We recently found an interesting post in a Russian underground forum in the course of our research. People exchange information about their illegal activities in these kinds of forum. We found a user in the forum with the handle "sourcec0de" and ICQ number 291149 who currently offers root access to some of the cluster servers of MySQL.com and its subdomains.
The screenshot above shows that the seller appears to have a shell console window with root access to these servers. The price ...
Online threats and malware have been plaguing Internet users for more than 20 years now. While today's cybercsecurity headlines often refer to the latest data breaches, Facebook scams, and the 1410% increase in the Android malware volume, it is interesting to note that the tools cybercriminals use today are, in a sense, the BRAIN-child (pun intended) of two Pakistani brothers who ironically wanted to do good and to prevent software piracy. From the PC boom in the 1980s to the ...
Mass attack by "Soldier" ensnares major U.S. corporations in its net, steals US$3.2 million in six months, causes organizations and individuals to be vulnerable to future attacks; 90+ other countries hit by shrapnel.
For some time now, we've been investigating the operation of a certain cybercriminal—a young man in his early 20s who resides in Russia. During our investigation, we discovered that the attacker uses various criminal toolkits, including SpyEye and ZeuS for crimeware, as well as exploit kits such as ...
Trend Micro recently came across a botnet that turns an infected system into an involuntary Bitcoin miner. Bitcoin is a digital currency that uses peer-to-peer (P2P) networks to track and verify transactions. Bitcoins are generated by a free Bitcoin miner application.
The malware, detected as BKDR_BTMINE.MNR, installs the mining software in systems. It uses the system's resources to solve Bitcoin blocks in order to generate more Bitcoins.
A Bitcoin "block" is a complex cryptographic problem. Solving a block currently pays out 50 ...
With ZeuS's source code leakage, we expected more cybercriminals to craft their own HTTP-controlled bots based on ZeuS.
Last week, we started to see the first generation of modified ZeuS variants called Ice IX, based on the said source code. According to the seller's post on underground forums, one of Ice IX's main selling points is protection from trackers. Its configuration file cannot be downloaded and analyzed if the request is not from the bot as well although this was not ...
