Whenever a threat is “localized” to a specific region, it’s a sign that attackers believe there is money to be made. Ransomware has made millions of dollars around the world, and it looks like it’s poking its nose into a new part of the world: China. However, the initial foray into this market made several mistakes.Read More
April last year, Pawn Storm reportedly compromised computers of the German Bundestag using data-stealing malware. This was the first documented political attack of Pawn Storm against Germany. One year later, this espionage actor group takes a swing once again.
In April 2016, we discovered that Pawn Storm started a new attack against the German Christian Democratic Union (CDU), the political party of the Chancellor of Germany, Angela Merkel.
The attack consisted of seemingly coordinated credential phishing attacks against the CDU and high profile users of two German freemail providers. A fake corporate webmail server of CDU was set up in Latvia for advanced credential phishing. Around the same time, three domains were created for credential phishing targeting high-profile individual users of two German free webmail providers. The main fake webmail server of CDU was set up in Latvia, but the free webmail credential phishing sites are on servers of the Virtual Private Server provider in the Netherlands we have discussed previously.Read More
The second Tuesday of the month has arrived which means the arrival of regularly scheduled patches from Microsoft and other vendors. This month’s release includes sixteen bulletins from Microsoft, as well as an update from Adobe for their PDF-related application. A separate update for Flash Player will arrive later this week.Read More
A multicomponent backdoor and point-of-sale (PoS) malware tandem can lead to stealthier and more flexible attacks. And these can pose greater threats to enterprises and small and medium-sized businesses (SMBs). Add another PoS malware to the mix, and you’ve got even bigger trouble.Read More
You may have heard about the Panama Papers—documents from a Panamanian law firm that revealed politicians, businessmen, and prominent individuals from countries all over the world were using offshore companies to cut their tax bills. It occurred to us to ask: Do cybercriminals avail of these services? Our research revealed that ads for offshore banking can also be found in underground forums. Offshore companies in Panama, the British Virgin Islands, and the Dominican Republic are used to hide the proceeds from cybercrime.Read More