Rule 41 Changes: Search and Seizure when you don't know the Computer's location
This one is for the legal geeks ...This weekend, the EFF published an article With Rule 41, Little-Known Committee Proposed to Grant New Hacking Powers to the Government. This discussion pits the...
View ArticleClik here to view.
"Unlimited" ATM attack in Japan against South Africa's Standard Bank
We've written about Unlimited ATM attacks in this blog many times in the past, from 2008 until just a few months ago, but this newest attack is the first to feature Japanese ATM machines, to my...
View ArticleClik here to view.
Deconstructing a Dropbox Phish
Today I was asked by a friend to take a look at a strange email they were seeing in their organization that contained a “bit.ly” URL. I found it to be a fascinating phish! A few of the things that...
View ArticleClik here to view.
Kelihos botnet delivering Dutch WildFire Ransomware
Guest Blogger Arsh Arora, a malware analyst and PhD candidate at UAB, has been keeping watch over the Kelihos spamming botnet. Yesterday he found some interesting things that I've asked his permission...
View ArticleClik here to view.
Reality Checking Mister Robot's Ransomware Attack
In tonight's Episode of Mr. Robot, the fsociety hackers deliver a Ransomware attack to the Bank of E. At PhishMe, our malware analysts have reviewed more than six million malicious Ransomware emails...
View ArticleClik here to view.
Pokémon Go: An invitation to spammers
Today we have another Guest Blog from Arsh Arora, PhD student at UAB. Arsh is a malware analyst in my lab and I asked him to look into the theory that Pokémon Go was being used to trick people into...
View ArticleClik here to view.
Hacking, Carding, SWATting and OCD: The Case of Mir Islam
There can be no argument that Mir Islam is a hideous Internet Troll. Part of a group of hackers who participated in elaborate scams that combined social engineering, hacking, and gaining credit...
View ArticleClik here to view.
American Airlines spam from Kelihos delivers Ransomware
I'm pleased to have Arsh Arora return with another guest blog about his findings as he continues to observe the Kelihos botnet. Arsh recently received his Masters in Computer Forensics and Security...
View ArticleClik here to view.
Kelihos botnet sending Panda Zeus to German and UK Banking Customers
On August 11th and August 12th the Kelihos botnet has been observed sending malware again. Unlike the Ransomware that we've seen it send recently (see Kelihos spamming American Airlines Ransomware and...
View ArticleClik here to view.
Kelihos Botnet sending geo-targeted Desjardins Phish to Canadians
As we mentioned in our blog last week (see: Kelihos botnet sending Panda Zeus to German and UK Banking Customers), the Kelihos botnet is now using "geo-targeting" based on the ccTLD portion of email...
View ArticleClik here to view.
Roman Seleznev (AKA Track2 / Bulba / Zagreb / smaus) Found Guilty on 38 of 40...
Roman Seleznev has been found guilty to 38 of 40 charges against him by a Seattle-based jury. Seleznev's case created an international stir when he was arrested while vacationing in the Maldives and...
View ArticleClik here to view.
Amazon Gift Card from Kelihos!
Arsh Arora and Max Gannon, malware researchers in our lab at the University of Alabama at Birmingham (UAB) continue their on-going analysis of the Kelihos botnet. We call this a "longitudinal malware...
View ArticleMore "Crackas With Attitude" hackers arrested
The Department of Justice has announced the arrest of two North Carolina based members of the group "Crackas With Attitude" who famously broke into the AOL email account of CIA Director John Brennan...
View ArticleClik here to view.
Long-Lived Pill Spam from Kelihos
The "fall-back" spam campaign for KelihosThe Kelihos Botnet has been with us for a Very Long Time. Part of how it lives so long is that it avoids one of the big traps of botnets, it rotates its...
View ArticleClik here to view.
Watch Facebook Go Crazy for Fake Star Wars Story
Dozens of my friends are going nuts over the news that the "Next Star Wars Movie to be Filmed Near Hoover, Alabama, Hundreds of Extras Needed!" Isn't that exciting? Well, I guess until you realize...
View ArticleClik here to view.
Backpage.com, Human Trafficking, and Free Speech
Charges Against Backpage Earlier this week the states of Texas and California worked together to have the CEO of Backpage.com arrested. The charges were brought in California, who issued the arrest...
View ArticleTen Years of Cybercrime & Doing Time
On October 10, 2006 while I was sitting in my office at Energen I decided to start a blog. I had been an InfraGard member for five years at that time, and was realizing based on the feedback I was...
View ArticleClik here to view.
Yevgeniy Nikulin hacked LinkedIn and Formspring via Employee VPN
From the indictment against Yevgeniy NikulinOn October 20, 2016, Radio Free Europe/Radio Liberty announced that they had identified the Russian hacker who was arrested in Prague. They were the first...
View ArticleClik here to view.
Major Call Center Scam Network Revealed - 56 Indicted
This week the US Attorney for the Southern District of Texas unsealed indictments against 56 individuals operating a conspiracy to commit wire fraud through a sophisticated scam involving five call...
View ArticleClik here to view.
NullCrew's Orbit, AKA Timothy French gets 45 months
This week, NullCrew hacker "Orbit" who is known to his jailers as Timothy French, was sentenced to 45 months for his role in several high profile hacking cases, including the University of Hawaii, the...
View Article