We’ve seen “get Twitter followers” scams in the past, but a recent one stood out for a very good reason: it actually delivers what it promises—and then some. This scam tries to attract potential victims by using tweets with the phrase “GET MORE F0LL0WERS” and a URL that is apparently from Google. (In this particular…
Read MoreEarlier this week, it was announced by the United States Department of Justice that the creator of the notorious SpyEye banking malware, Aleksandr Andreevich Panin (also known as Gribodemon or Harderman), had pleaded guilty before a federal court to charges related to creating and distributing SpyEye. Trend Micro was a key part of this investigation…
Read MoreIn the past few months, the Tor anonymity service as been in the news for various reasons. Perhaps most infamously, it was used by the now-shuttered Silk Road underground marketplace. We delved into the topic of the Deep Web in a white paper titled Deepweb and Cybercrime. In our 2014 predictions, we noted that cybercriminals would go deeper…
Read MoreFile infectors and ZBOT don’t usually go together, but we recently saw a case where these two kinds of threats did. This particular file infector – PE_PATNOTE.A (MD5 871246d00caffdbed56b1374975c368e) – appends its code to all executable files on the infected system, like so: Figure 1. Before infection Figure 2. After infection What does this code…
Read MoreFake Flash player scams have been around for a long time, but remarkably they still haven’t gone away. Now, they’re targeting users in Turkey. A recent attack that we found starts off with a video link sent to users via Facebook’s messaging system (sent in Turkish). This “video” prompts users to install a Flash Player…
Read More