Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).
Over the last month, PhishLabs analyzed nearly 9,000 phishing kits and variants available on compromised and clandestine servers, file sharing services, underground scammer forums, and various user-generated content sites such as blogs.
- We Were Lucky to Get Hacked, Yo Founder Says (Wall Street Journal)
From the "Well, that didn't take very long" department. Last week, the Yo app launched and rocketed up the mobile app charts last week. Within days, it was hacked. Yo bills itself as being incredibly simple, having taken only 8 hours to build. Looks like they'll be spending a bit more time addressing vulnerabilities moving forward.
Researchers at Kaspersky Lab uncovered a banking Trojan C2 server with log files detailing fraudulent transactions worth more than €500,000. The transaction logs also contained references to structured money-mule groups, indicating this was the work of a well-organized cybercrime crew.
- TimThumb plugin for WordPress - zero-day remote code execution hold disclosed, quickly fixed (Naked Security)
Used to easily resize images, TimThumb is a WordPress plugin that is fairly widespread (and often bundled into WordPress themes). Older versions of the plugin have a vulnerability that has long been exploited by cybercriminals to turn WordPress sites in to hosts for malicious content like phishing and malware. The new zero-day potentially exposes thousands of additional sites. TimThumb's developer has fixed the issue and has some good advice: "Don't use TimThumb."