Archive for category Cybercrime
Cybercriminals had a phishing Attack on .gov and .mil
Posted by Mourad Ben Lakhoua in Cybercrime, News on February 8, 2010
Criminals are conducting spam attacks on email addresses related to .gov and .mil domain name. According to Brian Krebs Blog post the fake messages includes a link leads to a Trojan Zeus which helps to steal Banking system passwords.
The reason of success of such attacks that the phishing message looks quit legitimate, Recipients are invited to download a report 2020 Project which exist and recently published by the National Intelligence Council of the United States.
At the same time after investigating the email headers the real sender is nobody@sh16.ruskyhost.ru which is a Russian email address.
16 out of 39 Antiviruses detected the malicious software as a dangerous Trojan. Because Cybercriminals are upgrading their Bot Network to cheat on different AV products (F-Secure detected the Trojan as Suspicious:W32/Riskware!Online).
make sure you subscribe to my RSS feed!
DDoS Attack Target Swedish Police Network
Posted by Mourad Ben Lakhoua in Cybercrime, Web Security on November 2, 2009
According to thelocal news Swedish police website was subject for a DDoS attack last week. The result of this attack was a complete disrupt of the official website.
On the High traffic the server can treat about 800 requests per second but during the attack they detected about 400 thousand requests per second which is 5 times more than the normal high traffic.
The number of DDoS-attack has significantly increased to become one of the biggest threats on Internet, by looking at the history the beginning of DDoS attacks were mainly directed to disrupting IRC servers, but on 1997 there were a vulnerability on Microsoft windows TCP/IP that allowed hackers to send a lot of packets using several tools and dosing remote systems, another popular incident were on 2000 by turning down web service for many popular websites like YAHOO ,CNN, eBay and others, October 2002 Root DNS servers experienced a DDoS attack to make 7 of the 13 main servers out of service. And now we are seeing a lot of distributed denial of service (DDoS) attacks against social networking website like Twitter and Facebook…
Stopping DDoS attack depends on the whole internet community by protecting your machine from malware that could be used to run these attacks, the most popular Botnet’s are:
Conficker 10 million + Machine.
Kraken – 495 Thousand Machine.
Srizbi – 315 Thousands Machine.
Bobax – 185 Thousands Machine.
Rustock – 150 Thousands Machine.
Storm – 85 Tousands Machine.
make sure you subscribe to my RSS feed!
Apache Website Owned!
Posted by Mourad Ben Lakhoua in Cybercrime, News, Web Security on August 31, 2009
Apache Software Foundation website was down last Friday after hackers compromised SSH key to one of their main servers.
Secure Shell is a very popular technology that can provides a secure servers remote administration, well if the hackers manage to upload a rootkit or Trojan over the download package of apache website, this can cause a great damage to a huge number of website especially that according to the latest stats from Netcraft more than half of all web servers widely are running Apache.
On Friday Apache Software foundation has made an official note as follows:
On August 27th, starting at about 18:00 UTC an account used for automated backups for the ApacheCon website hosted on a 3rd party hosting provider was used to upload files to minotaur.apache.org. The account was accessed using SSH key authentication from this host.
To the best of our knowledge at this time, no end users were affected by this incident, and the attackers were not able to escalate their privileges on any machines.
While we have no evidence that downloads were affected, users are always advised to check digital signatures where provided.
Here you can find the screenshot posted by Trendmicro Blog,the identity and reason of this attack still not discovered yet but sharing the information of this incident is very good point and can help to build a solid trust in The Apache Software Foundation.
make sure you subscribe to my RSS feed!
Saudi set to form new unit to fight cybercrime
Posted by Mourad Ben Lakhoua in Cybercrime on May 12, 2009
Saudi Arabia is launching a new crackdown on cybercrimes, including fraud, in the kingdom, it emerged on Sunday.
A specialised department to look into online criminal activity will be formed in all the criminal investigation and criminal evidence departments in the country, it has been announced.
Lt Gen Saeed Al-Qahtani, the director general of Public Security, revealed the plan while attending an investigation department workshop on financial crimes in Riyadh, Saudi Gazette reported.
He said that because web-related crime was posing a threat to public security, authorities needed to act to fight back.
Specialists will be used to fight the criminals online, he said, and the latest equipments would be used to find evidence and prosecute offenders.
[Source: arabianbusiness]
make sure you subscribe to my RSS feed!
Malware attacks 'on the rise'
Posted by Mourad Ben Lakhoua in Cybercrime on May 11, 2009
Cases of malware attacks around the world are continuing to rise, new research has suggested.
The study by security firm Fortinet found that certain countries are being targeted, with attacks on China coming in at the top of the list.
A 45 per cent increase in malware attacks was recorded in the Asian country in April when compared with the same period in 2008, the research found.
‘April was a busy month for cyber criminals, who unleashed the most aggressive malware attacks thus far this year,” Derek Manky, project manager for cyber security and threat research at Fortinet, told Vnunet.com.
‘We believe that this upward trend will endure, and that online gaming attacks will continue to dominate the estimated $2 billion [£1.3 billion] annual market.’
Mary Landesman, senior security researcher at ScanSafe, added to the news provider: ‘With malware increasing in volume and sophistication, and no foreseeable slowdown in sight, it is more important than ever that companies have a comprehensive web security solution in place.’
[Source: BCS]
make sure you subscribe to my RSS feed!
Guest blog: Canadian anti-spam laws take an important step forward
Posted by Mourad Ben Lakhoua in Cybercrime on April 28, 2009
The Conservative government in Canada last week introduced the Electronic Commerce Protection Act to help cull sources of spam and other malicious activity from within Canadian borders.
Although it was introduced as “the Government of Canada protecting Canadians” those of us in the industry recognize that this is a global problem, and the amount of spam and other malicious stuff ending up on Canadian’s computers will not likely be significantly impacted as a result.
Our latest threat report had Canadian sources of spam being only 1.1% of the global total, and of course most of that will be from compromised machines forming parts of a botnet.
However, I do think this is a positive step for Canada as a “good neighbour” in the global community. We have seen a lot of previously US-based spam operations move to Canada due to a lack of this type of legislation – hopefully those same people will find it more inconvenient to move further overseas and cease operations.
Another nice thing about this legislation are specific prohibitions on installation of non-desired software such as spyware, keyloggers, adware, etc, during commercial operations.
So, while this is an important step forward, ultimately the spam and malware problem requires a global response.
[Source: Sophos]
make sure you subscribe to my RSS feed!
New Excel 0-day being exploited in the wild
Posted by Mourad Ben Lakhoua in Cybercrime on February 24, 2009
Symentic reported that there is a new 0day vulnerability in Microsoft Office Excel (other versions may be affected as well).Symantec is saying that the vulnerability is being exploited by a variant of the Mdropper trojan, which they are calling Trojan.Mdropper.AC.
There is no patch for the vulnerability yet and the only workaround available at the moment is to not open Office documents from untrusted sources.
-
You are currently browsing the archives for the Cybercrime category.
SUBSCRIBE
