Recent Posts

Recent Blog Posts

The PhishLabs Blog

Skeleton Key Malware, Park 'N Fly Data Breach, Crowti Ransomware and more | TWIC - January 16, 2015

Posted by Lindsey Havens on Jan 16, '15

TWIC_branding

Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).

  • Behind Giant Credit Card Hack: Smart Young Russians With Bad Job Prospects (Bloomberg)
    Vladimir Drinkman says he met Dmitriy Smilianets online playing Counter-Strike, a shooter game in which cyber-combatants assume the roles of either terrorists or counter-terrorists: bad guys or good guys.

  • 'Skeleton Key' Malware Bypasses Active Directory (DarkReading)
    Malware lets an attacker log in as any user, without needing to know or change the user's password, and doesn't raise any IDS alarms.

  • Remote Overlay Toolkit Makes Online Banking Fraud Easy (Security Week)
    A new toolkit discovered late last year by researchers at IBM Trusteer allows even less skilled cybercriminals to steal online banking credentials and abuse them for fraudulent transactions.

  • Beware of malware masquerading as Oracle security patches (HelpNetworkSecurity)
    Oracle is warning users about malware sites actively offering Oracle patches for download. This is not the first time cyber crooks tried to masquerade malware as an Oracle software update, and it probably won't be the last.

  • Park 'N Fly Confirms Data Breach (BankInfoSecurity)
    Park 'N Fly is notifying an undisclosed number of customers that their payment card information was exposed following a compromise of the company's e-commerce website.

  • Toward Better Privacy, Data Breach Laws (KrebsOnSecurity)
    President Obama on Monday outlined a proposal that would require companies to inform their customers of a data breach within 30 days of discovering their information has been hacked.

  • Pro-ISIS hackers claim breach at U.S. Central Command (ZDNet)
    Hackers named "CyberCaliphate" attack the Twitter account of U.S. Central Command (CENTCOM), and also claim to have released internal military files.

  • New Strain of Crowti Ransomware Moving in I2P Network (threatpost)
    A new strain of the Crowti ransomware, also dubbed Cryptowall 3.0, was spotted by researchers early this week after a quiet period during the holiday season.

  • "Obamacare" phishing email leads to Vawtrak banking malware‏ (NakedSecurity)
    Looking through the SophosLabs spamtraps recently revealed an interesting malware distribution campaign. A phishing email purporting to be from the Department of Labor is really a link that sends victims to a downloader program that infects your computer with a variant of the Vawtrak banking malware, detected by Sophos products as Mal/Vawtrak-H.

  • Extratorrent down after huge DDoS Attack (TF)
    ExtraTorrent, one of the largest torrent sites on the Internet, remains down following a huge DDoS attack. The site's operators are working hard to mitigate the assault and hope to have the site back online soon.

Topics: Phishing, Malware, DDoS, The Week in Cybercrime, Data Breach, Ransomware

What's this all about?

The PhishLabs Blog is where we share our insights and thoughts on cybercrime and online fraud.

Recent Posts

Posts by Topic

see all