undetected: - Pushdo is responsible for a huge amount of spam activity and is also primary vehicle for...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2010/02/01 5:58 p.m.13 views

Pushdo Botnet Making the Rounds

More than 300 Web sites are being pestered by infected computers that are part of the Pushdo botnet, according to security researchers. Read the full article. Security Central...

2.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2010/01/22 3:23 p.m.11 views

Infiltrating the Pushdo Botnet

It’s very rare that we researchers get a chance to explore the inner workings of a botnet command and control server. Detailed insight into the botnet server or command component can give us valuable information about the motives of the botnet and possibly the bad guys behind it. But granting...

7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2009/10/16 2:29 p.m.13 views

Outlook Web Access Attack Using Pushdo Botnet

Here are some technical details on the Outlook Web Access phishing scheme. 1. The Spam According to our preliminary research, the spam emails which attacked OWA users, including Kaspersky, were sent using the pushdo botnet – which is based on malware from the Backdoor.Win32.NewRes family. These...

2.1AI score
Exploits0References2
Rows per page
Query Builder