Support our Sponsors


uClip Clipping Path Service



Main Menu
Home
News
Blog
Links
Search
Resources
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions
Login



Syndicate
feed-image Feed Entries

spamNEWS | botnet | phising | virus | spam | mallware
Fresh Data-Stealing Trojan, Kronos Identified PDF Print E-mail
Written by Administrator   
Thursday, 24 July 2014 07:00

As per Trusteer, one fresh PC-Trojan, going by the name Kronos, created for seizing login credentials as well as more financial details entered onto Internet banking websites, has become widely known through increased canvassing on secret crime forums.

Senior Fraud Prevention Strategist Etay Maor of Trusteer states that one recent advertisement observed on one Russian cyber-criminals website promotes Kronos. The malware is capable of capturing credentials during Web-browsing activities within Google's Chrome, Mozilla's Firefox and Microsoft's Internet Explorer. For the purpose, it utilizes HTML injection and form-grabbing methodologies, Maor explains. Pcworld.com published this, July 14, 2014.

Kronos, as per the advertisement, matches well with HTML injection scripts developed for the notorious Internet-banking Trojan ZeuS, now not being developed any more. The design choice has been made for letting cyber-criminals who continue to employ Zeus within their activities towards shifting onto Kronos without difficulty.

Alongside the info-stealing abilities, Kronos features one user-mode rootkit that suitably attacks 64-bit and 32-bit Windows computers, while safeguards the Trojan's processes from any other rival malware on the systems.

According to Kronos' creators via certain post on the underground forum, the Trojan carries a license so long as it'll exist for which it's priced $7,000 payable through Perfect Money, Bitcoin, the BTC-E exchange for Bitcoin/Litecoin, or WMZ. It also has bug fixes and updates for free, however, clients will require obtaining freshly-developed modules through separate payments, they explain.

To conduct a promotional campaign for the Trojan, Kronos' sellers further offered buyers 7 days' testing time for $1,000 during when they would get complete access to Kronos' regulatory panel.

Highlighting the most worrying facet about the Trojan, Senior Security Strategist George Tubin of Trusteer pointed to the Kronos tactics of eluding security measures, particularly anti-virus software. SCMagazine.com published this, July 14, 2014.

Moreover, it's anticipated that Kronos will employ one injection method undetectable by anti-virus, along with encrypted command-and-control interactions whose malicious traffic will remain invisible to researchers.

Now, one must wait and see whether this new malware turns out real and if there'll be a widespread adoption of it by cyber-criminals, in the phase of it presently being highly costly malicious software.

Read more... - Fresh Data-Stealing ...
 
Tourism Site of Myrtle Beach Hit by Malware Attack PDF Print E-mail
Written by Administrator   
Thursday, 24 July 2014 07:00

Southcarolinaradionetwork.com reported on 10th July, 2014 quoting a new report as "Myrtle Beach was one of the many North American cities whose tourism websites were attacked by a malware virus during 4th July (2014) holiday weekend."

Proofpoint Inc. provides data security to companies and they said that when travelers visit one of the infected websites, a web exploit kit is run which downloads additional malware into their machine.

However, it's a matter of serious concern that the exploit being used can't be detected easily with conventional antivirus solutions. Proofpoint tested the piece of malware and discovered that it could bypass all 51 antivirus products on Virus Total except four which makes it a dangerous exploit for consumers.

Southcarolinaradionetwork.com published a statement on 10th July, 2014 according to which Brad Dean, President of Chamber of Commerce of Myrtle Beach said that Simpleview which manages VisitMyrtlebeach.com promptly fixed the problem.

Dean added "presently we are not aware of any reports of affected visitors by this situation. However, we will continue to monitor carefully, address and ensure the safety of our website visitors of any cyber-related threats."

Proofpoint said that besides Myrtle Beach other destinations like Boston, Houston, Salt Lake City, Monterey, Victoria, Rochester and Utah Valley were also affected by the malware virus.

Marketwatch published news during first week of July 2014 quoting a response to the discovery by Mike Horn, Vice President , Threat response products of Proofpoint as "This is a good example of how badly protected websites facilitate the distribution of malwares. Users might be directed to these sites by a search engine without having any idea that they can be infected by just visiting these sites. We are also seeing many phishing campaigns which direct people to the legitimate travel sites which are infected with malware by hackers."

Myrtlebeachonline.com published news on 9th July, 2014 quoting Horn as saying "we suspect that websites have been compromised for sometime but attackers were carefully attacking for utmost effect."

Moreover, it is not just tourism websites that are maligned with malware as security firm Websense too observed in the fourth week of June 2014 that a popular men's portal AskMen.com was also tarnished with malware.

Read more... - Tourism Site of Myrt...
 
Cyber-criminals Intercept Keystrokes on PCs Inside Hotel Business Hubs PDF Print E-mail
Written by Administrator   
Wednesday, 23 July 2014 07:00

The United States Secret Service is cautioning hotel operators against malware, which seizes customers' sensitive information by logging keystrokes, after infecting PCs installed at their business hubs, published consumerist.com dated July 14, 2014.

In a report by Brian Krebs, cyber security specialist, it's understadable that the Secret Service along with NCCIC (National CyberSecurity and Communications Integration Center) of the Department of Homeland Security issued a security advisory for industries only, explaining how officials from Texas lately detained suspects who had been tampering with PCs located at business centers within Dallas/Fort Worth.

Apparently, the malware wasn't brought along on a compact disk alternatively USB stick, rather the suspects placed it within the cloud, while just took the same down on the hotels' PCs.

The advisory said that the suspects managed in acquiring huge volumes of data comprising hotel guests' Internet banking credentials, PII (Personally Identifiable Information), personal web-mail as well as retirement accounts. In addition, they filched more sensitive data available on the business hubs' PCs, it stated. Consumerist.com published this dated July 14, 2014.

Reportedly, each and every stroke that guests made on keyboards of the hijacked computers would become readable for the crooks through their e-mail ids. There's little information as to how many hotel visitors actually got impacted due to the criminals' sinister operations.

However, Krebs says many security suggestions are provided to enhance public PCs' safety that such businesses offer.

A particular recommendation is to minimize guests' account privileges in order that they won't be able to remove or add fresh software to any computer they use. While this isn't a complete remedy, still less tech-savvy cyber-crooks may be discouraged from doing the kind of activities they're involved in.

The advisory further cautioned that the cyber-criminals neither deployed sophisticated assaults nor needed highly technical expertise, while also didn't involve in abusing any software, operating system or Web-browser.

Krebs notes that gaining physical access of any computer most simplifies the method for hijacking it, considering there are so many tools with which such a system can be navigated onto another operating system that enables altering the intended system's data.

Read more... - Cyber-criminals Inte...
 
Elon University Pupils Receive Spam Mail PDF Print E-mail
Written by Administrator   
Wednesday, 23 July 2014 07:00

Students of Elon, North Carolina, USA situated Elon University may've seen one unusual e-mail in their mailbox, during the 2nd-week of July 2014, reported elonlocalnews.com in news on July 13, 2014.

Beginning from 10th June, 2014, a lot of existing and former students got one spam mail having "Deactivation of Account!!!" as its subject line. But officials of Elon University didn't dispatch the e-mail, as per their confirmation, while they've asked pupils to remain careful.

The message directed that recipients should return answer by providing details regarding their username as well as password.

Christopher Waters, Chief Information Officer and Assistant Vice President of Technology stated that Elon University wouldn't ever instruct students for answering by giving personal information over electronic mail. Elonlocalnews.com published this.

As per Waters, senders of spam mails will intrude Google Mail accounts in attempt to get the accountholders' personal information.

Within the current instance, it's easy to recognize the e-mail as unauthorized as though the sender signs off with the words 'Elon University,' his real id is 'gmail.com' instead of 'elon.edu.'

Waters says, occasionally the spam filters at the university don't stop from incoming many things they should.

According to the Technology Department of the campus, the only time students should disclose personal information is whilst they do it via a secured login of Elon University. Students are further suggested for setting a new password for their e-mail after each year.

Disturbingly, according to security analysts after thoroughly examining the current Elon University targeted phishing e-mail fraud, it's because of the aforementioned kind of spam mails that phishing e-mail scams have increased on the Internet.

They highlight that a phishing e-mail can be recognized if the message typically utilizes threatening, urgent else exciting writings like within the aforementioned instance wherein the e-mail scares students with account deactivation unless they answer.

Moreover, the phishing e-mail may contain stark errors similar as the aforementioned instance that cites 'gmail.com' instead of 'elon.edu.'

Meanwhile, anybody whom the e-mail spam has already victimized is advised to send the message at the e-mail address of the educational institution's Administrative Department for action.

Read more... - Elon University Pupi...
 
Criminals Using Customized Keyloggers Malware to Steal and Exfiltrate Data PDF Print E-mail
Written by Administrator   
Tuesday, 22 July 2014 07:00

Scmagazine.com reported on 11th July, 2014 quoting researchers of security firm Cyphort as "attackers have been using all types of customized and modified keylogger malware to infect systems and steal data like credentials as a part of massive campaign which dates back to 2009."

Google, Facebook,Yahoo, Skype and Dropbox are among the targets in the campaign known as NightHunter which was so named due to its silent methods of exfiltration of data but threats has been seen targeting oil industry, energy firms hospitals, educational institutions, charities and other organizations.

The security firm is not sure about what attackers are doing with the stolen data but believes that they could use it and attack targets for espionage, extortion and bank fraud.

The cybercriminals distribute the malware through phishing emails which look to be related to payments, purchase orders, jobs and inquiries. Securityweek.com reported on 11th July, 2014 quoting Cyphort as "The malicious notifications are normally sent to the sales, finance and human resources departments of insurance firms, educational institutes, trading companies, charities, broadcasters and others."

The phishing emails contain an archive file which hides a keylogger in most cases and when it is installed on a system, keylogger enable attackers to steal data from FTP applications, Web browsers, instant messaging apps, games, password managers, Bitcoin programs and email clients. Cyphort elaborated that there are additional threats which include features like extension spoofing, screenshot capturing, obfuscation, website blocking, fake error messages, self-removal, file downloaders, Web browser data removal and application disabling.

Cyphort has found more than 1,800 infected systems across the world including U.K., U.S., India, Saudi Arabia and Malaysia.

DarkReading reported on 11th July, 2014 quoting Fengmin Gong, Co-Founder of Cyphort, as saying "The attack is ongoing and we will also continue to monitor it. The attackers are very aggressive in collecting and exfiltrating data. Considering the systematic nature of the actors of the campaign, we are guessing that they are still in a "exploration stage" attacking high-level executives with credentials but currently it is not possible to speculate certainly about their endgame."

Read more... - Criminals Using Cust...
 
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1164
Polls
The Spamproblem is
 
Who's online
We have 25 guests online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us