Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    April 2014
    S M T W T F S
    « Mar    
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Bad Sites’ Category




    CryptoLocker and other such ransomware threats have been a significant problem for some time now, but recently we've seen a new addition to the ransomware scene. This new threat, which calls itself BitCrypt, adds a unique angle to ransomware: it steals funds from various cryptocurrency wallets as well. We have identified two distinct variants of this threat. The first variant, TROJ_CRIBIT.A, appends ".bitcrypt" to any encrypted files and uses an English-only ransom note. The second variant, TROJ_CRIBIT.B, appends ".bitcrypt 2" and ...




    On several underground forums, a cybercriminal named gripper is selling ATM skimmers and fake POS terminals, and is making some very bold claims doing so: Figure 1. Underground advertisement. The cybercriminal claims that he can mass-produce VeriFone VerixV point-of-sale (PoS) devices. (Verifone is a US-based provider of POS terminals.) Some specific VeriFone products such as the Vx510, the Vx670, and the Vx810 Duet are specifically mentioned. These rogue terminals can be used in a store to steal the credit card information of customers; the stolen ...

    Posted in Bad Sites |



    We recently came across this particular post in an underground forum: Figure 1. Underground forum post This particular post in Russian was advertising a new product, known as "BlackOS". Contrary to the name, it is not an operating system. However, it is definitely "black", or malicious: it is used to manage and redirect Internet traffic from malicious/compromised websites to other malicious sites. These types of products are not new in underground communities - for example, Brian Krebs talked about the similar iFrameservice.net site ...

    Posted in Bad Sites, Malware |



    As more countries join in the search for the missing Malaysia Airlines Flight 370, we are seeing cybercriminals use this highly talked-about topic to unleash different online threats. One involves a fake video about this flight, which we believe is spreading via email. The video is supposedly a five-minute clip about MH70 named Malaysian Airlines MH370 5m Video.exe. In reality, it is a backdoor detected as detected as BKDR_OTOPROXY.WR. As is the case with most backdoors, this malware allows a remote attacker to ...

    Posted in Bad Sites, Malware, Spam |



    Recently we've discussed how Control Panel (CPL) malware has been spreading in Latin America. In the past, we've analyzed in some detail how CPL malware works as well as the overall picture of how this threat spreads. In this post, we shall examine in detail how they spread, and how they relate with other malicious sites and components. Recently, while I was checking my spam mailbox, I found one of these messages there. Specifically, I found this email sample: Figure 1. Spam message This ...

    Posted in Bad Sites, Malware |


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice