Clik here to view.
GameOver Zeus now uses Encryption to bypass Perimeter Security
The criminals behind the malware delivery system for GameOver Zeus have a new trick. Encrypting their EXE file so that as it passes through your firewall, webfilters, network intrusion detection...
View ArticleClik here to view.
Highest Malware Spam Rate since April 2013
Since 2006, my lab at UAB, part of The Center for Information Assurance and Joint Forensics Research has been gathering spam and finding creative ways to analyze it to find new threats. Last December...
View ArticleClik here to view.
Interac Phishers try their hand at IRS
Last week Malcovery Security had an interesting phish show up claiming to be related to the IRS. This one turns out to be a great example of the (activate 1940 horror movie narrator voice) The POWER OF...
View ArticleClik here to view.
WhatsApp Spam: a malware distribution scam
On February 19, 2014, Facebook Announced the purchase of WhatsApp for $4 billion in cash and 183,865,778 shares of Facebook stock ($12 Billion in current value) plus an additional $3 billion in shares...
View ArticleClik here to view.
2013 FTC Consumer Sentinel Report - Identity Theft By U.S. City
Each year the Federal Trade Commission publishes a detailed report on the Fraud and Identity Theft complaints they received during the previous year, not just at the FTC, but throughout their Consumer...
View ArticleClik here to view.
American Express's new Phishing Criminal Brings Game!
Every time I start to think that I've seen everything with regards to phishing the criminals shake things up and get me excited again. Today I have to say the American Express phishers are bringing...
View ArticleThe Carder.su indictment: United States v. Kilobit et. al.
Today the U.S. government unsealed its indictment against Fifty-Five members of the Carder.su carding forum. We wrote about Carder.su before on this blog, back in March 2009 when a rival gang was...
View ArticleClik here to view.
Phishers, Framesets, and Grocery Surveys
Like most criminals, or let's face it, most programmers, Phishers are lazy. They like to be able to create one website and have it live for an extended period of time. Unfortunately for them, victim...
View ArticleZeus Criminals charged in Omaha, Nebraska
Legal documents analayzed below are available at the bottom of this DOJ article: Nine Charged in Conspiracy to Steal Millions of Dollars using Zeus Malware We've talked about Zeus in this blog for many...
View ArticleClik here to view.
Multi-Brand French Phisher uses EDF Group for ID Theft
At the end of January last year, French power company EDF advised the public that they were seeing a significant rise in the number of phishing complaints they were receiving from their customers. An...
View ArticleClik here to view.
Blackshades RAT leads to 97 Arrests in 16 countries
On May 19, 2014, the FBI announced a worldwide coordinated action against criminals who created, sold, and used a Remote Administration Trojan (RAT) known as BlackShades. In the FBI's BlackShades Press...
View ArticleClik here to view.
A Social Facebook Phish - is your friend acting strange?
I'm always proud when my students do a great write up on a new attack, and doubly so when that analysis comes from my nephew, Chris Warner! Chris was logged in to Facebook today when one of his friends...
View ArticleIs the Game Over for GameOver Zeus?
Several weeks ago law enforcement friends in Pittsburgh started asking people not to publish anything too public about GameOver Zeus. When we asked why, we got a teasing "You'll see!" Now our ISP...
View ArticleClik here to view.
Malcovery Examines GameOver Zeus
What is this graphic about? Read on, Gentle Reader!Malcovery: Email Based Threat Intelligence and GameOver ZeusAt Malcovery Security we have become EXTREMELY familiar with GameOver Zeus. Our malware...
View ArticleClik here to view.
Microsoft, njRat, and No-IP
Microsoft's Digital Crimes Unit is claiming their 10th major botnet action, this time targeting the malware known as Bladabindi, or more popularly njRAT, and Jenxcus, better known as H-worm. To do so,...
View ArticleDisk57.com, Cutwail, and Tearing Down Offending Infrastructure
Sometimes I am so impressed by the things my employees at Malcovery discover as they work through the various email-based threats we process and report about for our customers. Brendan, Wayne, and J...
View ArticleClik here to view.
E-ZPass Spam leads to Location Aware Malware
If you drive in a city with toll roads, you are familiar with the E-Z Pass System. If you are, you may have been tempted to click on an email that looked like this: A quick search in the Malcovery...
View ArticleRoman Seleznev (AKA Bulba, AKA Track2, AKA NCUX) appears in US Court in Guam
The media is buzzing about the arrest of hacker and stolen credit card vendor Roman Seleznev who has appeared in court in the US territory of Guam after being arrested in the Maldives. The story is...
View ArticleClik here to view.
New GameOver Zeus Variant uses FastFlux C&C
Over on the Malcovery Security Blog yesterday we covered a new version of GameOver Zeus (see: GameOver Zeus Mutates, Launches Attack ) that was distributed in three spam campaigns on July 10, 2014. At...
View ArticleClik here to view.
Urgent Court Notice from GreenWinick Lawyers delivers malware
I spent some time yesterday in the Malcovery Security Spam Data Mine looking at the E-Z Pass malware campaign. The ASProx spammers behind that campaign have moved on to Court Notice again . . ....
View Article