How is it possible for users to lose hundreds of dollars in anomalous online bank transfers when all of their gadgets have security software installed?Read More
In the past weeks, information-stealing malware EyePyramid made headlines after it was used to steal 87GB of sensitive data from government offices, private companies and public organizations. More than 100 email domains and 18,000 email accounts were targeted, including those of high-profile victims in Italy, the U.S., Japan and Europe.Read More
Netflix has a 93 million-strong subscriber base in more than 190 countries, so it’s unsurprising that cybercriminals want a piece of the pie. Among their modus operandi: stealing user credentials that can be monetized in the underground, exploiting vulnerabilities, and more recently infecting systems with Trojans capable of pilfering the user’s financial and personal information.
What other purposes can stolen Netflix credential serve? Offer them up as bargaining chip to fellow cybercriminals, for instance. Or more nefariously, use them as lure to trick certain users into installing malware (and turn a profit in the process). If you’re planning to free ride your way into binge-watching your favorite shows on Netflix, think again. Your computer’s files may end up getting held hostage instead.Read More
On January 13, college student Zachary Shames pleaded guilty to a federal district court in Virginia, US, for authoring Limitless Logger, the malicious keylogger that was used to steal thousands of sensitive user information like passwords and banking credentials. In November 2014, Trend Micro’s Forward Looking Threat Research team (FTR) published a research paper that covered Limitless and how it was used to steal information from thousands of victims. Prior to that, we passed on details that correctly identified Shames as the creator to the FBI. This blog details how we made that link, which we left out of the published research paper.Read More
Two Italians referred to as the “Occhionero brothers” have been arrested and accused of using malware and a carefully-prepared spear-phishing scheme to spy on high-profile politicians and businessmen. This case has been called “EyePyramid”, which we first discussed last week. (Conspiracy theories aside, the name came from a domain name and directory path that was found as part of the research.)Read More