underground

Pierluigi Paganini April 11, 2015
Fake NYPD Badges available for sale on dark web

Experts at Trustev discovered on the Nucleus black market lifetime subscriptions to popular streaming services and fake NYPD badges. In the last months, we have assisted numerous operations run by law enforcement against illegal activities in the dark web, in particular against the numerous black markets that sell any kind of product and services. Everyone could […]

Pierluigi Paganini April 10, 2015
Operation Buhtrap: New Spyware is targeting Russian Banking Sector

ESET has discovered a new hacking campaign dubbed Operation Buhtrap based on a family of spyware targeting vulnerabilities within the Russian Windows System. Late in 2014 analysts at ESET uncovered CVE-2012-0158, a buffer overflow vulnerability in the ListView / TreeView ActiveX controls in the MSCOMCTL.OCX library.  This particular malicious code can be activated by a […]

Pierluigi Paganini April 06, 2015
Home Office – Cybercrime goes unpunished in the UK

British law enforcement is in difficulty facing the cybercrime, just one computer hacker a month convicted of cyber crime out of 100,000 incidents a year. Cybercrime is becoming very attractive for ordinary crime, high earnings, limited risks than other criminal activities and poor perception of crime are among the elements that are facilitating the rapid spread of […]

Pierluigi Paganini April 04, 2015
Abusing block chain to share illegal data, including pedo material

The international criminal police organisation Interpol and private researchers discovered a severe flaw in block chain used by virtual currencies. INTERPOL cyber threat researchers, including members of the Kaspersky Lab, have identified a serious vulnerability in the virtual currencies schema. The flaw resides in the ‘block chain’ related to virtual transactions and it could be exploited to […]

Pierluigi Paganini March 30, 2015
Darknet Sheep Marketplace website owner arrested

Thomas Jiřikovský suspected of owning the black marketplace Sheep Marketplace, an alternative for Silk Road, was arrested while trying to buy a luxury house. The Operation Onymous and the seizure of the popular Silkroad black market have deeply influenced the underground ecosystem. The closure of Silkroad advantaged other black markets like Evolution and Sheep Marketplace. The Evolution […]

Pierluigi Paganini March 29, 2015
British Airways Executive Club members accounts compromised

British Airways Executive Club member accounts were hacked, it isn’t a data breach but hackers used credentials available in the underground. The popular security expert Graham Cluley reported that Members of British Airways Executive Club are noticing suspicious activities for their accounts. The Members of British Airways Executive Club observed that their accounts were mysteriously emptied of […]

Pierluigi Paganini March 29, 2015
Uber logins available for sale in the Deep Web

Security experts have discovered al least two different vendors offering stolen Uber customer logins in a black market on the Dark Web. ArsTechnica has discovered that two vendors on a marketplace in the underground are offering active Uber credential. During the weekend the vendors “Courvoisier” “ThinkingForward” are claiming to sell valid Uber logins respectively for $1 […]

Pierluigi Paganini March 03, 2015
Cyber criminals target call center operators in Apple Pay fraud schema

Cybercriminals are targeting call centers operators in Apple Pay fraud to circumvent the checks implemented by Apple, banks and card issuers. The security expert Cherian Abraham revealed a spike in the fraud on Apple’s mobile payment platform, Apple Pay. The criminals are trying new techniques to compromise the Apple security chain. While the Apple devices and software are […]

Pierluigi Paganini February 27, 2015
Cyber criminals target trading algorithms to steal related code

Security firms discovered a significant increase in the number of targeted attacks aimed at stealing the code related trading algorithms. Cyber criminal organizations appear more interested in target trading algorithms, patents, trade secrets than other kinds of information, this is the new trend observed by security experts. Cyber criminals are increasing their activity against private […]

Pierluigi Paganini February 27, 2015
Joomla Reflection DDoS attacks exploit a Google Maps Plugin flaws

Akamai firm discovered numerous attacks exploiting a known vulnerability in a Google Maps plugin to run Joomla Reflection DDoS attacks against enterprises. Experts from Akamai Technologies’ Prolexic Security Engineering and Response Team (PLXsert) have discovered a vulnerability allows attackers to turn Joomla servers using the Google Maps plugin into a DDoS hacking tool. The worrying aspect […]