Tax season in the US and Canada has always been popular among cybercriminals. After all, it's one of the few reliable times in a year that a lot of money gets thrown around online, due to the convenience of filing (and) paying taxes over the Internet. As such, we make it a point to look out for threats specifically targeting taxpayers before, during and after tax season and every year, we invariably find a lot of them.
This year was no ...
Before the end of the month, we will release a new paper in our Cybercriminal Underground Economy Series titled Russian Underground Revisited. This is a followup to our earlier paper Russian Underground 101; both papers examined the Russian Underground and looked at the goods and services being sold inside these underground communities.
While the full details will not be published until next week, the overall finding of the report is clear: cybercrime has never been more affordable and accessible, even for lesser-skilled cybercriminals.
The lower ...
News of a maritime disaster happening on South Korea waters hit full force on April 16, 2014. MV Sewol, a South Korean vessel, capsized off of the country's southern coast.
While the world was still reeling from the horrific turn of events, cybercriminals began getting to work. Just mere hours after this event was reported worldwide, we have seen some spammed messages using this piece of news. In the samples that we have observed, the actual news is not used as ...
Out with the old, in with the new? When it comes to cybercrime, that’s rarely the case. We often seen old malware get upgrades with new techniques, payloads, and even targets. This is certainly the case for an old Java remote access Trojan (RAT) detected as JAVA_OZNEB.B.
Users may encounter this threat as an attachment to spammed emails. These emails are often financial in nature. One such email pretends to be from American Express, informing recipients that their accounts have been ...
Note: The author of the entry has been changed to Chengkai Tao.
We've recently discovered a design flaw in Android devices that allows fake apps to hijack legitimate app updates, thus enabling the fake app to steal the information stored by the targeted legitimate app. The flaw lies in a common practice for mobile users in China: using an external storage device (such as an SD card) to store downloaded Android application package (APK) files.
China-based users commonly update their apps directly -- ...
