Tag Archives: zeus

Zeus Trojan Author Ran With Spam Kingpins

February 17, 2012

The cybercrime underground is expanding each day, yet the longer I research this subject the more convinced I am that much of it is run by a fairly small and loose-knit group of hackers. That suspicion was reinforced this week when I discovered that the author of the infamous ZeuS Trojan was a core member of Spamdot, until recently the most exclusive online forum for spammers and the shady businessmen who maintain the biggest spam botnets.

Thanks to a deep-seated enmity between the owners of two of the largest spam affiliate programs, the database for Spamdot was leaked to a handful of investigators and researchers, including KrebsOnSecurity. The forum includes all members’ public posts and private messages — even those that members thought had been deleted. I’ve been poring over those private messages in an effort to map alliances and to learn more about the individuals behind the top spam botnets.

DDoS Attack on KrebsOnSecurity.com

November 21, 2011

32 Comments

Last week, not long after I published the latest installment in my Pharma Wars series, KrebsOnSecurity.com was the target of a sustained distributed denial-of-service (DDoS) attack that caused the site to be unavailable for some readers between Nov. 17 and 18. What follows are some details about that attack, and how it compares to previous intimidation attempts.

The DDoS was caused by incessant, garbage requests from more than 20,000+ PCs around the globe infected with malware that allows criminals to control them remotely for nefarious purposes. If you’ve noticed that a few of the features on this site haven’t worked as usual these past few days, now you know why. Thanks for your patience.

Monster Spam Campaigns Lead to Cyberheists

October 3, 2011

27 Comments

Phishers and cyber thieves have been casting an unusually wide net lately, blasting out huge volumes of fraudulent email designed to spread password-stealing banking Trojans. Judging from the number of victims who reported costly cyber heist in the past two weeks, many small to medium sized organizations took the bait.

‘Right-to-Left Override’ Aids Email Attacks

September 26, 2011

18 Comments

Computer crooks and spammers are abusing a little-known encoding method that makes it easy to disguise malicious executable files (.exe) as relatively harmless documents, such as text or Microsoft Word files.

Hybrid Hydras and Green Stealing Machines

August 24, 2011

8 Comments

Hybrids seem to be all the rage in the automobile industry, so it’s unsurprising that hybrid threats are the new thing in another industry that reliably ships updated product lines: The computer crime world. The public release of the source code for the ZeuS Trojan earlier this year is spawning novel attack tools. And just as hybrid cars hold the promise of greater fuel efficiency, these nascent threats show the potential of the ZeuS source code leak for morphing ordinary, run-of-the-mill malware into far more efficient data-stealing machines.

Trojan Tricks Victims Into Transferring Funds

July 28, 2011

60 Comments

It’s horrifying enough when a computer crook breaks into your PC, steals your passwords and empties your bank account. Now, a new malware variant uses a devilish scheme to trick people into voluntarily transferring money from their accounts to a cyber thief’s account.

The German Federal Criminal Police (the “Bundeskriminalant” or BKA for short) recently warned consumers about a new Windows malware strain that waits until the victim logs in to his bank account. The malware then presents the customer with a message stating that a credit has been made to his account by mistake, and that the account has been frozen until the errant payment is transferred back.

Criminal Classifieds: Malware Writers Wanted

June 6, 2011

28 Comments

The global economy may be struggling to create new jobs, but the employment outlook for criminally-inclined computer programmers has never been brighter. I’ve spent some time lurking on shadowy, online underground forums, and lately I’ve seen a proliferation of banner… Read More »

Something Old is New Again: Mac RATs, CrimePacks, Sunspots & ZeuS Leaks

May 16, 2011

8 Comments

One of the biggest challenges in information security — and with security reporting in general — is separating what’s new and worth worrying about from seemingly new threats and developments that really are just old threats repackaged or stubborn facts that get rediscovered by a broader audience. This post represents my attempt to apply that sorting process to several security news headlines that readers have been forwarding my way in the past week, and to add a bit more information from my own reporting.

‘Weyland-Yutani’ Crime Kit Targets Macs for Bots

May 2, 2011

51 Comments

A new crimeware kit for sale on the criminal underground makes it a simple point-and-click exercise to develop malicious software designed to turn Mac OSX computers into bots. According to the vendor of this kit, it is somewhat interchangeable with existing crimeware kits made to attack Windows-based PCs.

FBI: $20M in Fraudulent Wire Transfers to China

April 27, 2011

51 Comments

The Federal Bureau of Investigation warned this week that cyber thieves have stolen approximately $20 million over the past year from small to mid-sized businesses, through a series of fraudulent wire transfers sent to Chinese economic and trade companies located near the country’s border with Russia.

The FBI said that between March 2010 and April 2011, it identified twenty incidents in which small to mid-sized organizations had fraudulent wire transfers to China, and that the total losses from the fraud was about $11 million. The alert was sent out Tuesday, in cooperation with the Internet Crime Complaint Center and the Financial Services Information Sharing and Analysis Center (FS-ISAC), an industry consortium.