Foxsports.com Serves Up Malware
zveloLABS™ detected malicious code on the foxsports.com website late yesterday. Hackers have once again increased their tally of well known websites recently exploited to serve dangerous content.
Advanced threat and exploit detection is critical to cybersecurity and network defense. zvelo’s Malicious Detection capabilities empower MSSPs, ISPs, TELCOs, network security providers, and VARs to provide world-class protection. Gain advanced insight with the most accurate URL database for malicious exploit detection to better understand the cyber threat landscape. Categories include Command and Control, Malware, Spyware, Spam URLs, Cryptocurrency Mining, Phishing and Fraud, and more. Read more about malicious detection.
Blackhats Quickly Saturate Google With Tropical Storm Ondoy
Since tropical storm Ondoy hit the Philippine Capital on Saturday, attackers have wasted no time planting malicious pages claiming to host videos of the historic disaster. The city of Manila saw flooding on a level that hasn’t been seen in decades and the pictures are jaw dropping.
Google Users Targeted By New Malicious Websites
zveloLABS™ has been tracking compromised sites that host PageRank Bombs since 2008. The attacker hacks a site, but instead of putting exploits on the hacked site, they put links to other websites in order to boost the search result ranking on various search engines. Initially this was being used for ad sites, porn sites, and pharma fraud sites. Now, however, it is being used to boost the results of malicious sites, but with a new twist that targets Google users.
Chinese Scams Resurface with New Branding
zveloLABS™ has found thousands of URLs and over 200 new domains registered to a group of Chinese scammers. The new sites are the same as the old, but with new branding and promotional products, such as “Acai Power Slim” “Pure Magnum Pro” and “Colo Cleanse Plus”. This scam is perpetrated by sending spam messages advertising a “free trial” of the products. In the end, the criminals have made off with personal information, a credit card number and a recurring monthly charge.
New Rash of Fraud Sites Touting Cheap Software
zvelo is researching a widespread and dangerous ring of fraudulent “OEM Software” distribution sites. These sites offer popular software from Microsoft, Adobe, and many other vendors at a greatly reduced price. Not only do they not deliver installable software, they collect sensitive information from individuals, including credit card numbers.
Mass Compromise of Sites with Webalizer
zveloLABS™ has been tracking a rapidly growing pattern in website exploits over the last 24 hours. Since Thursday, Aug 20 zvelo has seen over 6,000 compromised URLs with a similar pattern.
Have you heard the one about the independent testing lab?
They always independently verify that their client is the best. Well, independent tests these days are a joke.
Return of the zveloBLOG – Formerly ThreatCenter Live Blog
The zveloBLOG™ (formerly ThreatCenter) has returned. zvelo’s work in the web security area (identification of malicious/ compromised websites, not securing of web servers) has produced amazing results and huge volumes and its time to share some of these results back to the greater community.
Black Hat – Las Vegas 2011: Report #2
Tuesday was another full day of malware analysis. The coursework, hosted by Mandiant, consisted of an introduction to OllyDbg, an in-depth look at the Windows loader and the Windows API, specifically covering registry functions, process/threading functions, and sockets.
Black Hat – Las Vegas 2011: Report #1
On Monday, I took a killer crash course from Mandiant on malware analysis. Mandiant was not shy and dove right into the course curriculum. They even setup a great VM for us to practice on, complete with real world samples of malware.