Monthly Archives: January 2011

Exploit Packs Run on Java Juice

January 10, 2011

In October, I showed why Java vulnerabilities continue to be the top moneymaker for purveyors of “exploit kits,” commercial crimeware designed to be stitched into hacked or malicious sites and exploit a variety of Web-browser vulnerabilities. Today, I’ll highlight a few more recent examples of this with brand new exploit kits on the market, and explain why even fully-patched Java installations are fast becoming major enablers of browser-based malware attacks.

Taking Stock of Rustock

January 5, 2011

Global spam volumes have fallen precipitously in the past two months, thanks to a cessation of junk e-mail from Rustock — until recently the world’s most active spam botnet. But experts say those behind Rustock haven’t gone away, but have merely shifted the botnet’s resources toward other money-making activities, such as installing spyware and adware.

‘White House’ eCard Dupes Dot-Gov Geeks

January 3, 2011

A malware-laced e-mail that spoofed seasons greetings from The White House siphoned gigabytes of sensitive documents from dozens of victims over the holidays, including a number of government employees and contractors who work on cybersecurity matters, KrebsOnSecurity.com has learned.

The attack appears to be the latest salvo from ZeuS malware gangs whose activities over the past year have blurred the boundaries between online financial crime and espionage, by stealing financial data and documents from victim machines. This activity is unusual because most criminals using ZeuS are interested in money-making activities – such as stealing banking passwords and creating botnets – whereas the hoovering up of sensitive government documents is typically associated with threats from China that are deployed to gather industrial or military intelligence.