Posted by
admin on Friday, December 21st, 2012 |
22,071 views
We have received an email that states we have an unread message and someone has sent us a private message. But it does not state if the unread message is from a social network, it only says it comes from SecureMessage.System, as you can see from this image: The body of the email is this: […]
Continue reading...
Posted by
admin on Tuesday, November 27th, 2012 |
20,754 views
We just logged a new C&C bot named KBOT: Content of the /js/ folder: Content of the /images/ folder: Content of the /css/ folder: Malware activity (cb119a6b42da7bba1b6151f2e0bd6f1e): File Created - %SAMPLE% - %Temp%\epbUex.UxO - A7A21220689BD796F6B74E5D983D810E - 2560 bytes - attr: [] - PE Connection Established - C:\WINDOW...
Continue reading...
Posted by
admin on Saturday, January 7th, 2012 |
12,272 views
There is a new exploit kit in the wild, this time named Karn!v0r3x v1.0: Html code of the login page: <html> <head> <title>Karn!v0r3x v1.0 [Inicio]| Malandrines .n3t</title> <script language="JavaScript" src="files/fallt.js"></script> <style> body{background:black;col...
Continue reading...
Posted by
admin on Monday, October 4th, 2010 |
33,503 views
Another FakeAV, this time called AntiVirus Studio 2010. Like all FakeAV’s it claims to have found alot of infections in your computer and the only way to clean it is to pay a hefty price for a “license key”. Here we have the main interface. As usual it starts the scan without any user interaction […]
Continue reading...
Posted by on Monday, July 26th, 2010 | 10,822 views
GoldInstall Next we have a company called GoldInstall. This is how much they pay for 1000 installs per country. Country Price OTH 13$ US 150$ GB 110$ CA 110$ DE 30$ BE 20$ IT 65$ CH 20$ CZ 20$ DK 20$ ES 30$ AU 55$ FR 30$ NL 20$ NO 20$ PT 30$ LB 6$ […]
Continue reading...
Posted by on Thursday, July 15th, 2010 | 30,882 views
InstallConverter This is where things get interesting. This company distributes one executable, TDL3. TDL3 is a very advanced piece of stealth malware, with rootkit capabilities. Here you can see Symantec are well aware of this. Backdoor.Tidserv This is how much they per for 1000 installs per country. USA - $170 Canada - $120 Un...
Continue reading...
Posted by on Wednesday, July 7th, 2010 | 15,246 views
Defense Center is doing the rounds again, but this time seems to be a bit more aggresive! Lets start off with some screen shots. Like all rogue AV’s it bombards you with warnings about how your computer is “infected”. 30% off! You’d be a fool not to snap that offer up, wouldn’t you? Once installed, ...
Continue reading...
Posted by on Wednesday, June 30th, 2010 | 8,973 views
WorldPays – Euro-Pays – SummerCash Next on the list we have 3 companies, who are distributing the same executable, so its safe to assume either they are all resellers for a single company, or 2 of them are reselling for the other. From the above images we can extract some dangerous domains used for spreading [&hellip...
Continue reading...
Posted by on Tuesday, June 22nd, 2010 | 11,433 views
What is Pay-Per-Install(PPI)? Pay-Per-Install is a system where people get paid for installation of software, 9 times out of 10 without the knowledge of the end-user. The amount the affiliate gets paid depends which country the victim is in, countries like USA normally get the highest rates, while other less-known countries ...
Continue reading...
Posted by
admin on Sunday, May 16th, 2010 |
7,813 views
In recent days we have registered a new wave of spam messages with subject as “Cartoline” that looked like to come from virgilio.it, and that contained a link that appeared to redirects the user to legitimate sites such as cards.virgilio.it. After analyzing the HTML in the message, we noticed that the link could redi...
Continue reading...