Tag: eCrime
-
Neosploit – The rumors of my demise have been greatly exaggerated
Despite being reported as “out of business†in late July/August, (see this blog, and this article as well), Neosploit, one of the most widely used tools by cybercriminals, clearly hasn’t ceased to exist . In fact, we have recently confirmed a highly enhanced Neosploit 3.1 installation to be out and about, and serving Malweb to…
-
Less phish, more meat? Malweb proving to be more efficient than phishing scams.
In a somewhat below-the-radar report, the anti-phishing working group (APWG) Q1 report is for the first time in its report showing a decrease in the number of phishing reports towards the end of the quarter. In a startling (although expected) contrast – reports on crimeware, malware, Trojans and other malicious code (all delivered by Malweb!)…
-
Crimeware server catering to “grab and run†criminals
During our research for the latest Malicious Page of the Month that has just been released, we came across a domain that was being used as a command and control for the Crimeware that was executed on attacked machines. This domain was also used as the “drop site†for private information being harvested by that…
-
Taking down a malicious site – the good, the bad, and the ugly…
As part of the “closure” on the February Malicious Page of the Month, which involved meoryprof.info (taken down), and spywaresafe.net we have contacted the appropriate parties in order to notify them that these websites contain malicious code. Meoryprof.info was the first to buckle (probably under the press exposure), but spywaresafe.net have managed to stay afloat…
-
Optimizing Cross Site Scripting – and general security practices
We have been working recently on a XSS attack that impacted a huge number of potential victims, as the attack itself has been “optimized†by SEO (Seacrh Engine Optimization) practices that pushed it to Google’s indexes. In itself, this is not a new technique, but the sheer size of it made us take a second…