Monthly Archives: May 2010

Revisiting the Eleonore Exploit Kit

May 24, 2010

Not long after I launched this blog, I wrote about the damage wrought by the Eleonore Exploit Kit, an increasingly prevalent commercial hacking tool that makes it easy for criminals to booby-trap Web sites with malicious software. That post generated tremendous public interest because it offered a peek at the statistics page that normally only the criminals operating these kits get to see.

I’m revisiting this topic again because I managed to have a look at another live Eleonore exploit pack panel, and the data seems to reinforce a previous hunch: Today’s attackers care less about the browser you use and more about whether your third-party browser add-ons and plugins are up-to-date. Facebook Privacy 101

May 20, 2010

If you’ve been watching the slow motion train wreck that is’s recent effort to revamp its privacy promises, you may be wondering where to start unraveling all of the privacy “choices” offered by the world’s largest online social network. Fortunately, developers are starting to release free new tools so that you don’t need a masters in Facebook privacy or read a statement longer than the U.S. Constitution to get started.

Fraud Bazaar Hacked

May 18, 2010, an German-language online forum dedicated to helping criminals trade and sell consumer data stolen through hacking, has itself been hacked. The once-guarded contents of its servers are now being traded on public file-sharing networks, leading to the exposure of identifying information on both the forum’s users and countless passwords, credit and debit cards swiped from unsuspecting victims.

Teach a Man to Phish…

May 17, 2010

Phishing may not be the most sophisticated form of cyber crime, but it can be a lucrative trade for those who decide to make it their day jobs. Indeed, data secretly collected from an international phishing operation over the last 18 months suggests that criminals who pursue a career in phishing can steal millions of dollars a year, even if they only manage to snag just a few victims per scam.