On January 13, college student Zachary Shames pleaded guilty to a federal district court in Virginia, US, for authoring Limitless Logger, the malicious keylogger that was used to steal thousands of sensitive user information like passwords and banking credentials. In November 2014, Trend Micro’s Forward Looking Threat Research team (FTR) published a research paper that covered Limitless and how it was used to steal information from thousands of victims. Prior to that, we passed on details that correctly identified Shames as the creator to the FBI. This blog details how we made that link, which we left out of the published research paper.Read More
On November 30th, an international law enforcement operation stamped out Avalanche, a large-scale content and management platform designed for the delivery of bullet-proof botnets. Avalanche’s scale and scope spanned victims from 180 countries, over 800,000 domains in 60+ top-level domains (TLD), more than one million phishing and spam e-mails, 500,000 infected machines worldwide, and 130TB of captured and analyzed data.
The coordinated effort from international law enforcement agencies that include Germany’s Public Prosecutor’s Office Verden and the Lüneburg Police, the U.S.’s Attorney Office for the Western District of Pennsylvania, Department of Justice and the Federal Bureau of Investigation (FBI), Europol, and Eurojust as well as partners in ShadowServer, resulted in one of the most successful anti-cybercrime operations in recent years.Read More
As everyone knows by now, recently there have been some attacks in Germany that have people worried about their security. One question that comes up is – how were the attackers able to obtain their weapons?
In the recent Munich shooting, the attacker obtained his gun (a Glock 17 pistol) from an underground market. I was recently interviewed by the Handelblatt newspaper about underground markets.Read More
Yesterday, July 7, the United Kingdom’s National Crime Agency (NCA) released their Cyber Crime Assessment report for 2016, where they outlined the most important threats to UK businesses such as cybercrime. This is the first cybercrime report produced jointly by the NCA and industry partners.Read More
April 2016 was a great month for putting cybercriminals in prison. On April 12 Paunch, the creator of the infamous Blackhole exploit kit, was sentenced to seven years in a Russian prison. This was soon followed by Aleksandr Panin, the creator of SpyEye: he was sentenced by a United States federal court to nine and a half years in prison for his role in creating SpyEye. One of his partners, Hamza Bendelladj, was sentenced to fifteen years.
The most recent case involved Esthost, a company we know very well from our research. Vladimir Tsastsin became the latest member of the Esthost gang to be sentenced to jail; he will spend more than 7 years in prison. He was also ordered to forfeit more than $2.5 million in property.Read More