Author Archives: BrianKrebs

Spam Volumes: Past & Present, Global & Local

January 15, 2013

Last week, National Public Radio aired a story on my Pharma Wars series, which chronicles an epic battle between men who ran two competing cybercrime empires that used spam to pimp online pharmacy sites. As I was working with the NPR reporter on the story, I was struck by how much spam has decreased over the past couple of years. Below is a graphic that’s based on spam data collected by Symantec’s MessageLabs. It shows that global spam volumes fell and spiked fairly regularly, from highs of 6 trillion messages sent per month to just below 1 trillion. I produced this graph based on Symantec’s raw spam data.

Microsoft Issues Fix for Zero-Day IE Flaw

January 14, 2013

5 Comments

Microsoft today deviated from its usual monthly patch cycle in issuing an emergency security update to fix a critical security hole in its Internet Explorer Web browser that attackers have been exploiting to break into Windows PCs.

Oracle Ships Critical Security Update for Java

January 13, 2013

55 Comments

Oracle has released a software update to fix a critical security vulnerability in its Java software that miscreants and malware have been exploiting to break into vulnerable computers.

What You Need to Know About the Java Exploit

January 12, 2013

73 Comments

On Thursday, the world learned that attackers were breaking into computers using a previously undocumented security hole in Java, a program that is installed on hundreds of millions of computers worldwide. This post aims to answer some of the most frequently asked questions about the vulnerability, and to outline simple steps that users can take to protect themselves.

Zero-Day Java Exploit Debuts in Crimeware

January 10, 2013

73 Comments

The hackers who maintain Blackhole and Nuclear Pack – competing crimeware products that are made to be stitched into hacked sites and use browser flaws to foist malware — say they’ve added a brand new exploit that attacks a previously unknown and currently unpatched security hole in Java.

Police Arrest Alleged ZeuS Botmaster “bx1”

January 10, 2013

24 Comments

A man arrested in Thailand this week on charges of stealing millions from online bank accounts fits the profile of a miscreant nicknamed “bx1,” a hacker fingered by Microsoft as a major operator of botnets powered by the ZeuS banking trojan.

Facebook, Yahoo Fix Valuable $ecurity Hole$

January 9, 2013

3 Comments

Both Facebook and Yahoo! recently fixed security holes that let hackers hijack user accounts. Interestingly, access to methods for exploiting both of the flaws appears to have been sold by the same miscreant in the cybercrime underground.

Adobe, Microsoft Ship Critical Security Updates

January 8, 2013

29 Comments

Adobe and Microsoft today separately issued updates to fix critical security vulnerabilities in their products. Adobe pushed out fixes for security issues in Acrobat, Adobe Reader and its Flash Player plugin. Microsoft released seven patches addressing at least a dozen security holes in Windows and other software, although it failed to issue an official patch for a dangerous flaw in its Internet Explorer Web browser that attackers are now actively exploiting.

‘Value of a Hacked PC’ Graphic Goes Global

January 8, 2013

17 Comments

The Value of a Hacked PC graphic, which I published on this blog a few months ago to explain bad guy uses for your PC, is getting a makeover. I’m honored to say that the SANS Institute, a security training group,… Read More »

Crimeware Author Funds Exploit Buying Spree

January 7, 2013

19 Comments

The author of Blackhole, an exploit kit that booby-traps hacked Web sites to serve malware, has done so well for himself renting his creation to miscreants that the software has emerged as perhaps the most notorious and ubiquitous crimeware product in the Underweb. Recently, however, the author has begun buying up custom exploits to bundle into a far more closely-held and expensive exploit pack, one that appears to be fueling a wave of increasingly destructive online extortion schemes.