Russian Underground

Pierluigi Paganini May 09, 2022
DCRat, only $5 for a fully working remote access trojan

Researchers warn of a remote access trojan called DCRat (aka DarkCrystal RAT) that is available for sale on Russian cybercrime forums. Cybersecurity researchers from BlackBerry are warning of a remote access trojan called DCRat (aka DarkCrystal RAT) that is available for sale on Russian cybercrime forums. The DCRat backdoor is very cheap, it appears to […]

Pierluigi Paganini February 13, 2018
Hackers in the Russian underground exploited a Telegram Zero-Day vulnerability to deliver malware

Security researcher Alexey Firsh at Kaspersky Lab last discovered a Telegram zero-day in the desktop Windows version that was exploited in attacks in the wild. Security researcher Alexey Firsh at Kaspersky Lab last discovered a zero-day vulnerability in the desktop Windows version of the popular Telegram instant messaging app. The bad news is that the […]

Pierluigi Paganini June 03, 2016
Ransomware campaigns … how to net $90,000 per year

Experts at Flashpoint published an interesting analysis of a ransomware campaign organized by a small gang of cyber criminals. Cybercrime is a profitable business, last week we reported that according to security experts at Check Point, the creators of the Nuclear EK are gaining nearly 100K USD each month, most victims are in Europe and […]

Pierluigi Paganini November 23, 2015
Kaspersky gives a close look to the Russian underground

According to Kaspersky Lab, bad actors in the Russian underground have stolen more than $790 Million over 3 years, from 2012 to 2015. According to the experts at Kaspersky Lab, Russian criminal rings have stole roughly $790 Million over 3 years (from 2012 to 2015), more than $500 million of that is from victims located outside the […]

Pierluigi Paganini September 10, 2014
Nearly 5 million alleged Google account credentials leaked

A database containing nearly million login and passwords for Google accounts has been leaked online on a Russian cyber security internet forum. A database containing 5 million alleged Google login and password has been leaked online on a Russian cyber security internet forum. The news was spread by online media agencies, including RT.com. The huge archive is […]

Pierluigi Paganini September 06, 2014
Chinese criminal underground is doubled between 2012 and 2013

Expert at TrendMicro published a new chapter of the Cybercriminal Underground Economy Series in which analyzed the Chinese underground. Chinese cybercrime underground activity is rapidly increasing, according to a new interesting report published by Trend Micro the Chinese it is doubled between 2012 and 2013. The findings confirm that amount of underground activity in China doubled both with […]

Pierluigi Paganini August 06, 2014
Russian crime ring amasses over a Billion credentials

Experts at Hold Security firm discovered a Russian group of hackers that collected 1.2B stolen credentials obtained in different data breaches worldwide. Experts at Hold Security revealed to have discovered the biggest database of stolen user names and passwords and email addresses, the news is reported by The New York Times that hired an independent security expert who verified […]

Pierluigi Paganini July 15, 2014
Kronos, the new banking trojan from Russian underground

Experts at Trusteer have recently discovered an adv on the Russian underground market regarding a new financial Trojan dubbed Kronos. Russian underground is probably the most prolific market for sale of banking malware, malicious code like Citadel, Zeus, Gozi have infected millions computers worldwide dominating the malware threat landscape. The huge demand for banking trojan  is creating the conditions […]

Pierluigi Paganini June 03, 2014
Gameover Zeus Botnet disrupted by multinational effort

The DoJ and the FBI announced a multinational effort to disrupt the GameOver Zeus botnet responsible for the theft of millions of dollars worldwide. The U.S. DoJ in collaboration with FBI and foreign law enforcement agencies revealed early this week a joint effort to disrupt Gameover Zeus, one of the most long-lived and dangerous botnet composed by a number […]

Pierluigi Paganini January 22, 2014
The author of BlackPOS malware professes his innocence and good faith

Thanks to efficient investigation conducted by private firms like IntelCrawler, BlackPOS author was identifyed and professes his innocence and good faith. I was within the official source to spot the 23-year-old teenager who developed the BlackPOS malware thanks to the revelations made by Cyber Intelligence firm IntelCrawler. The author of BlackPOS was known as “ree[4]” in […]