Mass attack by "Soldier" ensnares major U.S. corporations in its net, steals US$3.2 million in six months, causes organizations and individuals to be vulnerable to future attacks; 90+ other countries hit by shrapnel.
For some time now, we've been investigating the operation of a certain cybercriminal—a young man in his early 20s who resides in Russia. During our investigation, we discovered that the attacker uses various criminal toolkits, including SpyEye and ZeuS for crimeware, as well as exploit kits such as ...
Hurricane Irene surely turned New York City into the "city that never sleeps," as it brought floodwaters, knocked out power for more than 4 million people, and was even responsible for at least 15 deaths in six states.
What's worse is that cybercriminals are taking advantage of the incident by spamming a fake video on Facebook.
The page, which contains the alarming title "VIDEO SHOCK – Hurricane Irene New York kills All," displays a clickable image of a fake video player.
The text ...
We were recently able to analyze a certain attack that compromised numerous e-commerce websites in order to steal credit card information from potential customers.
The affected websites were found using osCommerce, an open source e-commerce solution that allows users to easily manage their online shops.
Based on our analysis, more than 90,000 pages were compromised. The attackers inserted an iframe that leads to certain URLs in each of these sites, triggering several redirections. The redirections finally lead to an exploit kit that ...
We encountered another LICAT variant that is spreading via fake Internal Revenue Service (IRS) spam to people from specific organizations, including Trend Micro. As you may recall, LICAT is known for using the dynamic domain generation algorithm (DGA) technique.
The spammed message informs recipients about a certain issue with regard to their tax payments. It contains a link that supposedly leads to the recipients' tax reviews. Once users click the link, they will be prompted to download an executable file, which, when ...
As announced on July 19, 2011, Google started delivering a service that warns users of possible malware infection.
According to Google's blog article, an investigation was started after observing abnormal traffic coming to its site while performing regular maintenance. The investigation revealed that the abnormal traffic came from PCs that have been infected by a particular malware. The number of infected PCs has been reported to be a few million.
As a result of Google's own investigation, it was found that the ...
