With more households running smart devices that access the internet, the router is typically their only doorkeeper. And whether an end user has a laptop/desktop and router combo, or a miscellany of other devices connected to the network, the security risks are the same. Based on our research, home routers have been most susceptible to cross-site scripting (XSS) and PHP arbitrary code injection attacks, as well as being involved in carrying out DNS amplification attacks.Read More
On November 30th, an international law enforcement operation stamped out Avalanche, a large-scale content and management platform designed for the delivery of bullet-proof botnets. Avalanche’s scale and scope spanned victims from 180 countries, over 800,000 domains in 60+ top-level domains (TLD), more than one million phishing and spam e-mails, 500,000 infected machines worldwide, and 130TB of captured and analyzed data.
The coordinated effort from international law enforcement agencies that include Germany’s Public Prosecutor’s Office Verden and the Lüneburg Police, the U.S.’s Attorney Office for the Western District of Pennsylvania, Department of Justice and the Federal Bureau of Investigation (FBI), Europol, and Eurojust as well as partners in ShadowServer, resulted in one of the most successful anti-cybercrime operations in recent years.Read More
The creator of the banking malware SpyEye, Aleksandr Andreevich Panin, has just been sentenced on charges related to creating and distributing SpyEye. In early 2014, he pleaded guilty to charges related to creating and distributing SpyEye. Information provided by Trend Micro was used to help find the real identities of Panin and his accomplices.Read More
Last April 2015, we talked about FighterPOS, a point-of-sale (PoS) malware that was used in a one-man cybercriminal operation to steal over 22,000 unique credit card numbers and affected more than 100 PoS terminals in Brazil and other countries. We recently came across new and seemingly improved versions of this malware. Among other things, FighterPOS now has propagation capabilities; meaning, it could spread from one PoS malware terminal to another that is connected to the same network and thereby increasing the number of potential victims in one organization.Read More
The Internet has no borders, countries do. And that’s what makes it so difficult for law enforcement to chase cybercriminals. Trend Micro works with these bodies for years and we see how painful and long these processes are, once the cybercriminal is somewhere else. We not only work close with local police but also with Europol and INTERPOL, which helps when it comes to international crime. They do a great job, but the bad guys clearly have an advantage as their flexibility and speed makes it easy for them to jump around in cyberspace and build up systems everywhere. And pretty often, they go to countries where cybercrime is not a crime or chasing them is low priority.Read More