Pierluigi Paganini August 22, 2013
DDoS to hide attacks against wire payment switch systems

Fraudsters target wire payment switch at US banks to steal millions using DDoS to divert the attention on fraudulent transactions. Cybercriminals are targeting the wire payment switch instead to hit directly into the banking accounts of individuals and businesses, this appears to be the last trend observed for recent attacks against numerous US banks. The wire payment switch […]

Pierluigi Paganini July 25, 2013
KINS trojan is threatening banking sector

KINS trojan is the name of the new banking malware that RSA researchers discovered thanks to an announcement on the Russian black market. Early 2013 RSA discovered traces of a news banking trojan named KINS, security experts have followed the evolution of the malware in the underground community. RSA researchers discovered an announcement on the Russian […]

Pierluigi Paganini June 30, 2013
Self-propagating ZeuS source code offered for sale in the underground

A new variant of Zeus trojan is offered for sale in the underground. It is a Self-propagating version that exploits Facebook, the RDP and the email. The criminal history taught us that after the diffusion of source code of malicious agent such as the popular Zeus it is possible to assist to a real explosion […]

Pierluigi Paganini June 19, 2013
Carberp banking Trojan source code for sale at $5K in the underground

Security firm Group-IB has discovered on an forum in the underground the sale for Carberp banking Trojan source code at $5K. Carberp banking Trojan is experiencing a new youth in the underground, in the last months investigation at security firm Group-IB have identified in an underground forum the resumption of sale for the malware. The version proposed […]

Pierluigi Paganini June 12, 2013
Zeus Evolution.Is RBN really linked to Facebook Zeus variant?

Is RBN (Russian Business Network) really linked to Facebook Zeus variant? Exclusive interview with WhiteHat who has investigated on the malware. RBN or ordinary crime, Zeus is appearing in new forms and using new infection channels but according some security analysts behind new a variant there could be the support of members of dangerous criminal organization RBN. As […]

Pierluigi Paganini June 07, 2013
Facebook Zeus malware targeting bank accounts

Principal security firms detected a new variant of Facebook Zeus malware that is exploiting the popular social network to target user’s bank accounts. A Facebook Zeus malware variant (aka ZeuS/ZBOT) has been detected by principal security firms confirming the longevity of malicious code and the ability of cybercrime to customize it according to its needs. Symantec […]

Pierluigi Paganini May 17, 2013
Group-IB Exclusive details on Kangoo botnet that hit Australian banks

Group-IB researchers have detected a new botnet named Kangoo that infected more than 150 000 machines mainly targeting Australian banks. Group-IB researchers have detected a new botnet named Kangoo that infected more than 150 000 machines, specialists dubbed it «Kangoo» due the presence of  a kangaroo logo on the WEB-interface of the C&C administrative panel. The botnet mainly […]

Pierluigi Paganini April 25, 2013
Public offer of Zeus FaaS service on social network

Public offer of Zeus FaaS service on Facebook My readers know very well the dynamic of cybercrime enterprise and in particular of the growing interest in monetization malicious codes such as malware, ransomware and more in general botnets. One of the most targeted sector is banking, the evolution of banking services, their introduction on mobile platforms made attractive targets for cyber criminals, one […]

Pierluigi Paganini February 23, 2013
What does the Poetry with Citadel trojan?

Recently I published an article on the attacks against Japanese banks using a new variant of the popular Zeus, one of the most prolific malware of recent history, security experts in fact have detected various versions of the popular malicious code that hit also mobile and social networking platforms. Due its flexibility the malware has […]

Pierluigi Paganini February 17, 2013
Zeus hit five major banks in Japan

Zeus malware is considered the most popular and prolific malicious code for banking, it is one of the privilege agent by cybercrime the use to sell various customized version in the underground to conduct sophisticated frauds. Security community has found it in different occasion and anyway it was a surprice, the malware has evolved in […]