Researchers see this code in HTML source so often that it almost never gets a second glance – until now. zveloLABS™ researchers have seen several compromised sites recently using Google Analytics to mask malicious scripts, as in the example below.
The threat landscape continues to evolve—individual and state-backed hackers and agencies become increasingly emboldened to compromise websites and servers, steal CPU cycles for cryptocurrency mining, embark on social engineering efforts to find backdoors, and sway public opinion through fake news and other measures. zvelo provides the most advanced URL/IP categorization database for web filtering, whitelists and blacklists, and residential and business protections against bad actors and malicious online behavior. Explore our network security solutions, cyber threat map, and malicious exploit detection offerings for the most advanced threat intelligence available to OEMs and device manufacturers.
A new twitter spam campaign is making rounds, infecting users with rogue anti-virus malware. The spam mail attempts to convince the user that someone was trying to steal their Twitter account information, and to download a “secure module” to protect their account.
zveloLABS™ has uncovered thousands of compromised web servers hosting fake YouTube pages. Attempting to play the video on these fake pages prompts the user to install a ‘media codec’ which then infects the machine with malware.
In the security community, little attention is paid to compromised websites that don’t serve up malware. The malicious URL lists maintained by the anti-virus companies, by Google, and by nearly every other source of malicious URLs rely on anti-virus to trigger on exploits and malware to determine if a site is malicious. In a few select cases, behavioral analysis may be used to determine if a visit to a website will lead to an infected computer.
The newest phishing scam on Twitter has snared thousands of users hoping to increase their number of followers. Instead, users are sent off to a phishing page where cybercriminals steal their Twitter logins using them to generate more spam.
zveloLABS™ researchers have been tracking a recent campaign abusing Google Groups to spread malicious links in Spam emails. Users following the link are infected with a Downloader Trojan, silently infecting the machine with various types of malware including Rogue AntiVirus.
Tiger Woods’ personal life and marital affairs have attracted constant attention from the press and has certainly damaged his public reputation. With his return to the Masters only days away, Nike has released a new commercial in an effort to rebuild Woods’ image. This compelling commercial is intended to spark a reaction, and may well be the next thing you talk about at the office water cooler.
What happens when you offer up money to anyone who can drive traffic to your website? Hackers, scammers, spammers and fraudsters come to your aid. That’s the case with online movie site zml.com, which offers 30% of each sale and 5% of rebills paid via anonymous means to anyone who refers paying customers to the site.
The first week of March Madness has brought about many compelling stories, with a good deal of upsets and bracket busters. The most newsworthy of these has been the University of Northern Iowa’s ousting of #1 overall seed Kansas.
zveloLABS™ is warning customers today of a new email scam circulating very quickly. These fraudulent emails claim to be from Google Staffing, Hallmark, Twitter as well as other social networks and legitimate businesses.