Each week, the PhishLabs team posts The Week in Cybercrime (TWIC) to recap noteworthy cybercrime articles and reports (open source).
A coalition of international law enforcement authorities have conducted a major takedown of the Blackshades malware, seizing 1,900 domains used for command & control. At least 90 individuals involved in the development, distribution, and usage of the Blackshades RAT have been arrested. It's great to see further progress from authorities towards dismantling the cybercrime ecosystem.
Is Blackshades a threat to banks and credit unions? Should institutions be doing anything differently to protect against it specifically? Probably not. Blackshades is a relatively cheap hacking tool built for less sophisticated hackers than the professional cybercrime operations that cause the most pain for banks and their customers.
- Angling for Silverlight Exploits (Cisco Security Blog)
Levi Gundert at Cisco has put together a great, in-depth analysis of Silverlight exploits being used in the Angler kit. As Microsoft's Silverlight continues to gain traction (several major multimedia services, such as Netflix, already use it), expect Silverlight exploits to become a standard component of major exploit kits and drive-by-download operations.
- Check Point Pioneers Revolutionary Cyber Intelligence Marketplace: ThreatCloud IntelliStore (Check Point)
This week, Check Point launched a new threat intelligence marketplace that allows their customers to easily tap into third-party intelligence sources to enhance the protection provided by their security appliances. PhishLabs is proud to be an inaugural threat intelligence partner in the ThreatCloud IntelliStore, delivering our high-fidelity cybercrime intelligence to more effectively detect and stop phishing, malware, DDoS, and other attacks.
- SNMP DDoS Attacks Spike (DarkReading)
Akamai's PLXsert has observed an uptick in DDoS that take advantage of servers running SNMP v2 default configurations to send amplified volumes of traffic to targeted systems. As with other distributed reflection and amplification methods, the attackers are able to send massive amounts of traffic with far fewer bots.