The Italian chapter of the Honeynet Research Alliance
Hackers have managed to copy the Verified by Visa and MasterCard SecureCode protection features in order to dupe customers at 15 top US banks, a security firm has warned.
via Top US banks targeted by Mastercard and Visa scam | IT PRO.
The latest Zeus bot configuration contains list of targeted financial institution from Spain, Germany, United Kingdom, and USA. The previous versions contains all the list of financial institutions from different countries around the world, while the new version only contains two targeted countries and currently paired as: Spain-Germany and UK-USA
via Zeus Version 3 – Target Spain, Germany, UK, and USA Banks – CA Security Advisor Research Blog.
According to CA , Spanish financial institutions appears to be the most targeted (26%) by this new version of ZBot.
[..] Our team found that these [mobile] Botnets do one of two things; send messages to all the contacts of the address book directly, or send messages to the random phone numbers by connecting to a server. The viruses will delete the sent messages from the user’s Outbox and SMS log. All messages contain URLs linked to malicious sites that users won’t be able to see until after they’ve fallen into the virus trap.
The Botnets seem to be targeting Symbian S60 3rd and 5th generation operating systems, and our Mobile Security Center estimates 100,000 mobile phones were impacted by them![..]
This is the first time I’ve seen ZeuS target Russian banks given that online banking is not so popular in Russia. I can recall a few ZeuS/ZBOT samples targeting Yandex services, but I definitely can’t recall anyone targeting MDM Bank or other online Russian banking systems.
via ZeuS/ZBOT Targets Russian Banks | Malware Blog | Trend Micro.
Cybercrooks have developed regionally-targeted banking Trojans that are more likely to slip under the radar of anti-virus defences.[...]
[...]Trusteer cites two pieces of regional malware targeted at UK banking consumers. Silon.var2 crops up on one in every 500 computers in the UK compared to one in 20 000 in the US. Another strain of malware dubbed Agent-DBJP was found on one in 5 000 computers in the UK compared to one in 60 000 in the US[...]
[...]Unlike known malware kits such as Zeus Torpig and Ambler which simultaneously target hundreds of banks and enterprises around the world and are on the radar of all security vendors regional financial malware such as Silon.var2 and Agent.DBJP are highly targeted ” said Mickey Boodaei Trusteer s chief exec.[...]
[...]Silon DBJP and other regional financial malware have been identified through Trusteer s Flashlight service and analysis and investigation results have been shared between participating banks ” explained Amit Klein CTO of Trusteer. “If a bank in a specific region experiences fraud from a new piece of regional malware there is an 80 per cent chance that other banks in the same region will experience in the near future similar losses from this malware ” he added.”
via Regional banking Trojans sneak past security defences • The Register.
A nice visualization method developed by Nicter.
Here is the demo
The Kraken botnet — one of the Internet’s largest and most difficult to detect in 2008 — is rearing its ugly head again.
…
So far, the resurrected Kraken is primarily a spam distributor, focusing most of its output on ads for male enhancement and erectile dysfunction, Royal says. The botnet’s performance is prodigious: a single node with a DSL-speed connection was detected sending more than 600,000 spam messages in a 24-hour period.
…
The resurrected Kraken is usually installed by another botnet, using botnet malware such as Butterfly, Royal reports. It’s not clear whether Kraken installation is handled by the same criminal group as Kraken operations, but it may be an example of specialized criminal groups working together, he suggests.
via Kraken Botnet Making A Resurgence, Researcher Says – botnets/Security – DarkReading.
Due to the release of a new WordPress version, our website is going to be updated as well.
Some 404 errors could be found during the while because some plugins that we were using are not yet compatible.
We will fix everything as soon as possible.
According to a report in Belgian newspaper De Tijd, malware has been used to compromise the online portfolios of Belgian investors. The botnet was then used to influence stock prices, making the criminals more than 100,000 Euros. The investigation has remained secret until today.
“With a push of a button the botmaster instructs all the computers to buy or sell the same shares at the same time.“
via Belgian pump and dump botnet » CounterMeasures.
Although is an incident happened on April 2007, it should be seriously analyzed. Currently, Are the financial system’s security countermeasures so far away from 2007 ? I think not.
In a talk at the hacker conference SummerCon last Friday researcher Jon Oberheide gave a demonstration of just how easy it may be to infect large numbers of phones running Google s Android OS with hidden software that turns the devices into a zombie-like “botnet” under the control of a cybercriminal–particularly if that software associates itself with a phenomenon as popular and tween-entrancing as the upcoming Twilight Eclipse film.
via Researcher Builds Mock Botnet Of ‘Twilight’-Loving Android Users « The Firewall – Forbes.com.
