51 matches found
Threat Roundup for May 19 to May 26
Today, Talos is publishing a glimpse into the most prevalent threats weve observed between May 19 and May 26. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...
Top Zeus Botnet Suspect “Tank” Arrested in Geneva
Vyacheslav "Tank" Penchukov, the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources. Wanted Ukrainian...
The life and death of the ZeuS Trojan
Whether youve read up on Greek mythology or youre simply a big fan of Marvel comics, the name "Zeus" should be familiar to you. In the context of cybercrime though, ZeuS aka the Zbot Trojan is a once-prolific malware that could easily be described as one of a handful of information stealers ahead...
Hacker Wanted in the U.S. for Spreading Gozi Virus Arrested in Colombia
Colombian authorities on Wednesday said they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012. Mihai Ionut Paunescu aka "Virus", the individual in question, was detained at the El Dorado airport in...
Attackers Peddling Malware Through CareerBuilder
Attackers have recently taken to the job-search website CareerBuilder to spread Microsoft Word documents that appear to be job hopefuls’ resumes, but in reality, are laden with malware. Researchers at the firm Proofpoint discovered the campaign and discussed their findings in a blog post. In the...
'Real Footage of Malaysian Flight MH 17 Shot Down' Facebook Spam Spreads Malware
A distasteful trend among the cyber crooks have began these days that they left no occasion, either good or bad, to snatch users’ financial information in order to make money as well as spread malware to victimize users. The tragedy of the crashed Malaysia Airlines flight MH17 is no exception for...
Versatility of Zeus Framework Encourages Criminal Innovation
A new report on the Zeus trojan’s evolution shows that the malware was moved from harvesting online banking credentials to controlling botnets and launching distributed denial of service attacks attributes the evolution to the highly customized and incredibly versatile framework Zeus is today...
Phishing Campaign Sending Dropbox Links to Zeus Downloads
With more enterprises sharing documents through Dropbox, the free online storage service is popping up in more spam and phishing scams. The latest doesn’t necessarily target data stored by individuals and companies on Dropbox, but instead preys on the trust users have in the service. Researchers ...
ZeuS Botnet Updating Infected Systems with Rootkit-Equipped Trojan
ZeuS, or Zbot is one of the oldest families of financial malware, it is a Trojan horse capable to carry out various malicious and criminal tasks and is often used to steal banking information. It is distributed to a wide audience, primarily through infected web pages, spam campaigns and drive-by...
Gameover ZeuS Trojan Targets Users of Monster.com Employment Portal
Zeus Trojan is one of the most popular families of Banking Trojan, which was also used in a targeted malware campaign against a Salesforce.com customer at the end of the last month and researchers found that the new variant of Zeus Trojan has web crawling capabilities that are used to grab...
Microsoft, Kaspersky Shed Light on Sefnit Tor Botnet
Alarm bells went off last August when spikes in Tor client downloads were traced to a large click-fraud and Bitcoin-mining botnet called Sefnit. The malware was using the popular anonymity network to communicate with hackers in order to transmit stolen data and receive additional commands. In...
ZeuS Trojan variant Targets Salesforce accounts and SaaS Applications
Zeus, a financially aimed Banking Trojan that comes in many different forms and flavors, is capable to steal users' online-banking credentials once installed. This time, an infamous Zeus Trojan has turned out to be a more sophisticated piece of malware that uses web-crawling action. Instead of...
Gameover Malware, variant of ZeuS Trojan uses Encryption to Bypass Detection
The year begins with the number of new variants of malware that were discovered by various security researchers. The new variants are more complex, sophisticated and mostly undetectable. Two years back in 2012, the FBI warned us about the ‘GameOver’ banking Trojan, a variant of Zeus financial...
SpyEye creator pleads guilty in U.S Federal Court
Aleksandr Andreevich Panin, one of the alleged masterminds behind the notorious SpyEye banking trojan, pleaded guilty in an Atlanta courtroom yesterday to conspiracy charges relating to the development and distribution of the the malware. Panin pleaded guilty to conspiring to commit wire and bank...
Joomla Patches Blackhole Zero Day Vulnerability
Attackers have been abusing websites for months that are hosted on Joomla, WordPress and other content management platforms. One gaping vulnerability can open the door for a cybercrime group, for example, to build a formidable botnet, or lure victims to malware that can cash out a bank account or...
Malware Evasion Techniques Dissected at Black Hat
Malware ingenuity isn’t limited to its functionality or its ability to propagate. Sometimes malicious code has to have guile to survive. That means for the most part having an innate understanding of when it’s being analyzed by a security expert. Numerous samples from different malware families...
CareerBuilder man in the browser attack
No one can say that hackers don’t have a sense of irony. In search of money mules, attackers behind a variant of the Zeus Trojan have configured the malware to activate when users visit careerbuilder.com with code that redirects victims to an advertisement for a mule-recruitment website...
Beta Bot Trojan Emerges as New Type of Banking Malware
A new strain of banking malware, Beta Bot, has been refined over the last few months to target ecommerce and comes complete with an array of features to help prevent it from being caught by usual security measures. According to research conducted by RSA Security’s Limor Kessem, the bot started ou...
Customized Zeus Trojan Crimeware Marketed Over Facebook
The secrecy of underground forums where financial malware and crimeware kits are traded is well guarded, to the point that few are able to penetrate them without some kind of internal sponsor. Here, criminals value their privacy as much as those from whom they steal. That’s what makes a recent...
Ramnit Malware Back and Better at Avoiding Detection
The Ramnit malware family has been given a facelift with new anti-detection capabilities, a troubleshooting module, as well as enhanced encryption and malicious payloads. Tim Liu of the Microsoft Malware Protection Center said Ramnet resurfaced late last year and its keepers had stripped out all ...