Tag Archives: Brett Stone-Gross

Low-Drama ‘Dark Angels’ Reap Record Ransoms

August 5, 2024

A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. Security experts say the Dark Angels have been around since 2021, but the group doesn’t get much press because they work alone and maintain a low profile, picking one target at a time and favoring mass data theft over disrupting the victim’s operations.

Top Spam Botnet, “Grum,” Unplugged

July 19, 2012

Roughly five years after it burst onto the malware scene, the notorious Grum spam botnet has been disconnected from the Internet. Grum has consistently been among the top three biggest sources of junk email, a crime machine capable of blasting 18 billion messages per day and responsible for sending about one-third of all spam.

Spam & Fake AV: Like Ham & Eggs

July 26, 2011

An explosion of online fraud tools and services online makes it easier than ever for novices to get started in computer crime. At the same time, a growing body of evidence suggests that much of the world’s cybercrime activity may be the work of a core group of miscreants who’ve been at it for many years.

I recently highlighted the financial links among the organizations responsible for promoting fake antivirus products and spam-advertised pharmacies; all were relying on a few banks in Azerbaijan to process credit card payments.

Naming and Shaming ‘Bad’ ISPs

March 19, 2010

I asked or simply polled some of the most vigilant sources of this information for their recent data, and put together a rough chart indicating the Top Ten most prevalent ISPs from each of their vantage points. ISPs or hosts that show up more than others on these various lists are color-coded to illustrate consistency of findings (click the image to enlarge it). The trouble is, all of these individual efforts map badness from just one or a handful of perspectives, each of which may be limited in some way by particular biases, such as the type of threats that they monitor. For example, some measure only phishing attacks, while others concentrate on charting networks that play host to malicious software and botnet controllers.