Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
 
Showing 1-10 of 453 records
 
Expand article

Pushdo Serving Crimeware, Client-Side Exploits and Russian Bride Scams

The Article has images
2010-01-13 11:11:18 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
In need of a good example why you shouldn't be interacting with spam/phishing emails in any other way but reporting/deleting them, unless of course you're in the business of analyzing them Last week's OWA-themed Zeus-serving spam campaign courtesy of the Pushdo botnet , has not just resumed, but is continuing to serve client-side exploits...
 
Tags: email, ns1, org, hadlerjkh, net, spam campaign, spam campaign courtesy, client-side exploits, pushdo
 
 
 
 
Expand article

Outlook Web Access Themed Spam Campaign Serves Zeus Crimeware

The Article has images
2010-01-08 16:09:57 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...information-services .com - 91.198.109.69 - Email: pita@bigmailbox.ru erthjuyt44u .com - 91.198.109.19 - Email: rails@qx8.ru excellenthostingservice .com - 91.198.109.48 - Email: xm@qx8.ru goldhostingservice .com - 91.198.109.32 - Email: clod@qx8.ru Pretty much your typical cybercrime-friendly virtual neighborhood Related posts Pushdo...
 
Tags: email, crimeware, net, campaign, zeus crimeware, default settings, active zeus crimeware, ns1, settings
 
 
 
 
Expand article

Top Ten Must-Read DDanchev Posts For 2009

The Article has images
2010-01-04 12:37:37 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Security Software Business Model 02. Koobface Botnet's Scareware Business Model - Part One and Part Two 03. Inside a Money Laundering Group's Spamming Operations 04. A Peek Inside the Managed Blackhat SEO Ecosystem 05. Iranian Opposition DDoS-es pro-Ahmadinejad Sites 06. Koobface Botnet Redirects Facebook's IP Space to my Blog 07....
 
Tags: koobface botnet, sale, koobface botnet starts, posts, personal blog, blog, koobface gang wishes, sms ransomware series, peek inside
 
 
 
 
Expand article

Top Ten Must-Read Posts at ZDNet's Zero Day for 2009

The Article has images
2010-01-04 12:10:48 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
The end of the year naturally means a rush to come up with 'best of the best' top lists consisting of your finest content. However, based on personal observations, during the holidays season the short attention span of the average reader becomes even shorter with everyone looking forward to taking a well-deserved break. Therefore, the first...
 
Tags: day, posts, day reader, koobface botnet enters, content, short attention span, offsensive cyber capabilities, software piracy lead, iranian opposition launches
 
 
 
 
Expand article

Summarizing Zero Day's Posts for December

The Article has images
2010-01-04 12:03:46 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
The following is a brief summary of all of my posts at ZDNet's Zero Day for December, 2009 You can also go through previous summaries , as well as subscribe to my personal RSS feed , Zero Day's main feed , or follow all of ZDNet's blogs on Twitter 01. Koobface botnet enters the Xmas season 02. How many people fall victim to phishing attacks...
 
Tags: day, koobface botnet enters, personal rss feed, scareware distributors, december, main feed, posts, zdnet, xmas season
 
 
 
 
Expand article

The Koobface Gang Wishes the Industry "Happy Holidays"

The Article has images
2009-12-26 18:16:20 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...information as good as all passwords and credit cards. Our software did not ever steal credit card or online bank information, passwords or any other confidential data. And WILL NOT EVER. As for the crashes... We are really sorry. We work on it :) Wish you a good luck in new year and... Merry Christmas to you Always yours, "Koobface Gang ...
 
Tags: koobface gang, gang, koobface, koobface gang style, email, koobface botnet starts, koobface worm, koobface binaries, koobface front
 
 
 
 
Expand article

Koobface-Friendly Riccom LTD - AS29550 - (Finally) Taken Offline

The Article has images
2009-12-22 00:49:00 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
Last week, Josh Kirkwood, Network Engineer at Blue Square Data Group Services Limited, with whom I've been keeping in touch regarding the blackhat SEO activity courtesy of the Koobface gang, and actual Koobface botnet activity that's been taking place there for months , pinged me with an interesting email - " Riccom are now gone " ( AS29550 )....
 
Tags: koobface, koobface botnet starts, actual koobface command, koobface front, koobface worm, koobface research, koobface gang style, scareware domains, scareware domains continue
 
 
 
 
Expand article

A Diverse Portfolio of Fake Security Software - Part Twenty Four

The Article has images
2009-12-21 12:58:31 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Security Software" series. And with scareware losses to customers already (conservatively) estimated at $150 million , combined with the overwhelming evidence of scareware becoming the monetization method of choice for the majority of cybercriminals gathered throughout the entire year - in 2010 we'll see the peak of a fully matured business...
 
Tags: fake security software, scareware domains portfolio, scareware domains, portfolio, email, diverse portfolio, scareware, spscripthotmail, net
 
 
 
 
Expand article

Celebrity-Themed Scareware Campaign Abusing DocStoc

The Article has images
2009-12-07 12:17:23 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...information .cn - Email: steven lucas 2000@yahoo.com search-results .cn - Email: hilarykneber@yahoo.com share-video-portal1 .info - Email: kokishpoki@gmail.com share-video-portal4 .info - Email: kokishpoki@gmail.com spainsn .com - Email: ijushdf@gmail.com usworkingspace .com - Email: ijushdf@gmail.com web-paradise .cn - Email: steven lucas...
 
Tags: docstoc, docstoc accounts, popular docstoc, scareware, scareware campaign, email, campaign, massive scareware, blackhat seo farms
 
 
 
 
Expand article

Keeping Reshipping Mule Recruiters on a Short Leash

The Article has images
2009-12-07 10:26:29 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
Following my previous " Keeping Money Mule Recruiters on a Short Leash " and " Standardizing the Money Mule Recruitment Process " posts, the campaigners behind the previously exposed money-mule recruitment domains looking for " payment processing assistant ", are now also looking for " mailing assistants " to reship the fraudulently purchased...
 
Tags: money mules, money, money mule recruiters, services, services based, postal services, short leash, money-mule recruitment domains, domains
 
 
 
 
 
Showing 1-10 of 453 records