• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   cybercriminal underground

Cryptocurrency-Mining Malware Targeting IoT, Being Offered in the Underground
  • Posted on:May 2, 2018 at 3:01 am
  • Posted in:Internet of Things, Malware
  • Author:
    Fernando Mercês (Senior Threat Researcher)
0

Crime follows the money, as the saying goes, and once again, cybercriminals have acted accordingly. The underground is flooded with so many offerings of cryptocurrency malware that it must be hard for the criminals themselves to determine which is best. This kind of malware, also known as cryptomalware, has a clear goal, which is to make money out of cryptocurrency transactions. This can be achieved through two different methods: stealing cryptocurrency and mining cryptocurrency on victims’ devices surreptitiously (without the victims noticing), a process also known as cryptojacking. In this post, we discuss how these two methods work, and see whether devices connected to the internet of things (IoT), which are relatively underpowered, are being targeted.

Read More
Tags: bitcoincryptocurrencycryptocurrency minercybercrimecybercriminal underground

Understanding Code Signing Abuse in Malware Campaigns
  • Posted on:April 5, 2018 at 1:00 am
  • Posted in:Machine Learning, Malware
  • Author:
    Trend Micro Forward-Looking Threat Research Team
0

Using a machine learning system, we analyzed 3 million software downloads, involving hundreds of thousands of internet-connected machines, and provide insights in this three-part blog series. In the first part of this series, we took a closer look at unpopular software downloads and the risks they pose to organizations. We also briefly mentioned the problem regarding code signing abuse, which we will elaborate on in this post.

Code signing is the practice of cryptographically signing software with the intent of giving the operating system (like Windows) an efficient and precise way to discriminate between a legitimate application (like an installer for Microsoft Office) and malicious software. All modern operating systems and browsers automatically verify signatures by means of the concept of a certificate chain.

Valid certificates are issued or signed by trusted certification authorities (CAs), which are backed up by parent CAs. This mechanism relies entirely and strictly on the concept of trust. We assume that malware operators are, by definition, untrustworthy entities. Supposedly, these untrustworthy entities have no access to valid certificates. However, our analysis shows that is not the case.

Read More
Tags: code signingcybercriminal undergroundMalware

Out in the Open: Accessibility in the North American Underground
  • Posted on:December 7, 2015 at 5:48 am
  • Posted in:Bad Sites, Deep Web, Malware
  • Author:
    Stephen Hilt and Kyle Wilhoit (Senior Threat Researchers)
0

In our exploration of the different cybercriminal underground markets, we often note that these black markets are often hard to infiltrate, or even find in the first place. It takes a specific set of skills and knowledge to be able to get inside these underground economies. But not the North American underground. Unlike its counterparts…

Read More
Tags: cybercriminal undergroundDeep Webdrugsfake documentslaw enforcement

Prototype Nation: Emerging Innovations in Cybercriminal China
  • Posted on:November 23, 2015 at 4:57 am
  • Posted in:Malware
  • Author:
    Lion Gu (Senior Threat Researcher)
0

Cybercrime doesn’t wait for anything or anyone. Two years after publishing our last report on the wares and services traded in the bustling Chinese underground, we found that the market’s operations have further expanded. From traditional malware, Chinese cybercriminals are now looking toward newer innovations and technologies to boost their operations. The Chinese underground now…

Read More
Tags: ATM skimmerblack marketChinese cybercrimeChinese undergroundCUEScybercrimecybercriminal undergroundcybercriminal underground economy seriesPOS

Attack of the Solo Cybercriminals – Frapstar in Canada
  • Posted on:May 26, 2015 at 8:08 am
  • Posted in:Malware
  • Author:
    Trend Micro
0

By now cybercrime has become the fastest growing criminal enterprise of the 21st century, run by efficient organizations with great professionalism. Today, news headlines are mostly about large-scale breaches orchestrated by large criminal syndicates. But smaller one-man operations can be equally devastating to the unwitting home users and businesses. This reminds us that cyber criminals…

Read More
Tags: canadacardingcybercrimecybercriminal undergroundinformation theftZeuS
Page 1 of 212

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Malicious Edge and Chrome Extension Used to Deliver Backdoor
  • Confucius Update: New Tools and Techniques, Further Connections with Patchwork
  • GPON Vulnerabilities Exploited for Mexico-based Mirai-like Scanning Activities
  • Malicious Traffic in Port 7001 Surges as Cryptominers Target Patched 2017 Oracle WebLogic Vulnerability
  • How Chat App Discord Is Abused by Cybercriminals to Attack ROBLOX Players

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.