underground

Pierluigi Paganini February 21, 2016
Project Cumulus – Tracking fake phished credentials leaked to Dark Web

Project Cumulus – A group of experts at Bitglass used watermarks to track data through the Dark Web and discover how far do phished credentials get. In April 2015, a group of experts at Bitglass used watermarks to track data through the Deep Web and discover how far does it get after a data breach. The experts discovered […]

Pierluigi Paganini January 29, 2016
CenterPOS – The evolution of POS malware

Security Experts at FireEye discovered a new strain of POS malware dubbed CenterPOS that is threatening the retail systems. In the last 2/3 years, we have seen a significant increase in the number of POS malware, their diffusion is becoming even more worrying. We read about many high-profile breaches that involved high-complex malware targeting payment systems […]

Pierluigi Paganini January 19, 2016
Tinba, a 20KB trojan that scares banks in Singapore and Indonesia

A new variant of the infamous Tinba banking trojan has emerged in the wild and is targeting financial institutions in the Asia Pacific region. Even small threats can scare the giants, this is the case of Tinba, a small malware that continues to create serious problems for financial institutions. Tinba is a popular financial trojan, the fifth version is […]

Pierluigi Paganini January 05, 2016
Dating scam package offered in the underground

The popular security expert Brian Krebs has reviewed a dating scam package offered in the underground by Russians fraudsters. Russians fraudsters have automated the sale of plug-and-play online dating scam packages. As usual happens in these cases, these services are offered on underground websites specialised in online frauds,  crooks promise a response rate of 1.2 percent […]

Pierluigi Paganini December 09, 2015
The North American cyber-criminal underground it’s easy to access!

According to a new report published by Trend Micro, the North American cyber criminal underground is very easy to access. The new report released by Trend Micro reveals that the cyber criminal underground market in North America isn’t so hidden like in other countries. “It doesn’t exist in the dark web as much as other […]

Pierluigi Paganini November 04, 2015
GovRAT, the malware-signing-as-a-service platform in the underground

Security Experts at InfoArmor discovered GovRAT, a malware-signing-as-a-service platform that is offered to APT groups in the underground. In the past, I have explained why digital certificates are so attractive for crooks and intelligence agencies, one of the most interesting uses is the signature of malware code in order to fool antivirus. Naturally, digital certificates […]

Pierluigi Paganini October 29, 2015
Iranian Hackers focus their efforts in Android RATs

A research published by RecordedFuture demonstrates that the interest in Android RATs of Iranian Hackers is rising, DroidJack and AndroRAT are most popular. According to the threat researcher Rodrigo Bijou (@rodrigobijou), Iranian malware authors are focusing their efforts on mobile RATs, in particular, malicious codes designed to compromise Android devices. The security experts confirmed that […]

Pierluigi Paganini October 09, 2015
Who is behind the hack of Uber’s driver database?

The findings of the investigation conducted by Uber on the recent security breach raise doubts on the alleged involvement of a competitor, the Lyft. The findings of the investigation conducted by Uber on the recent security breach that exposed details of its drivers, seems to confirm the involvement of a competitor, the Lyft. On May 2014, […]

Pierluigi Paganini October 09, 2015
Code Signing certificates becoming popular cybercrime commodity

Learn what Certificates as a Service stand for, discover why Code Signing certificates are a precious commodity and find out how to protect yourself online. A recent phenomenon tracked by IBM Security X-Force researchers is the CaaS (Certificates as a service). Cybercriminals would use the Dark Web for selling high-grade code certificates -which they have […]

Pierluigi Paganini September 28, 2015
Tracking Hacker Forums with Traffic Analysis

A study conducted by the Intelligence firm RecordedFuture demonstrates the efficiency of the analysis of hacker forums through traffic analysis-like techniques. Hacker forums still exist, hacking communities are with good shape and growing. Hacker Forums are normally hard to find and once you find them you will see them change again. Most prolific Hacker forums […]