9816646
submission
redsoxh8r writes:
Banker trojans have become a serious problem, especially in South America and the U.S. Trojans like Zeus, URLZone and others are the tip of the iceberg. These toolkits are standard-issue weapons for criminals and state-sponsored hackers now. Just like Zeus, URLZone is also created using a toolkit (available in underground markets). What this means is that the buyer of this toolkit can then create customized malware or botnets with different CnCs and configurations but having all the flexibility and power of the original toolkit. Having such a tool kit in the hands of multiple criminal group paints a scary picture. It's simply not enough to eliminate a particular botnet and criminal group to solve this problem.
5692701
submission
redsoxh8r writes:
Online criminals have taken to a decidedly low-tech method for distributing the latest batch of targeted malware: mailing infected CDs to credit unions . The discs have been showing up at credit unions around the country recently, a throwback to the days when viruses and Trojans were distributed via floppy disk. The scam is elegant in its simplicity. The potential thieves are mailing letters that purport to come from the National Credit Union Administration, the federal agency that charters and insures credit unions, and including two CDs in the package. The letter is a fake fraud alert from the NCUA, instructing recipients to review the training materials contained on the discs. However, the CDs are loaded with malware rather than training programs.
4812577
submission
redsoxh8r writes:
Security researcher Robert Hansen, known as Rsnake, has developed a new class of attacks that abuses a weakness in many corporate intranets and most browsers to compromise remote machines with persistent JavaScript backdoors. Threatpost reports: "The attacks rely on the long-term caching policies of some browsers and take advantage of the collisions that can occur when two different networks use the same non-routable IP address space, which happens fairly often because the amount of address space is quite small. The bottom line is that even a moderately skilled attacker has the ability to compromise remote machines without the use of any vulnerability or weakness in the client software.
"If you're even vaguely clever, developing this might take you two hours. It's not that difficult," said Robert Hansen, the researcher who wrote about the attacks in a white paper published this week, called "RFC1918 Caching Security Issues."
