Research

Research

Expert content, for researchers by researchers

Research

Google+ fix cybercrime – use your real name?

Google+ seems to be continuing building steam and putting itself on the map as a contender, not merely an also-ran to the Facebook behemoth. Part of its strategy is to enforce the use of real names, not just the more common online pseudonym. The logic goes that this will reduce the likelihood that cybercriminals might

2.1 million users’ data breached in Massachusetts

Since 2010 that is, following a law enacted in 2007 that requires all companies doing business in Massachusetts to inform consumers and state regulators about security breaches that might result in identity theft. Attorney General Martha Coakley’s office released the information, including a breakdown of the data. It seems her office received 1,166 data breach

Online Poker, Real Fraud

The United States Attorney Office for the Southern District of New York received a flurry of attention in April, 2011 when they unsealed an indictment against the three largest Internet poker companies in the United States—Absolute Poker, Full Tilt Poker and PokerStars—for fraud, gambling and money laundering.  Today, the USAO upped the ante with an

Android banking malware in the wild

Recently, we’ve noted a steep rise in Android malware and predicted the rise in banking malware, now we see another example in the wild, this time SpyEye. Trusteer has a good rundown on it, saying “It seems that SpyEye distributors are catching up with the mobile market as they (finally) target the Android mobile platform.

The Dirt on Certs

Róbert Lipovský and I put our heads together and posted a joint article to SC Magazine's Cybercrime Corner on "Dead Certs?"

Should you hire a hacker to prevent data breaches?

With all the recent headlines about data breaches, should your organization hire a “thief to catch a thief?” That’s a question Kevin Mitnick, sitting near the top of the hacker hall-of-fame for famous hack sprees in decades past, has been contemplating. He’s not alone – many companies are wondering the same thing. There is a

The Induc Virus is back!

ESET has discovered a new version of the Delphi infector, Win32/Induc. Unlike its predecessors, however, this variant incorporates a seriously malicious payload and has acquired some extra file infection and self-replicative functionality. Two years ago, we published comprehensive information (here , here, and here) about the virus Win32/Induc.A, which infected Delphi files at compile-time. Though

The drones are here for your wireless

With fantastic teeny model helicopters sporting mini hacked Linux platforms that long to take over your wireless network and wreak havoc, or so recent headlines would suggest. Now, we’re big fans of innovation, and technology on the go, but these pseudo-drones (built on the cheap, for the under-budgeted aspirer of wireless world domination) lack the

Who’s responsible for your online data?

What happens after you share data online, and others re-share it, etc.? As data becomes increasingly inter-connected, with multiple parties touching the same data, Internet users are starting to wonder: who DOES have access to their data? Are they acting in your best interest? And who should be checking to make sure they do? The

9/11: More Scams Upcoming

...the latest crop of malicious web pages to go up includes hooks such as "Bin Laden alive", "in depth details about the terrorist attack", "police investigation results" and "towers going down",...

Back to School Qbot, now Digitally Signed

The authors of Win32/Qbot (a.k.a. Qakbot) are back with new variants of this infamous malware, and this time the binaries are digitally signed. Qbot is a multifunctional trojan that has had some significant impact in the past. It has also been around a while, with the first variants dating as far back as spring 2007,