KrebsOnSecurity.com earned two honors this week at the RSA Security Conference. For the second year running, it was voted the blog that best represents the security industry by judges at the Social Security Bloggers Awards. I was also recognized for the Security Bloggers Hall of Fame award, alongside noted security expert Bruce Schneier.
Anyone who’s run a Web site is probably familiar with the term “malvertising,” which occurs when crooks hide exploits and malware inside of legitimate-looking ads that are submitted to major online advertising networks. But there’s a relatively new form of malware-based advertising that’s gaining ground — I’m calling it “crimevertising” for lack of a better term — that involves running otherwise harmless ads for illicit services inside of commercial crimeware kits.
At its most basic, crimevertising has been around for many years, in the form of banner ads on underground forums that hawk everything from hacking services to banking Trojans and crooked cashout services. More recently, malware authors have started offering the ability to place paid ads in the administrative panesl that customers use to control their botnets. Such placements allow miscreants an unprecedented opportunity to keep their brand name in front of the eyeballs of their target audience, and for hours on end.
Amnesty International’s homepage in the United Kingdom is hacked and is currently serving malware that exploits a recently-patched vulnerability in Java. Security experts say the attack may be opportunistic, or it may be part of a more nefarious scheme to target human rights workers.
Mac malware is back in the news again. Last week, security firm F-Secure warned that it had discovered a Trojan built for OS X that was disguised as a PDF document. It’s not clear whether this malware is a present threat — it was apparently created sometime last year — but the mechanics of how it infects Mac systems is worth a closer look because it challenges a widely-held belief among Mac users that malicious software cannot install without explicit user permission.
Criminals have co-opted a column I wrote last week about ZeuS Trojan attacks targeted at government and military systems: Scam artists are now spamming out messages that include the first few paragraphs of that story in a bid to trickā¦ Read More »
