SEARCH RESULTS
 
Showing 1-10 of 15 records
 
Expand article

Lazy Summer Days at UkrTeleGroup Ltd

The Article has images
2008-07-22 07:12:02 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...scammy ecosystem that's constantly jumping from one netblock to another, whose very latest exploit URLs and rogue security software nexto to the codecs served, always represent a decent sample of malicious activities to analyze UkrTeleGroup Ltd ( 85.255.112.0-85.255.127.255 UkrTeleGroup UkrTeleGroup Ltd. 27595 ASN ATRIVO ), a personal...
 
Tags: ukrtelegroup, codecs, fake codecs simultaneously, rogue security software, ukrtelegroup ukrtelegroup, fake codecs, home, home stat, scammy ecosystem
 
 
 
 
Expand article

Summarizing July's Threatscape

The Article has images
2008-08-01 16:08:24 by Dancho Danchev in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...scammy infrastructure on them, by earning money on an affiliate based model, like this particular attack 14. Malware and Office Documents Joining Forces A recent DIY malware kit, sold as a proprietary tool basically crunching out malware infected office documents, whose built-in obfuscation makes them harder to detect. It will sooner or...
 
Tags: malware, profitable malware operations, malware authors, malware tools, malware coder, malware kit, malware infection, neosploit malware kit, spam
 
 
 
 
Expand article

209.1 Host Locked

The Article has images
2007-12-18 17:56:28 by HASH0x8713b3c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...scammy ecosystem of over 30 Rock Phish domains hosting approximately from 5 to 10 different phishing campaigns targeting different brands on a single domain. Here's another perspective on the blended threat posed by phishing emails that come with embedded banker malware , the results of which get later on aggregated in a banking malware...
 
Tags: rock phish kit, rock phish, aspx, malware campaigns, malware, rock phish domain, banker malware, campaigns, host
 
 
 
 
Expand article

A Diverse Portfolio of Fake Security Software

The Article has images
2007-12-07 15:16:07 by HASH0x89688e0 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...scammy ecosystem on different networks, as well as the directory structure they take advantage of, one whose predictability makes it faily easy to efficiency obtain all the fake applications. This particular case is also a great example of the typical for a Rock Phish kit efficiency vs quality trade off , namely, all the binaries dispersed...
 
Tags: domains portfolio, domains, portfolio, sample domains portfolio, fake security software, software, onerateld, content, exe
 
 
 
 
Expand article

Malware Serving Online Casinos

The Article has images
2007-11-29 16:37:13 by HASH0x8968208 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...scammy ecosystem . The third one is sypercasino.com which was resolving to 203.117.111.102 early this week, and taking advantage of WebAttacker at sypercasino.com/biling/index.php . Now it resolves to 58.65.236.10 and promotes banner.casino.com/cgi-bin/SetupCasino.exe Detection rate : 9/32 (28.13 File size : 194077 bytes MD5 :...
 
Tags: obfuscation, current obfuscation, obfuscation loads, play poker, poker, internal url statistics-gdf, statistics-gdf, average javascript obfuscation, php
 
 
 
 
Expand article

The Continuing .Gov Blackhat SEO Campaign - Part Two

The Article has images
2008-02-25 08:42:20 by HASH0x8b54014 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...scammy ecosystem (217.170.77.*) such as canadianpharmacyltd.org ns1.viagrabestprice.info ns2.viagrabestprice.info officialmedicines.us pharm-shop.net thecanadianpharmacymeds.com viagrabestprice.info viagraforlove.com xdrugpill.com This is perhaps the perfect moment to clarify that the appropriate people responsible for auditing and securing...
 
Tags: seo content, invisible seo content, pages, seo pages, content, military affairs, homecare, gov, national homecare council
 
 
 
 
Expand article

Cybersquatting Security Vendors for Fraudulent Purposes

The Article has images
2008-03-20 20:03:30 by HASH0x8b6d09c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...scammy system by itself with several hundred more such cybersquatted domains Don't be cheap, if you're to buy any kind of software, do so through the official site, and cut the fraudulent intermediaries like the ones in this case. Read more about Interactive Brands at the Ripoff Report : Interactive Brands, Adaware-ib.com Rip-off ; Report:...
 
Tags: interactive brands, brands, interactive, interactive brands offers, domains, customer support center, ripoff report, offers, adobe acrobat
 
 
 
 
Expand article

Massive IFRAME SEO Poisoning Attack Continuing

The Article has images
2008-03-27 21:12:29 by HASH0x8b4fa7c in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...scammy ecosystem 07search.com 5m9h41.com a666hosting.info gzoe7w.com l6q7x6.com nashepivo.com nbb3g1.com sraly.com uvilo.com vmksxo.com credits-counselor.com hx0k21.com mob-shop.net smart-search.net For the time being, Google is actively filtering the results, in fact removing the cached pages on number of domains when I last checked, the...
 
Tags: massive, single massive seo, profile sites, profile sites iframe, attack, seo, malware, malware attack, massive blackhat seo
 
 
 
 
Expand article

Fake Yahoo Greetings Malware Campaign Circulating

The Article has images
2008-04-16 15:21:03 by HASH0x8c5ff78 in Dancho Danchev's Blog - Mind Streams of Information Security Knowledge
...scammy ecosystem of other phishing and malware related domains responding to the same IP. And these are the related subdomains impersonating Yahoo Greetings within american-greeting.ca.xml52.com www5.yahoo.american-greeting.ca.xml52.com www9.yahoo.americangreeting.ca.www05.net yahoo.americangreetings.com.droeang.net...
 
Tags: yahoo, fake yahoo, malware, malicious, malicious backdoor trojan, backdoor, malware campaign, net, active malware campaigns