Malicious threat detection is a critical capability for service providers, businesses and network security vendors allowing real-time identification of URLs and IPs associated with viruses, malware, and other threats with potential to harm to your system.
Reports are plentiful of non-human bots gaming the online advertising industry by delivering fraudulent impressions and click traffic, and the Internet Advertising Bureau (IAB) took note. The IAB released the “Traffic Fraud: Best Practices for Reducing Risk to Exposure” on December 5, 2013, to help online media buyers, publishers and ad networks mitigate the dilemma.
There have been two notable botnets that have cost online advertisers millions of dollars in advertising click fraud in recent weeks. The first botnet, Bamital, was taken down by Microsoft and Symantec in February. A second botnet was later identified and dubbed Chameleon by Spider.io, a security company that specializes in analyzing web traffic. Since zvelo is also in the business of analyzing and categorizing web content viewed by actual users, this story resonated hard with zveloLABS.
zveloLABS® researchers recently identified numerous, fictitious 7 News websites promoting work-at-home jobs. These bogus news sites unethically target stay-at-home moms, and falsely promise the discovery of a newfound money-making path in life. Considering the natural appeal of making an honest buck, while being loving care providers at home, it’s certainly easy to understand how unsuspecting mothers could fall for such “recession busting” opportunities.
zveloLABS™ has detected a new widespread compromise, with tens of thousands of domains infected. Cybercriminals have used stolen credentials, placing specially crafted pages into legitimate websites that lead visitors to malicious payloads.
In the security community, little attention is paid to compromised websites that don’t serve up malware. The malicious URL lists maintained by the anti-virus companies, by Google, and by nearly every other source of malicious URLs rely on anti-virus to trigger on exploits and malware to determine if a site is malicious. In a few select cases, behavioral analysis may be used to determine if a visit to a website will lead to an infected computer.
Researchers at Kaspersky labs have discovered a new banking malware campaign that uses an old trick to obfuscate malicious URLs. Rather than using a domain name or IP address for their malicious link the URL is converted to numerical bases such as octal or hexadecimal formats. These formats are supported by major browsers and serve the purpose of tricking users into following the link and infecting their machine.
An outage of the Windows Live ID service affected a large number of MSN users today including users of the popular Hotmail email service. Hotmail is one of the largest web based email outlets and not surprisingly news of the outage spread quickly as users were not able to access their email.