Source: Symantec
Symantec has released a report on the underground online economy. The report is derived from data gathered by Symantec’s Security Technology and Response (STAR) organization, from underground economy servers between July 1, 2007 and June 30, 2008. The potential value of total advertised goods observed by Symantec was more than $276 million for the reporting period.
Tuesday, 25 November 2008
Friday, 21 November 2008
Web Fraud 2.0: Faking Your Internet Address
Source: Security Fix
Security Fix provides a brief look at "Fraudcrew": an Internet proxy service which caters to the phishing community, recently taken offline with the disconnection of McColo (their hosting provider). One of the features offered by Fraudcrew is geographically located IP addresses. This aids in circumventing geographic checks that banks may put on Internet banking to detect abnormal use.
Security Fix provides a brief look at "Fraudcrew": an Internet proxy service which caters to the phishing community, recently taken offline with the disconnection of McColo (their hosting provider). One of the features offered by Fraudcrew is geographically located IP addresses. This aids in circumventing geographic checks that banks may put on Internet banking to detect abnormal use.
Wednesday, 12 November 2008
Spamalytics: An Empirical Analysis of Spam Marketing Conversion
Source: International Computer Science Institute
Researchers at the University of California, San Diego, and the International Computer Science Institute, Berkeley, have produced a very useful and highly empirical paper [1.9MB PDF] which provides an interesting inside view into the operation of the Storm botnet. The research involved actively hijacking a portion of the botnet and gathering data on its behaviour and the behaviour of spam recipients. This paper is receiving quite a lot of attention, including BBC news coverage.
Researchers at the University of California, San Diego, and the International Computer Science Institute, Berkeley, have produced a very useful and highly empirical paper [1.9MB PDF] which provides an interesting inside view into the operation of the Storm botnet. The research involved actively hijacking a portion of the botnet and gathering data on its behaviour and the behaviour of spam recipients. This paper is receiving quite a lot of attention, including BBC news coverage.
Saturday, 1 November 2008
RSA on the Sinowal Trojan
Source: Speaking of Security (RSA Blog)
The RSA FraudAction Research Lab shares its findings on the Sinowal Trojan, also known as Torpig and Mebroot. Dating back as early as February 2006, the Sinowal Trojan has compromised and stolen login credentials from approximately 300,000 online bank accounts as well as a similar number of credit and debit cards. The criminals behind Sinowal have not only created highly-advanced and malicious crimeware, but have also maintained one of the most hidden and reliable communication infrastructures, which has now been operating for nearly three years.
The RSA FraudAction Research Lab shares its findings on the Sinowal Trojan, also known as Torpig and Mebroot. Dating back as early as February 2006, the Sinowal Trojan has compromised and stolen login credentials from approximately 300,000 online bank accounts as well as a similar number of credit and debit cards. The criminals behind Sinowal have not only created highly-advanced and malicious crimeware, but have also maintained one of the most hidden and reliable communication infrastructures, which has now been operating for nearly three years.
Subscribe to:
Posts (Atom)
