Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    October 2014
    S M T W T F S
    « Sep    
     1234
    567891011
    12131415161718
    19202122232425
    262728293031  
  • About Us
    TrendLabs Security Intelligence Blog(breadcrumbs are unavailable)

    Archive for the ‘Botnets’ Category




    During the last week of August 2014, we observed a salad spam surge caused by KELIHOS spambot.  Salad spam contains gibberish words in the email body, and is usually employed by cybercriminals so as to bypass spam filters. Here are some samples we spotted: Figures 1-2: Screenshots of spammed messages Majority of this outbreak’s victims are from the United States.  Based on our data, the top sending countries for this spam run are Spain, Germany, Italy, Iran, and the United States. Figure 3: Top sending countries ...

    Posted in Botnets, Malware, Spam |



    TROJ_UPATRE, the most common malware threat distributed via spam, is known for downloading encrypted Gameover ZeuS onto affected systems. This ZeuS variant, in turn, is known for its use of peer-to-peer connections to its command-and-contol (C&C) servers.  This behavior has been known about since October 2013. We have observed that these specific ZeuS variants are now employing non-binary files. The UPATRE downloader is also responsible for decrypting these malicious files. This is done to bypass security features and avoid detection and removal ...

    Posted in Bad Sites, Botnets, Malware | Comments Off



    The first quarter of the year saw cybercrime hit targets that may not have been considered worthwhile in previous quarters. Multiple Bitcoin exchanges found themselves the victims of various attacks and were forced to close shop. The most high-profile victim Mt. Gox, which had been, at one time, the leading Bitcoin exchange in the world. Exchanges were not the only target. With more than 12 million Bitcoins in existence - with a value of 6-8 billion US dollars - it ...




    We recently noticed that there has been an increase in spammed messages that use airline information as bait. These messages are made to look like notifications from airlines such as Delta Airlines, British Airways, US Airways, and American Airlines. Each message comes with an attachment—often in the form of a fake e-ticket—that recipients are supposed to open. This attachment is actually a BKDR_KULUOZ variant. Figure 1. Screenshot of sample spam KULUOZ variants are known to download and execute other malware, such as SIREFEF/ZACCESS and ...

    Posted in Botnets, Spam | Comments Off



    The research on browser-based botnets presented during the recent Blackhat conference in Las Vegas touches on our previous study on the abuse of HTML5. Most importantly, it shows how a simple fake online ad can lead to formidable threats like a distributed denial of service (DDoS) attack. In their briefing, Jeremiah Grossman and Matt Johansen showed that it is possible to initiate a massive distributed denial of service (DDoS) attack via a browser-based botnet. To create the botnet itself, the potential ...

    Posted in Botnets | Comments Off


     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice