Support our Sponsors

uClip Clipping Path Service

Main Menu
Windows Software
Mac Software
Hosted Solutions
Server Software
Mobile Solutions

feed-image Feed Entries

Authorities of UK Arrest Cybercriminals Running Website of Cybercrime Services PDF Print E-mail
Written by Administrator   
Monday, 30 November 2015 08:00 reported on 23rd November, 2015, stating that authorities of UK have detained two suspects regarding service, which is a website providing AV evasion services to malware operators.

The arrests were made recently after a joint operation was conducted by security firm Trend Micro and NCA (National Crime Agency) of UK.

A man and a woman, aged 22 years from Colchester, Essex (UK), were initially arrested and later released on bail till February 2016.

The duo operated the notorious online service, which provided an extensive collection of complimentary and commercial tools for malware authors.

The website claimed that over 1.2 Million scans had been conducted since February 2015 before it was closed down. One of the latest features added to the cybercrime service known as "scanwatch", allowed users to continuously monitor the detection status of the files which they uploaded.

The website ( gave cyber crooks the possibility of adding features for antivirus evasion to their malware chiefly through the Cryptex toolkit.

This kit and all its versions, Cryptex Advanced, Cryptex Reborn and Cryptex Lite, were employed to give encryption for the code of the malware and bot-server communications.

Its latest version, Cryptex Reborn, was believed to be one of the most advanced such tools in recent years. Cybercriminals can buy Cryptex Reborn for prices that range from $20 to $90 per month for lifetime.

Business Reporter published news on 23rd November, 2015, quoting Steve Laval, of NCA's National Cyber Crime Unit, as saying "This continuous investigation shows how the NCA is taking its work with industry to fight cybercrime to the next level. Although the website offered services designed in helping to evade anti-virus software, computer users can protect themselves from malware threats by taking some simple precautions. The NCA urges all Internet users to ensure that they have installed updated anti-virus software on their machines and avoid clicking on unknown or doubtful links or attachments in emails".

A Memorandum of Understanding (MOU) was signed between the National Crime Agency and Trend Micro in July 2015, starting an important step toward cooperation between the two parties to combat cybercrime.

Read more... - Authorities of UK Ar...
Payment Systems of Hilton Worldwide Hit by Malware PDF Print E-mail
Written by Administrator   
Monday, 30 November 2015 08:00 reported on 25th August, 2015, quoting Hilton Worldwide Holdings, hotel chain operator, with headquarter at Virginia, United States, as saying that in some payment systems they have found unauthorized malware, which targeted payment card information including in Australian hotels".

Hilton recently said that a third party has investigated and found that specific payment card information are targeted by malware, which included names of cardholder, expiry dates, security codes and payment card numbers.

The company further added that the targeted information does not have PINs (Personal Identification Numbers) or addresses.

As per Hilton, customers who have used their cards at some stage - from November 18 to December 5, 2014; or April 21 to July 27, 2015 - are suggested to verify their bank statements. published news on 24th November, 2015, quoting a statement of the company that "Hilton Worldwide is strongly committed to protect payment card information of customers, and we sincerely regret for any inconvenience caused to customers due to this". published news on 25th August, 2015, quoting a Spokesperson of Hilton Worldwide Holdings on being asked about the breach in Australia, as saying "payment systems were impacted across our global portfolio during the date range and consumers should be cautious about their statements if they stay at one of our properties".

The Double Tree and Conrad hotel chains owner, however, did not give details on the number of affected cards.

The declaration came just few days after Starwood Hotels, which operates the Westin and Sheraton chains, said that the payment systems are infected by the hackers in few of its establishments, possibly leaking credit card data of customer.

As per Starwood, the hacking took place at "limited number" of its hotels in North America. Some of its other popular chains include W Hotels and St Regis.

Starwood said that forensic experts investigated and found malware in few gift shops, restaurants, and other points of sale systems at hotels. published news on 25th November, 2015, quoting a statement of the group that "the malware was designed to collect certain payment card information including name of the cardholder, security code, payment card number and expiry date".

Read more... - Payment Systems of H...
RSA Finally Exposes ‘GlassRAT’ a RAT Running for Years PDF Print E-mail
Written by Administrator   
Monday, 30 November 2015 08:00

According to RSA the security company, an earlier unidentified RAT (remote access tool) named "GlassRAT" is now exposed.

The Trojan enjoying zero detection seems to have been running treacherously for 3-yrs, with evidence that it's getting utilized in one highly prevalent targeted attack that concentrates on Internauts in China employed at corporate houses.

GlassRAT utilizes plentiful typical indications of good, extremely effective for the minimum, malware creation. An installer of the malware is signed utilizing one hijacked certificate of one renowned and trustworthy publisher. Once the payload is delivered, the malware deletes itself. The payload when installed causes the malevolent DLL file to remain undetected to anti-virus firms.

It maybe noted that the command-and-control (C&C) infrastructure of GlassRAT has shown a short-interval similarity with the C&C detected within campaigns related to malicious software disclosed during 2012 which attacked the Pacific region's military and government agencies.

