Twitter used for Rogueware Distribution
Cyber criminals are using social media more frequently to distribute their malicious creations. Pft! As if Blackhat SEO, fake advertisements, and hacked websites weren’t enough?! Today we’ll take a look at a Rogueware campaign using Twitter for distribution. Several fake profiles (and compromised ones too) started tweeting “a very good antivirus” followed by a shortened [...]
Operation:Payback broadens to “Operation Avenge Assange”
==> Get up to the minute attack updates here <== The organizers behind the anonymous group responsible for Operation:Payback are in the midst of refocusing their campaign to assist WikiLeaks in their quest to release classified government documents. The following statement was made available on their website late Sunday afternoon: Wikileaks have been down because [...]
‘Tis the Season of DDoS – WikiLeaks Edition
Scroll to the bottom for the latest updates… DDoS attacks are flying across the Internet like there is no tomorrow. Just a few days ago, a hacktivist operating under the handle “th3j35t3r” decided to single-handedly take down the Wikileaks website with a DoS tool of his (or their) own creation. He issued a statement on [...]
Dont Get Caught by the Grinch on Twitter
Last year we documented the very first trending topic attack on Twitter. The attack is similar to a Blackhat SEO campaign, where criminals leverage the many hot topics discussed on the Internet in order to position their malware campaigns in highly visible places on Twitter. Earlier today we noticed over 300 Twitter accounts targeting various [...]
Operation:Payback Yielded 37 Days of Total Downtime
Real-time updates can be obtained at our original blog post: http://bit.ly/azgKeG After two months of constant attacks against various media authorities around the world, the United States Pirate Party has stepped in to ask the attackers to stop and focus their time on productive (and legal) ways to protest for copyright reform. The chats between [...]
Google Instant Can Turn Black Friday into Sad Friday
Remember when I said that Google Instant was a potential security disaster? Well, it turns out that Google’s new Instant Preview feature can help lure innocent victims over to malware campaigns. Blackhat SEO campaigns work by tricking search engines into displaying malicious search results. Criminals achieve this a few ways, but the most common way [...]
Black(hat) Friday and Cyber(crime) Monday
You may be in for more than you bargained for if you plan on looking for the latest Black Friday or Cyber Monday deals online. Cyber criminals are quick to capitalize on new opportunities and have already done so by optimizing their Blackhat SEO campaigns to infect those looking for those hot ticket item deals. [...]
Malware Spreading via Halloween Related Keywords
It’s that time of the year again! Halloween is just a few days away and cyber criminals are taking advantage by inserting their malware campaigns right into Halloween related search results. Searching for Halloween costumes, parties, pumpkin carving patterns, and more can land you right in the middle of one of these malicious campaigns. Here [...]
Rogueware Targets Russians With Pay via SMS Scam
We’ve monitored the Rogueware threat landscape for quite some time over here at PandaLabs. Every day we see new domain names, product names, and various fake scan HTML templates. The Rogueware threat landscape hardly ever changes in a significant way, but today we came across something interesting. As you may know, most (if not all) [...]
Greetings from Hack in The Box Malaysia
Greetings from Kuala Lumpur, Malaysia! Luis and I are in town to give a talk at this year’s annual Hack in the Box security conference. Our talk titled, “Lessons Learned From Mariposa: Avoiding Disaster, Protecting from Cybercrime” goes into detail about our collaboration between the FBI, Spanish Civil Guard, security researchers, and the various hurdles [...]
