Malicious hackers spend quite a bit of energy and time gaming the Internet search engines in a bid to have their malware-laden sites turn up on the first page of search results for hot, trending news topics. Increasingly, though, computer criminals are taking steps to keep search bots at bay, particularly with legitimate Web sites that have been hacked and booby-trapped with hostile code.
A call service that catered to bank and identity thieves has been busted up by U.S. and international authorities. The takedown provides a fascinating glimpse into a bustling and relatively crowded niche of fraud services in the criminal hacker underground.… Read More »
Internet hosting provider Network Solutions is once again trying to limit the damage from a hacking incident that has left a large number of customer Web sites serving up malicious code.
Not long ago, there were only a handful of serious so-called “exploit packs,” crimeware packages that make it easy for hackers to booby-trap Web sites with code that installs malicious software. These days, however, it seems like we’re hearing about a new custom exploit kit every week. Part of the reason for this may be that more enterprising hackers are seeing the moneymaking potential of these offerings, which range from a few hundred dollars per kit to upwards of $10,000 per installation — depending on the features and plugins requested.
Oracle Corp. has shipped a new version of its Java software that nixes a feature in Java that hackers have been using to foist malicious software. Java 6 Update 20 was released sometime in the last 24 hours, and includes some security fixes, although Oracle’s documentation on that front is somewhat opaque. Most significantly, the update removes a feature that hackers have started using to install malware.
Last week, a Google security researcher detailed a little-known feature built into Java that can be used to launch third-party applications. Today, security experts unearthed evidence that a popular song lyrics Web site was compromised and seeded with code that leverages this Java feature to install malicious software.
A large number of bloggers using Wordpress are reporting that their sites were recently hacked and redirecting visitors to a page that tries to install malicious software.
The very first entry I posted at Krebs on Security, Virus Scanners for Virus Authors, introduced readers to two services that let virus writers upload their creations to see how well they are detected by various commercial anti-virus scanners on the market. In this follow-up post, I’ll take you inside of a pair of similar services that allow customers to periodically scan a malware sample ad receive alerts via instant message or e-mail when a new anti-virus product begins to detect the submission as malicious.
It’s common for malware writers to taunt one another with petty insults nested within their respective creations. Competing crime groups also often seek to wrest infected machines from one another. A very public turf war between those responsible for maintaining… Read More »
The presence of rogue anti-virus products, also known as scareware, on a Microsoft Windows computer is often just the most visible symptom of a more serious and insidious system-wide infection. To understand why, it helps to take a peek inside… Read More »