In particular, GlassRAT linked up with the C&C hosting for Mirage malware that in turn is linked up with Mirage, PlugX and Magicfire malware attacking the government of Mongolia and the military of Philippines.

RSA states the similarity within shared infrastructure suggests probable slippage of operational securities from GlassRAT perpetrators at least if not execution of infrastructure sharing. reported this, November 23, 2015.

The organization from where the certificate was seized isn't known because RSA wouldn't reveal the name; however, the company does state that the certificate is annulled. With the said certificate the malware's installer is digitally authorized that erases itself having pulled down the RAT onto the hijacked computer. According to RSA, an unnamed software firm at Beijing has created one application which pulling along over 500m users has its name identical to the one the RAT uses within the certificate window at the time of installation.

Meanwhile, Primary Researcher Kent Backman for the investigation at RSA says, the malware is known to be very effective against big-budget multinational corporations. For years it remained undetectable to anti-virus software with the possibility that if it were to be even widely implemented it would have had fewer chances of bypassing anti-virus detection, Backman highlights. reported this.

Read more... - RSA Finally Exposes ...
PoS Malware Causes Security Breach at Starwood Hotels PDF Print E-mail
Written by Administrator   
Friday, 27 November 2015 06:00

The customers of Starwood Hotels & Resorts have had their credit card data seized as hackers placed malware onto the point-of-sale machines functioning at fifty four hotel properties among the total collection of the group, published, November 16, 2015.

A global hotel chain, Starwood Hotels & Resorts runs brands such as W Hotels, Sheraton, Westin, Le Meridien and St. Regis. On November 16, 2015, the hotel group declared that it had sold its properties to Marriott International so the 2 renowned hotels would turn into single biggest worldwide.

On the evening of 20th November 2015, Starwood Hotels declared it was hit with a data hack on its USA-based properties. The company stated that the cause of the incident was a PoS malware.

According to the hotel group, the breach hadn't impacted its arrangement of customers' booking at the hotel and that only the PoS endpoints were infected due to the malware at its gift shops and restaurants.

The hotel further said that the malware managed to steal the payment cardholders' names, dates of card expiration, security codes, and card numbers, without seizing the customer addresses and PINs.

President of Starwood, Sergio Rivera for the US properties stated that the business had set up an investigation into the incident in coordination with officials. reported this, November 20, 2015.

Rivera further said that soon as his company knew about the problem; it promptly acted towards finding out the actual details. It had been associating with officials of law enforcement while also working with the card companies for a solution. Starwood was cautioning clients impacted with the incident in order that they could act towards safeguarding their information even as it had enforced extra security measures for being able to stop the sort of crime's reoccurrence, it sought to assure its clients, the President added.

Starwood was urging customers to use its helpline number 1-855-270-9179 for USA and Canada customers alternatively 1-512-201-2201 for international clients from 8am-8pm CST between Monday and Saturday.

The company further assured that the malicious program wasn't anymore posing a threat for the hotel's clients who utilized their payment cards.

Read more... - PoS Malware Causes S...
Ransomware-as-a-Service Appears, Wants 10% Cut in Profit PDF Print E-mail
Written by Administrator   
Friday, 27 November 2015 06:00 reported on 12th November, 2015, stating that a new service has been launched recently, which offering a novel ransomware solution is named CryptoLocker to anyone who is spirited to pay 10% of the gathered ransom amount. Additionally, to the main ransomware, the final objective of the business proprietor is to execute more functions to the malicious software, such as connecting it to freshly produced exploits.

The new venture, namely CryptoLocker Service, was recently launched on a standalone Darknet website. The person is running the new venture by using the handle Fakben.

The handle is not new, as it already exists on a few of the major criminal parts of the Internet.

In recent times, Fakben was a user of the Evolution (Evo) marketplace, which is a blackmarket founded by a renowned carder (someone dealing with data of embezzled credit card), after the raid and shutdown of Silk Road in 2013 by law enforcement.

The Evolution owners pulled an exit scandal, and flee with the money in the escrow for the traders of the website, which lead to ultimate closure of the site itself. After that, the customers and merchants spread to the winds, Fakben being one of them.

After few months, former users of Evo have now started their personal business.

CryptoLocker Service needs a fee of US$ 50, which customers have to pay to obtain the basic ransomware payload.

This is not a whole ransomware-as-a-service platform because users still need to spread the ransomware amongst the victims.

"We are not interested to find out who will be infected, or what type of methods you will use, however it is vital for you to use brain and intelligence for spreading it. We will continue to work in the CryptoLocker settings, improving methods for being undetected by AV. We will give all the support which customers need through Jabber service, FAKBEN team states on their website", as per the published news on 13th November, 2015, by

The group informed that the ransomware will take-off in days to come.

Writing ransomware is a difficult business, and several would-be VXers have quickly failed. This example is significant of the Tox ransomware-as-a-service, which fell to ruin shortly after it appeared.

Read more... - Ransomware-as-a-Serv...
<< Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>

Page 1 of 1340
The Spamproblem is
Who's online
We have 120 guests and 2 members online
News Flash
How do you fight spam?

Spam is a growing pain. How are you combating spam?

Submit your favorite spam fighting links to us