Clik here to view.
Kronos Banking Trojan and Geo-Targeting from Kelihos
Kronos Banking Trojan and Geo-targeted attacks to Australia, Italy, United Kingdom and United States by Kelihos I'm happy to welcome back guest-blogger Arsh Arora for another blog about the Kelihos...
View ArticleClik here to view.
NoMoreRansom aka Troldesh Ransomware Delivered by Kelihos
My favorite guest blogger Arsh Arora, a malware analyst and Ph.D. researcher at UAB, is back with new and interesting facts about Kelihos, a botnet family that he has been tracking for a year and half...
View ArticleA Cyber Look at the 2017 National Defense Authorization Act
On December 23, 2016, President Obama signed into law the National Defense Authorization Act for Fiscal Year 2017, authorizing $611 (or $619) Billion dollars primarily for the Department of Defense....
View ArticleClik here to view.
FTC Takes Action Against Insecure IoT Devices from D-Link
I still love to listen to GRC's Steve Gibson on the program Security Now! A few weeks back, Steve said "The S in IoT is for Security" which made me laugh perhaps far too much. As we discover more with...
View ArticleClik here to view.
"Microsoft notification" leads to Pharma Redirector on Steroids
Today while investigating spam in the PhishMe spam collection, I started looking at a spam campaign that used two distinct subject lines:Subject: Microsoft notificationSubject: Windows notificationThe...
View ArticleClik here to view.
Kelihos infection spreading by Thumb Drive and continues geo-targeting
I've mentioned before how proud I am that my students are extremely passionate about CyberCrime. My guest blogger 'Arsh Arora' is on a visit to his hometown New Delhi, India to attend a wedding....
View ArticleClik here to view.
Europol Announces 27 ATM Black Box arrests
On 18MAY2017 Europol announced that 27 thieves have been arrested across Europe for participating in a ring that conducts ATM Black Box attacks. The arrests were conducted in France (11), Estonia (4),...
View ArticleClik here to view.
Securing Cyber Assets: Addressing Urgent Cyber Threats to Critical...
My friend Neil Schwartzman, the leader of CAUCE, called my attention to a new report from The President's National Infrastructure Advisory Council (NIAC), "Securing Cyber Assets: Addressing Urgent...
View ArticleClik here to view.
CyberSecurity Awareness Month Tip One: There are no Gift Certificates
While many corporations have great spam filtering, quite a few small businesses and individuals still deal with a deluge of spam on a daily basis. For some time now, a particular group of criminals...
View ArticleClik here to view.
TrickBot's New Magic Trick: Sending Spam
TrickBot's New Magic Trick ==> Sending SPAMIt has been a while since we had a blog from Arsh Arora, who is pursuing his Ph.D., which has kept him away from blogging for a bit. With his current...
View ArticleClik here to view.
IcedID - New Banking Trojan targets US-based companies with web injects
The malware research team in the UAB Computer Forensics Research Lab is widening its horizon and is always on the look out for new malware families. While researching new malware families, Arsh Arora,...
View ArticleClik here to view.
IcedID New Tricks: Where Banking Trojan meets Phishing
IcedID Expanding Target ListAlthough ransomware has been getting all the headlines in the news, banking trojans continue to be an issue. New variants are constantly evolving and offering new risks. At...
View ArticleClik here to view.
On the Anniversary of the Islamic Revolution, 30 Iranian News sites hacked to...
February 11th marked the 39th aniversary of the Islamic Revolution in Iran, the day when the Shah was overthrown and the government replaced by the Ayatollah Khomeini, called "The Supreme Leader" of...
View ArticleClik here to view.
Drinkman and Smilianets Sentenced: The End to Our Longest Databreach Saga?
On Thursday, February 15, 2018, we may have finally reached the end of the Albert Gonzalez Databreach Saga. Vladimir Drinkman, age 37, was sentenced to 144 months in prison, after pleading guilty...
View ArticleClik here to view.
How to Steal a Million: The Memoirs of a Russian Hacker
As a University researcher specializing in cybercrime, I've had the opportunity to watch the Russian carding market closely and write about it frequently on my blog "Cybercrime & Doing Time."...
View ArticleClik here to view.
Affiliate Movie Streaming Scam Service
Dear readers,I'm sharing some information here wondering if anyone can identify the criminal affiliate program at the root of this scam service.The scam begins with what seems to be an automated...
View ArticleClik here to view.
74 (Mostly Nigerians) Arrested in Business Email Compromise Action
Operation Wire Wire Cases Operation Wire Wire was announced June 11, 2018 by the Department of Justice. This Operation led to the arrest of 42 people in the United States and 29 others in Nigeria,...
View ArticleClik here to view.
Operation Wire Wire: The South Florida Cases, Part 1
Yesterday we started a series of posts about Operation Wire Wire, where the Department of Justice announced charges against 74 people for Business Email Compromise and related scams.The South Florida...
View ArticleClik here to view.
Operation Wire Wire: the South Florida Cases Part 2
The Second South Florida case is linked to the first because this entire conspiracy also is part of the work of Roda Taher, AKA Ressi, AKA Rezi, the top recruiter in the first case. However, in this...
View ArticleClik here to view.
Operation Wire Wire: the South Florida Cases Part 3
In the main DOJ Operation Wire Wire press release, the South Florida cases are described like this:Following an investigation by the FBI and the U.S. Secret Service, 23 individuals were charged in the...
View Article