• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Deep Web

Red on Red: The Attack Landscape of the Dark Web
  • Posted on:May 30, 2017 at 5:00 am
  • Posted in:Deep Web
  • Author:
    Marco Balduzzi (Senior Threat Researcher)
0

We’ve frequently talked about how limited-access networks such as the Dark Web is home to various cybercriminal underground hotspots. Hosted and accessed via the Tor network, these sites house underground marketplaces that sell various good and services, which include cryptocurrency laundering, hosting platforms for malware, and stolen/counterfeit identities.

What is less covered is the attack landscape within the Dark Web. Are these sites subject to their own hacking attempts and DDoS attacks? What are the sizes and characteristics of attacks within the Dark Web? This is what we have learned: these attacks are surprisingly common within the Dark Web, and are frequently carried out manually and aimed at subverting or spying on the services run by other cybercriminals.

Read More

MajikPOS Combines PoS Malware and RATs to Pull Off its Malicious Tricks
  • Posted on:March 15, 2017 at 5:00 am
  • Posted in:Deep Web, Malware
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

We’ve uncovered a new breed of point-of-sale (PoS) malware currently affecting businesses across North America and Canada: MajikPOS (detected by Trend Micro as TSPY_MAJIKPOS.A). Like a lot of other PoS malware, MajikPOS is designed to steal information, but its modular approach in execution makes it distinct. We estimate that MajikPOS’s initial infection started around January 28, 2017.

While other PoS malware FastPOS (its updated version), Gorynych and ModPOS also feature multiple components with entirely different functions like keylogging, MajikPOS’s modular tack is different. MajikPOS needs only another component from the server to conduct its RAM scraping routine.

Read More
Tags: cardingcredit card theftMajikPOSPOS malware

Is West Africa Poised for an Underground Market?
  • Posted on:March 9, 2017 at 3:38 am
  • Posted in:Deep Web
  • Author:
    Trend Micro
0

Based on an INTERPOL survey, West African cybercriminals stole an average of US$2.7 million from businesses and an average of US$422,000 from individuals from 2013 to 2015. Scams, whether simple (like 419 or Nigerian prince scams) or complex (like business email compromise [BEC] scams), run rampant in the West African threat landscape. In fact, most of the online scams we see now may have to do with the increase in the region’s cybercriminal activity volume.

Read More
Tags: undergroundWest Africa

The Healthcare Underground: Electronic Health Records for Sale
  • Posted on:February 21, 2017 at 5:00 am
  • Posted in:Deep Web
  • Author:
    Trend Micro
0

In 2016, 91 percent of the U.S. population had health insurance coverage which means at a given time, any person will be effected in the event of a healthcare data breach. How it affects individuals may differ case by case perspective, but its impact to affected people and healthcare institutions are far from mild. In our latest research paper titled Cybercrime and other Threats faced by Healthcare industry, we look at the other side of a healthcare data breach and trace back what happens to electronic health records (EHR) after they are stolen.

Read More
Tags: EHRhealthcareShodan

The Rise and Fall of Encryptor RaaS
  • Posted on:September 29, 2016 at 5:00 am
  • Posted in:Deep Web, Ransomware
  • Author:
    Trend Micro
0

Back in July 2015, a new ransomware as a service named “Encryptor RaaS” (detected by Trend Micro as RANSOM_CRYPRAAS.SM) entered the threat scene, rivaling or at least expecting to succeed the likes of similar get-rich-quick schemes from Tox and ORX Locker. The newcomer appeared to be a dark horse: it was multiplatform, had an appealing price, and empowered budding malefactors an easier entry point to cybercrime. It posed a considerable threat to users and businesses, as Encryptor RaaS attacks can vary based on the customizations applied by the affiliate.

In July 2016, however, the service abruptly closed up shop. The good: one less ransomware to be worried about. The bad: the developer decided to wipe the master key. The ugly: victims can no longer recover their encrypted files. What made Encryptor RaaS suddenly crash and burn?

Read More
Tags: Encryptor RaaSransomware
Page 1 of 612 › »

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Business Email Compromise

  • How can a sophisticated email scam cause more than $2.3 billion in damages to businesses around the world?
    See the numbers behind BEC

Latest Ransomware Posts

  • AdGholas Malvertising Campaign Employs Astrum Exploit Kit
  • Erebus Resurfaces as Linux Ransomware
  • Analyzing the Fileless, Code-injecting SOREBRECT Ransomware
  • Victims Lost US$1B to Ransomware
  • After WannaCry, UIWIX Ransomware and Monero-Mining Malware Follow Suit

Ransomware 101

  • This infographic shows how ransomware has evolved, how big the problem has become, and ways to avoid being a ransomware victim.
    Check the infographic

Popular Posts

  • Mouse Over, Macro: Spam Run in Europe Uses Hover Action to Deliver Banking Trojan
  • Erebus Resurfaces as Linux Ransomware
  • Analyzing the Fileless, Code-injecting SOREBRECT Ransomware
  • Analyzing Xavier: An Information-Stealing Ad Library on Android
  • MS17-010: EternalBlue’s Large Non-Paged Pool Overflow in SRV Driver

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.