Independent Security Consultant
Joined on July 3, 2008
Total Post Views: 12,262
| About |
Independent Security Consultancy, Threat Intell Analyses and Competitive Intelligence research on Demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day.
A managed spam vendor always has to raise the stakes during its introduction period on the market. But what happens when a market follower starts using the market leader's proprietary managed spamming system, and is able to provide better spamming rates at cheaper prices? Market forces and unethical competition at its best. more»
Surreal, especially when you get to read that EstDomains has "ruthlessly suspended over five thousand domains only for last week", and also, that it "has a reliable ally in its battle against malware in a face of Intercage, Inc." ... The press release reminds me of Russian Business Network's (RBN) defacement of my blog posted on the 1st of April, and despite that EstDomains started "performing for the community" as of recently, thanks to the collective intelligence and persistence of everyone turning their research into actionable intelligence against them, this performance aiming to minimize the effect of the negative PR is more or less futile... more»
or the cheap cybercriminals not wanting to invest a couple of thousand dollars into purchasing a cutting edge web malware exploitation kit with all the related and royalty free updates coming with it (a pirated copy of which they could ironically obtain several moths later), there are always the copycat malware kits... Taking into consideration the proprietary nature of some of the kits, the business model of malware kits was mostly relying on their exclusive nature next to the number, and diversity of the exploits included in order to improve the infection rate. This simplistic assumption on behalf of the coders totally ignored the possibility of their kits leaking to the general public... more»
Disintermediating the intermediaries in the cybercrime ecosystem, ultimately results in more profitable operations. Controversial to the concept of outsourcing, some cybercriminals are in fact so self-sufficient, that the stereotype of a mysterious 76service server offered for rent could in fact easily cease to exist in an ecosystem so vibrant that literally everyone can portion their botnet and start offering access to it on a multi-user basis. Evil? Obviously. Extending the lifecycle of a proprietary malware tool? Definitely. more»
There seems to be no such thing as a free phishing page these days, with phishers scamming one another at an alarming rate according to a recently published research entitled "There is No Free Phish: An Analysis of "Free" and Live Phishing Kits". Cybercriminals attempting to scam other cybercriminals has been happening for years, with old school cases where backdoored malware tools such as crypters and binders are offered for free, or a newly released RAT whose client is in fact infected with a third-party malware... more»
It gets very ugly when someone owns both, the botnet, and the portfolio of parked domains actively participating in pay per click (PPC) advertising programs, where the junk content, or the typosquatted domain names are aiming to attract high value and expensive keywords in order for the scammer to earn higher on per click percentage. This is among the very latest tactics applied by those engaged in click fraud activites. more»
How much malware is your antivirus solution detecting? A million, ten million, even "worse", less than a million? Does it really matter? No, it doesn't. What's marketable can also be irrelevant if you are to consider that today's malware is no longer coded, but generated efficiently and obfuscated on the fly. Sophos's recent statistics: "It is estimated that the total number of unique malware samples in existence now exceeds 11 million, with Sophos currently receiving approximately 20,000 new samples of suspicious software every single day -- one every four seconds." more»
This email hacking as a service offering is the direct result of the public release of a do it yourself hacking kit consisting of each and every publicly known vulnerability for a variety of web based email service providers, with the idea to make it easier for someone to execute their attacks more efficiently. Outsource the hacking of someone's email, and receive a proof in the form of a screenshot of the inbox, next to a guarantee that you'll be able to get back in even after they've changed their passwords? Too good to be true, but since they only charge after they provide you with a proof that they did the job, they could be in fact attempting to hack these emails, compared to the majority of cases where scammers scam the scammers. more»
Last week's mass defacement of over 300 Lithuanian sites hosted on the same ISP, an upcoming attack that was largely anticipated due to the on purposely escalated online tensions out of Lithuan's accepted legislation banning communist symbols across the country, once again demonstrates information warfare building capabilities in action. Moreover, the attack is again relying on common prerequisites for a successful information warfare campaign, used in the Russia vs. Estonia cyberattack last year. These very same Internet PSYOPS tactics ensure the success of the information warfare as a whole... more»
It's one thing to start efficiently registering thousands of email accounts at reputable email providers by automatically breaking their CAPTCHA authentication, and entirely another to build a business model on the top of it next to the opportunity to abuse if for your own malicious purposes. Which is exactly what we have here, an underground service that's selling registered accounts at Gmail, Yahoo, Hotmail and the most popular Russian email providers in the thousands. more»
