Recent Posts

Recent Blog Posts

The PhishLabs Blog

Crimeware-as-a-Service, CryptoLocker, ICANN Spear Phishing, and more | TWIC - December 20, 2014

Posted by Lindsey Havens on Dec 20, '14


Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

  • The unrelenting evolution of Vawtrak (PhishLabs)
    In December 2014, Vawtrak version 0x38 was released including significant code and configuration changes that indicate momentum and an intense focus on development of the crimeware kit.

  • Fraudsters take advanced fee scams to the next level (PhishLabs) 
    Recently, PhishLabs discovered an advanced fee scam with a twist - an elaborate but faux bank website. Originally categorized as a phishing site, further analysis revealed this scam to be much more than just a fake login page.

  • Crimeware-as-a-Service Threatens Banks (BankInfoSecurity)
    A new report from security firm Sophos raises alarms about the increasing sophistication of crimeware-as-a-service, an underground business model that pushes adaptable malware from a botnet, rather than simply infecting a single machine.

  • FBI: North Korea to Blame for Sony Hack (KrebsOnSecurity)
    The FBI today said it has determined that the North Korean government is responsible for the devastating recent hack attack against Sony Pictures Entertainment. 

  • ICANN targeted by Spear Phishing attack, several systems impacted (CSOonline)
    ICANN posted details of a recent network intrusion on Tuesday, which originated from a Spear Phishing attack.Those responsible spoofed the ICANN domain, and fooled several employees into revealing their network credentials.

  • Exploits Circulating for Remote Code Execution Flaws in NTP Protocol (ThreatPost)
    Researchers at Google have uncovered several serious vulnerabilities in the Network Time Protocol and experts warn that there are exploits publicly available for some of the bugs.

  • New ransomware named 'CryptoLocker' being spread via phishing emails (SC Magazine)
    Although the Justice Department announced in July that the Cryptolocker threat had been neutralized, new ransomware with the same name and a low detection rate on VirusTotal is being delivered via emails purporting to come from the State Debt and Recovery Office in Australia.

  • Critical Git Client vulnerability Allows Malicious Remote Code Execution (TheHackerNews)
    The critical Git vulnerability affects all versions of the official Git client and all the related software that interacts with Git repositories, including GitHub for Windows and Mac OS X, according to a GitHub advisory published Thursday.

Topics: Phishing, The Week in Cybercrime, Crimeware, Vawtrak, Banking Trojan, CryptoLocker

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Subscribe to Email Updates

Posts by Topic

see all