A lot of write-ups have been covering this, so here are a few from InformationWeek, Dancho, SCMagazine and McAfee. Besides saying the ever satisfying “told you so”, nothing much to add here. More bogus profiles enticing users to connect to them, look at the content, and catch the same old nastiness – only packaged in [...]
Posts under ‘Aladdin’
Who owns your online identity? Facebook squatters on the rise
I have just read a couple of excellent posts (on SquaredPeg, and InsideFacebook) that talk about something I have been preaching for a while – your online identity and how easily it can be manipulated (or falsely created). The posts talk about Facebook groups and accounts that have been created for the class of 2013 [...]
Christmas shopping online – make sure you get what you PAY for
In the line of our ongoing “education”, we all know by now that eCrime is no longer lurking right there waiting for victims to come knocking, but is rather working vigilantly to ensure that whatever picks up the most interest online at any given moment is being used to boost the profitability of eCrime. Having [...]
AIRC Threat report and the link to McColo
As promised, the AIRC Threat Report for November is out. And as also promised, the link to McColo is revealed here – during the time when we were looking at the criminal server, we have had the opportunity to observe that someone is logged onto the server at the same time, and the connection came [...]
Hosting provider crackdown?
Recently, there has been a lot of focus from the security research community on a hosting provider named McColo corporation (out of San Jose, CA). Reports on spam, phishing and connections to Malweb distribution amongst other have been accumulating (including our own malicious server analysis which has been spotted to be administered from a McColo [...]
Obama Leads in US Presidential Election Poll – the eCrime Way
And the leader according to the highly non-scientific research done using Google for a specific attack vector is: Barack Obama. Obama related sites have managed to get infected in such a way that they attack their visitors in 364 separate instances, while McCain is right behind with 230 instances. As always, and as we have [...]
Taking the Red Pill Down the Rabbit Hole
I’ve been contemplating a title for this post for a long time, eventually I decided to merge two of my favorites (and leave the third alone: looking for the cuckoo’s egg). Basically, after a couple of weeks of almost nonstop work on a major research project (hence the relatively quiet blog), and some major news [...]
Neosploit – The rumors of my demise have been greatly exaggerated
Despite being reported as “out of business” in late July/August, (see this blog, and this article as well), Neosploit, one of the most widely used tools by cybercriminals, clearly hasn’t ceased to exist . In fact, we have recently confirmed a highly enhanced Neosploit 3.1 installation to be out and about, and serving Malweb to [...]
Blocking legitimate sites in real-time
I Ran into this on Slashdot: http://tech.slashdot.org/tech/08/09/21/1827209.shtml. It seems like the Google filter for malicious sites was blocking a whole domain name – including all sub-domains, which happened to be a dynamic DNS provider. A Big false positive, and a big problem to all the legitimate sites that were hosted using this domain. Disclosure – [...]
Snooping into Palin emails? Watch out for the criminals snooping on you!
Following the recent news on how an anonymous group has managed to take over Sarah Palin’s Yahoo! email account; we have noticed some interesting happenings. As wikileaks which was the original posting location of the images taken from Palin’s yahoo inbox was unavailable for some time, copies of the wikileaks post started to appear on [...]