Pierluigi Paganini
April 29, 2014
TrendMicro has published an excellent study on the evolution of the Russian underground, detailing products, services and related prices. Max Goncharov has published a new interesting study on the Russian Underground, titled Russian Underground Revisited, one year after the previous report “Russian Underground 101”. Trend Micro report continues its analysis of the services and products offered by cyber criminals in […]
Pierluigi Paganini
April 17, 2014
Security experts at ESET detected a new variant of iBanking Trojan offered in the underground that exploits Facebook platform as vector of infection. iBanking is the name of a mobile banking Trojan app distributed through HTML injection attacks on banking sites. iBanking deceives victims impersonating itself as a  ‘Security App‘ for Android, we have spoken about it  early 2014 […]
Pierluigi Paganini
February 24, 2014
iBanking is a new mobile banking Trojan available for sale in the underground for $5,000 according the RSA’s FraudAction Group. The source code for iBanking banking trojan has been leaked online through an underground forum, this kind of news reports a serious threat from the cybercrime ecosystem. Like happened for other trojan, including Zeus and Carberp, the […]
Pierluigi Paganini
February 04, 2014
Security experts at Malcovery firm have detected a new Zeus variant bypassing the security traditional defenses with the usage of encryption. Zeus malware is hard to die, the availability of its source code in the wild caused periodically the born of a new variant, even more resistant  and sophisticated. Over the years, we saw variants […]
Pierluigi Paganini
January 06, 2014
Dutch security firm Fox IT discovered an ongoing malware-based attack that hit thousands of Yahoo users via malicious ads. Users are alerted. Since the December 30th Yahoo website is proposing a malicious ad that was serving a malware, the discovery was made by Dutch security firm Fox IT. Visitors to the Yahoo website see the […]
Pierluigi Paganini
November 22, 2013
Trusteer researchers have uncovered a sneaky piece of financial malware, known as i2Ninja, being sold on a Russian cyber crime forum. A new financial malware dubbed i2Ninja menaces banking, despite it has yet to be discovered in the wild, researchers at the IBM company Trusteer have found a sneaky piece of the malicious code on […]
Pierluigi Paganini
October 10, 2013
The author of the Blackhole exploits kit has been arrested after a long investigation. What will change in the offer of the criminal underground? The author of the popular Blackhole exploit kit, also know as Paunch, has been arrested. The cybercrime underground has lost one of its principal actors considering that the malicious kit is one of […]
Pierluigi Paganini
August 19, 2013
Security expert Dancho Danchev profiled one of the numerous hacking services offered in the underground highlighting new trends in the cybercrime ecosystem. With the term attack-as-a-service model is indicated the practice to outsource all the phases of an attack to specialists instead to rent tools and architecture to conduct personally the illegal activities (Malware-as-a-Service). Danchev […]
Pierluigi Paganini
June 25, 2013
Attacks-as-a-Service, Malware-as-a-Service and Fraud-as-a-Service, are all terms used to better qualify the complex evolution of cybercrime offer. Attacks-as-a-Service , Malware-as-a-Service and Fraud-as-a-Service are all terms commonly used for providing of illegal activities by cyber criminals. These models of sale represent the natural evolution of the offer in the underground that responds to a demand in constant growth. In the past we have discussed […]
Pierluigi Paganini
June 19, 2013
Security firm Group-IB has discovered on an forum in the underground the sale for Carberp banking Trojan source code at $5K. Carberp banking Trojan is experiencing a new youth in the underground, in the last months investigation at security firm Group-IB have identified in an underground forum the resumption of sale for the malware. The version proposed […]
