19 matches found
TrickBot Banking Trojan Adds New Browser Manipulation Tools
The TrickBot banking Trojan, a close relative to Dyre, has a growing target list and new browser manipulation techniques, experts at IBM X-Force said. “We expect to see it amplify infection campaigns and fraud attacks, sharpen its aim on business and corporate accounts,” wrote Limor Kessem,...
New Pushdo Malware Hacks 11,000 Computers in Just 24 Hours
One of the oldest active malware families, Pushdo, is again making its way onto the Internet and has recently infected more than 11,000 computers in just 24 hours. Pushdo, a multipurpose Trojan, is primarily known for delivering financial malware such as ZeuS and SpyEye onto infected computers or...
Shylock/Caphaw Banking Malware Infections on the Rise
Two dozen major U.S. and European banks are in the crosshairs of the Shylock, or Caphaw, financial malware of late, and victims who trade with one of the 24 financial institutions are at risk of giving up their credentials and losing assets in their accounts. Malware researchers have noticed a ri...
Peer-to-Peer Botnet Takedowns a Challenge
The FBI, Justice Department and technology companies have had success shutting down botnets that rely on a centralized infrastructure and command and control servers to communicate with bots, steal data or send malicious commands. Peer-to-peer botnets, however, have proven more difficult to take...
PushDo Malware DGA Now Generates .KZ Domains
For every punch a hacker throws, there is a counter from a security company, and then, inevitably, the hacker adjusts again. That’s what’s happening right now with the PushDo malware. This week, Dell SecureWorks, Damballa Lab and Georgia Tech University combined on a research report exposing the...
PushDo Malware Returns with Domain Generation Algorithm
Four times since 2008, authorities and technology companies have taken the prolific PushDo malware and Cutwail spam botnet offline. Yet much like the Energizer Bunny, it keeps coming back for more. In early March, researchers at Damballa discovered a new version of the malware that had adopted a...
Pushdo/Cutwail: August, 2010
One of the world’s most prolific botnets and a leading source of spam, denial of service attacks and malware, Pushdo was brought down by researchers at the security firm Last Line of Defense, who worked with hosting providers to seize 30 command-and-control servers involved in the botnet...
Rustock Botnet: Dead Or Just Reloading?
Reports indicate that the massive drop in spam levels are linked to the sudden disappearance of the Rustock botnet. However, recent history suggests the interruption may only be temporary. Spamhaus’s Composite Spam Blocklist CBL claims that dozens of Rustock’s internet servers, which for years ha...
New Analysis Shows Pushdo Botnet Sent Trillions of Spam Emails, Generated Millions in Profits
A new, detailed analysis of the operations of the infamous Cutwail/Pushdo botnet shows that the network, which had been he target of several takedown attempts in the last couple of years, is not only amazingly resilient, but also is incredibly prolific, with one section of the botnet sending more...
Bredolab Botnet Crackdown Could Have Wide Impact
A Dutch cyber crime unit has disrupted the operation of the Bredolab botnet and arrested an Armenian man believed to be the operator of the global malware distribution hub. In a statement on Monday, the Dutch Public Ministry said that the country’s High Tech Crime Team THTC, working in cooperatio...
U.S. Reigns As Most Bot-Infected Country
The U.S. has by far the highest number of bot-infected computers of any country in the world, with nearly four times as many infected PCs as the country in second place, Brazil, according to a new report by Microsoft. The quarterly report on malicious software and Internet attacks shows that whil...
Spam Volume Is Way Down…But Why?
The volume of spam e-mail is down…way down. That’s the good news. But experts aren’t exactly sure what’s caused the precipitous drop in spam e-mail or how long it will last. As Brian Krebs reports on his blog, mail security firm M86 is seeing a 40% decline in spam volume since the beginning of...
Some Pushdo Variants Resuming Spam Operations
A few days after the majority of the command-and-control servers belonging to one of the variants of the Pushdo botnet were taken offline, some researchers say that there are indications that portions of the botnet are back to their old tricks, downloading new spam templates for a resumption of...
Researchers Cripple Pushdo Botnet
Researchers have made a huge dent in a major variant of the Pushdo botnet, virtually crippling the network by working with hosting providers to take down about two thirds of the command-and-control servers involved in the botnet. Pushdo for years has been one of the major producers of spam and...
MS Live CAPTCHAS Busted by PushDo Botnet
The prolific Pushdo spam botnet has found a new way to penetrate Microsoft’s Live.com by exploiting weaknesses in the audio captchas designed to prevent automated scripts from accessing the popular email service. Read the full article. The Register...
Pushdo Denial of Service Attack
Pushdo is an advanced downloader which will first infect the system and then download a spam module titled Cutwail and a third party malware. Several reasons account for Pushdo's ability to go undetected: - Pushdo is responsible for a huge amount of spam activity and is also primary vehicle for...
Pushdo Botnet Making the Rounds
More than 300 Web sites are being pestered by infected computers that are part of the Pushdo botnet, according to security researchers. Read the full article. Security Central...
Infiltrating the Pushdo Botnet
It’s very rare that we researchers get a chance to explore the inner workings of a botnet command and control server. Detailed insight into the botnet server or command component can give us valuable information about the motives of the botnet and possibly the bad guys behind it. But granting...
Outlook Web Access Attack Using Pushdo Botnet
Here are some technical details on the Outlook Web Access phishing scheme. 1. The Spam According to our preliminary research, the spam emails which attacked OWA users, including Kaspersky, were sent using the pushdo botnet – which is based on malware from the Backdoor.Win32.NewRes family. These...