The Operation Buhtrap campaign targets a wide range of Russian banks, used several different code signing certificates and implements evasive methods to avoid detection.
If you have recently received an unexpected email with a ZIP file attached, it could be a threat attempting to steal your banking login credentials. Its name is Waski and is detected by ESET as Win32/TrojanDownloader.Waski.
The Obama administration wants greater power to shut down botnets, responding to the growing threat of cybercrime and increasingly complex, modern techniques.
The Ramnit botnet that is said to have affected 3.2 million computers has been shut down by European police.
Lizard Squad failed to encrypt its database of LizardStresser’s registered users – storing details of their usernames and passwords in plaintext. A schoolboy error if ever I heard one.
The attack which knocked the PlayStation Network (PSN) and Xbox Live offline over Christmas appears to have been a publicity stunt, designed to gain notoriety and draw attention to the hacking group which has claimed responsibility – Lizard Squad.
Malware or malicious computer code has been around in some form or other for over 40 years, but the use of malware to take control of a group of computers that are then organized into something called a botnet is more a twenty-first century phenomenon.
Falsos correos supuestamente provenientes de una empresa financiera propagan Zbot. Se trata de un “contraataque” de Zeus, la infame botnet diseñada para robar información bancaria.
FBI names as “Most Wanted” the leader of cyber criminal gang based in Russia and Ukraine responsible for both GameOver Zeus and Cryptolocker schemes, as law enforcement agencies crack down on cyber crime infrastructure.
Scans of a huge botnet have revealed that it has harvested at least 16 million usernames and passwords for email sites and other online services, according to a report released by German security agency, the Bundesamt für Sicherheit in der Informationstechnik (BSI).
A statistical tool first used in 1966 and currently used in speech and gesture recognition may hold a key to sniffing out botnets – by predicting the likely “next move” of infected PCs and the healthy computers around them, researchers have claimed.
Only weeks after Microsoft unveiled a global Cybercrime Center armed with new, hi-tech tools to combat crime, it announced it had carried out a global action leading to “significant disruption” of the Siferef botnet, a network controlling up to two million “zombie” PCs.
Microsoft has said that it has “liberated” two million PCs worldwide from Citadel botnets after an action on June 5 which targeted 1,400 networks.
Continuando con esta serie de post, les traemos la segunda entrega de este análisis a una amenaza. Algunos días atrás les mostrábamos qué información habíamos podido obtener por medio de un análisis dinámico, pero ahora es el momento de realizar un análisis estático para ver que información se puede obtener de la amenaza. Un análisis
Microsoft and the FBI have broken up a large portion of the Citadel botnet – a network which had stolen $500 million from bank accounts in 90 countries around the world by installing keylogger software on five million machines.
The mysterious Avatar rootkit, detected by ESET as Win32/Rootkit.Avatar, appears to reflect a heavy investment in code development, with an API and a SDK available, plus an interesting abuse of Yahoo Groups for C&C communications.
Technical analysis of Power Loader, a special bot builder for making downloaders for other malware families and yet another example of specialization and modularity in malware production.