Recent Posts

Recent Blog Posts

The PhishLabs Blog

RAT Vulnerabilities Leaked, DDoS Activity Up and more | TWIC - August 22, 2014

Posted by Lori Gildersleeve on Aug 22, '14


Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

The full source code of the Dendroid Remote Access Trojan (RAT) was recently leaked. The popular crimeware, which targets the Android operating system, is typically sold on underground forums for $300. With the malware’s source code now available, an increase in its use, as well as the creation of new variants, will likely be seen.

Community Health Systems, with operations spanning 29 states, announced that cybercriminals operating from China stole information on approximately 4.5 million patients, including names, birth dates and Social Security numbers. The healthcare industry has suffered a large number of breaches in the past, but the CHS breach topped them all. BitSight, a security-ratings firm, recently released ratings that the healthcare industry had more security issues and signs of breaches than any other industry, including the retail sector.

An individual using the alias “MrMouse” began offering counterfeit $20s, $50s and $100s for sale on several top crime boards online. The counterfeiter claims the fake bills will pass most tests used by merchants. According to the U.S. Secret Service, this is the first time that fake U.S. money has been offered for sale via Internet crime forums.

Fifty-one UPS Stores suffered a point-of-sale (POS) malware attack that compromised card transactions for a seven-month period. Customer information that may have been exposed includes names, physical addresses, e-mail addresses and payment card information. Affected customers are being offered one year’s worth of free identity theft and credit monitoring.

A Bitcoin-based phishing campaign targeting more than 400 organizations has the intention of stealing cryptocurrency wallet passwords. The phishing emails come from a source pretending to be the most popular Bitcoin wallet website,, and use a straightforward “account warning” template. Because Bitcoins are unregulated, the cryptocurrency represents a $6.8 billion opportunity for cybercriminals. 

Volumetric distributed denial-of-service (DDoS) activity peaked at approximately 300 Gbps/24 Mpps for UDP floods and roughly 35 Gbps/91 Mpps for TCP, according to the Q2 2014 report by Verisign. This is a 216 percent increase over last quarter, and a 291 percent increase over the same quarter in 2013. According to the report, 43 percent of attacks are aimed at the entertainment and media industries, while 41 percent are directed at IT services, cloud and SaaS verticals.

Topics: The Week in Cybercrime

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all