SEARCH RESULTS
 
Showing 1-10 of 22 records
 
Expand article

Modified Zeus Crimeware Kit Comes With Built-in MP3 Player

The Article has images
2008-09-29 17:55:03 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...crimeware kits rarely make the headlines due to the fact that anyone can hijack a crimeware kit's brand, build and innovate using its foundations , and claim it's a new version released by the original authors . That's of course in between the tiny time frame until he's exposed as the fake author of Zeus that may have in fact came up with a...
 
Tags: malware, web based malware, botnet, female botnet masters, popular crimeware kits, zeus, crimeware kits, authors, original authors
 
 
 
 
Expand article

Crimeware in the Middle - Zeus

The Article has images
2008-04-24 04:37:46 by HASH0x8ae4648 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...crimeware kit used to deliver banking trojans The Trojan that was used in this attack belonged to the "Zeus" family of malware. Zeus is a nefarious type of Trojan for multiple reasons 1. The Zeus Trojan is a kit for sale: Anyone in the criminal community can purchase it for roughly $700. This means that the Rock group did not need to...
 
Tags: zeus, file, remote file, zeus trojan, binary file, file system32 drivers, kit, metaphisher kit, configuration file
 
 
 
 
Expand article

The Zeus Crimeware Kit Vulnerable to Remotely Exploitable Flaw

The Article has images
2008-06-18 17:45:15 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...crimeware kit which I discussed in a previous post, is susceptible to a remotely exploitable vulnerability according to a proof of concept code I obtained recently . The vulnerability allows the injection of logins and passwords within any misconfigured web interface, due to the way in which Zeus is processing php scripts (web shells and...
 
Tags: zeus, russian business network, crimeware kit, zeus users, vulnerability, vulnerability research, kit, security community, security community starts
 
 
 
 
Expand article

Crimeware defense strategies: how to protect your network (and yourself)

2008-05-29 00:00:00 by Julie Bort in Network World on Security
 
...Crimeware: understanding new attacks and defenses (published April 6), discussed defenses against financially motivated attacks, otherwise known as crimeware. The offered suggestions on how to protect your network (and yourself) against e-mail-by pharming, phishing attacks, identity theft, wireless network vulnerabilities and more
 
Tags: network, crimeware, wireless network vulnerabilities, attacks, authors markus jakobsson, book crimeware, protect, identity theft, defenses
 
 
 
 
Expand article

Pinch Vulnerable to Remotely Exploitable Flaw

The Article has images
2008-08-07 10:22:01 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...crimeware kits, looking, and actually finding remotely exploitable vulnerabilities allowing them to competely hijack someone's command and control, and consequently, their botnet. The Zeus crimeware kit , which I've been discussing and analyzing for a while, is the perfect example of how once a popular underground kit start acting as the...
 
Tags: popular crimeware kits, crimeware kits, pinch, crimeware, zeus crimeware kit, popular pinch crimeware, malware, banker malware kit, default crimeware kit
 
 
 
 
Expand article

Summarizing June's Threatscape

The Article has images
2008-07-01 07:05:01 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...crimeware kit allowing both, researchers and malicious parties to assess the severity of a particular banker malware campaign, the increasing use of malicious doorways next to ICANN and IANA's DNS hijacking, all speak for themselves and how diverse the threats and, of course, the abilities to maintain a decent situatiational awareness about...
 
Tags: site, fake youtube site, web site defacements, malware, malware hosts, web site defacer, sites, vulnerable sites, malicious
 
 
 
 
Expand article

The Neosploit Malware Kit Updated with Snapshot ActiveX Exploit

The Article has images
2008-07-15 17:18:32 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Crimeware Kit Vulnerable to Remotely Exploitable Flaw The Small Pack Web Malware Exploitation Kit Crimeware in the Middle - Zeus The Nuclear Grabber Kit The Apophis Kit The FirePack Exploitation Kit Localized to Chinese MPack and IcePack Localized to Chinese The FirePack Exploitation Kit - Part Two The FirePack Web Malware Exploitation Kit...
 
Tags: neosploit malware kit, malware kit, nuclear malware kit, kit, metaphisher malware kit, icepack malware kit, nuclear grabber kit, apophis kit, neosploit exploit kit
 
 
 
 
Expand article

Copycat Web Malware Exploitation Kits are Faddish

The Article has images
2008-09-03 07:18:08 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...Crimeware Kit Vulnerable to Remotely Exploitable Flaw The Small Pack Web Malware Exploitation Kit Crimeware in the Middle - Zeus The Nuclear Grabber Kit The Apophis Kit The FirePack Exploitation Kit Localized to Chinese MPack and IcePack Localized to Chinese The Icepack Exploitation Kit Localized to French The FirePack Exploitation Kit - Part...
 
Tags: malware kits, web malware kits, kits, copycat malware kits, proprietary kits, term, long-term growth strategy, icepack, icepack exploitation kit
 
 
 
 
Expand article

News from the Rock Phish Gang

2008-09-10 07:47:38 by schneier in Schneier on Security
 
...crimeware, including a custom-made botnet client that was spread, among other means, using the Neosploit infection kit Soon, additional signs appeared pointing to a partnership between Rock Phishers and Asprox. Most notably, the command and control server for the custom Rock Phish crimeware had exactly the same directory structure of many of...
 
Tags: rock, rock phish, phishers, rock phishers, attacks, asprox attacks, asprox, rsa researchers, rsa