Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    February 2013
    S M T W T F S
    « Jan   Mar »
     12
    3456789
    10111213141516
    17181920212223
    2425262728  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for February 11th, 2013



    Feb11
    11:35 pm (UTC-7)   |    by

    2013 has seen some significant changes in the way that attackers use the Blackhole exploit kit in spam attacks. To understand what these changes are, however, let us first go into what Blackhole did in late 2012.

    Last year, the majority of URLs found in Blackhole-related phishing messages had the following format:

    • http://{compromised or abused site}/{eight-digit code}/index.html

    For example, a spam run in November contained a link to the website at:

    • http://{domain #1}/Pz1Fa7u/index.html

    Users were redirected by the above link to two URLs:

    • http://{domain #2}/9WFM1cgc/js.js
    • http://{domain #3}/0s3FmfEC/js.js

    Both of these URLs were hosted on compromised sites. While the webhosting account of domain #2 was suspended, the redundancy of using two redirection pages allowed the attack to continue. The URL at domain #3 led to the malicious landing page, which was located at:

    • http://{malicious site}/links/created_danger.php

    It’s not unusual for multiple redirection pages to lead to a single malicious URL. Frequently, even different spam runs will lead to the same malicious landing page.

    Read the rest of this entry »

     



    With today’s robust technology, it is now possible for users to remotely control their home devices via the Internet. However, as this technology gains a foothold, cybercrime is not far behind.

    In our 2013 Security Predictions, our Chief Technology Officer (CTO) Raimund Genes predicted that with digital technology becoming more integrated in our lives, we may be seeing threats in unlikely places. In particular, as more home devices and appliances are designed to access the Internet, they can become new venues for unexpected threats.

    In my recent post, I mentioned that the bulk of research initiated on Internet-enabled devices has been on identifying vulnerabilities. Though done to provide better security for end users, the flip side is we’re seeing novel ways to steal information and money. This is an alarming prospect, as majority of these home gadgets have basic IP configuration with limited security options. What’s more, most end users are unaware of these devices’ vulnerability.

    Read the rest of this entry »

     
    Posted in Vulnerabilities | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice