• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Deep Web

WannaCry Ransomware Sold in the Middle Eastern and North African Underground
  • Posted on:October 10, 2017 at 5:01 am
  • Posted in:Deep Web, Malware, Ransomware
  • Author:
    Mayra Rosario Fuentes (Senior Threat Researcher)
0

For $50, one could purportedly get a lifetime license to upgradeable variants of WannaCry. We saw this advertisement in an Arabic-speaking underground forum on May 14, two days after WannaCry’s outbreak. Indeed, a threat that left a trail of significant damage in its wake was objectified into a commodity, and even a starting point for others to launch their own cybercriminal businesses.

WannaCry’s relatively low price also reflects another unique aspect of the Middle Eastern and North African underground: a sense of brotherhood. Unlike marketplaces in Russia and North America, for instance, where its players aim to make a profit, the Middle East and North Africa’s underground scene is an ironic juncture where culture, ideology, and cybercrime meet.

Read More
Tags: cybercrimeMiddle EastNorth Africaunderground

Business Process Compromise and the Underground’s Economy of Coupon Fraud
  • Posted on:September 28, 2017 at 5:03 am
  • Posted in:Bad Sites, Deep Web, Social
  • Author:
    Trend Micro Forward-Looking Threat Research Team
0

The fraudulent redemption of freebies, discounts, and rebates in the form of coupons is reportedly costing U.S. businesses $300–600 million every year. And where there’s money to be made, there are cybercriminals rustling up schemes to take advantage of it. Unsurprisingly, that was the case when it comes to coupon fraud, which we found to be rife and thriving in the underground.

What does coupon fraud mean for businesses? In 2012, major manufacturers were victimized by counterfeit coupons, with one consumer goods corporation pegging its losses to around $1.28 million. Another coupon fraud scheme almost a decade in the making stole at least $250 million from companies.

Read More
Tags: Business Process CompromiseCoupon Fraudunderground

Red on Red: The Attack Landscape of the Dark Web
  • Posted on:May 30, 2017 at 5:00 am
  • Posted in:Deep Web
  • Author:
    Marco Balduzzi (Senior Threat Researcher)
0

We’ve frequently talked about how limited-access networks such as the Dark Web is home to various cybercriminal underground hotspots. Hosted and accessed via the Tor network, these sites house underground marketplaces that sell various good and services, which include cryptocurrency laundering, hosting platforms for malware, and stolen/counterfeit identities.

What is less covered is the attack landscape within the Dark Web. Are these sites subject to their own hacking attempts and DDoS attacks? What are the sizes and characteristics of attacks within the Dark Web? This is what we have learned: these attacks are surprisingly common within the Dark Web, and are frequently carried out manually and aimed at subverting or spying on the services run by other cybercriminals.

Read More

MajikPOS Combines PoS Malware and RATs to Pull Off its Malicious Tricks
  • Posted on:March 15, 2017 at 5:00 am
  • Posted in:Deep Web, Malware
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

We’ve uncovered a new breed of point-of-sale (PoS) malware currently affecting businesses across North America and Canada: MajikPOS (detected by Trend Micro as TSPY_MAJIKPOS.A). Like a lot of other PoS malware, MajikPOS is designed to steal information, but its modular approach in execution makes it distinct. We estimate that MajikPOS’s initial infection started around January 28, 2017.

While other PoS malware FastPOS (its updated version), Gorynych and ModPOS also feature multiple components with entirely different functions like keylogging, MajikPOS’s modular tack is different. MajikPOS needs only another component from the server to conduct its RAM scraping routine.

Read More
Tags: cardingcredit card theftMajikPOSPOS malware

Is West Africa Poised for an Underground Market?
  • Posted on:March 9, 2017 at 3:38 am
  • Posted in:Deep Web
  • Author:
    Trend Micro
0

Based on an INTERPOL survey, West African cybercriminals stole an average of US$2.7 million from businesses and an average of US$422,000 from individuals from 2013 to 2015. Scams, whether simple (like 419 or Nigerian prince scams) or complex (like business email compromise [BEC] scams), run rampant in the West African threat landscape. In fact, most of the online scams we see now may have to do with the increase in the region’s cybercriminal activity volume.

Read More
Tags: undergroundWest Africa
Page 1 of 712 › »

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Legitimate Application AnyDesk Bundled with New Ransomware Variant
  • FacexWorm Targets Cryptocurrency Trading Platforms, Abuses Facebook Messenger for Propagation
  • Monero-Mining RETADUP Worm Goes Polymorphic, Gets an AutoHotKey Variant
  • New Phishing Scam uses AES Encryption and Goes After Apple IDs
  • Necurs Evolves to Evade Spam Detection via Internet Shortcut File

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.