Malicious threat detection is a critical capability for service providers, businesses and network security vendors allowing real-time identification of URLs and IPs associated with viruses, malware, and other threats with potential to harm to your system.
zveloLABS® researchers recently identified numerous, fictitious 7 News websites promoting work-at-home jobs. These bogus news sites unethically target stay-at-home moms, and falsely promise the discovery of a newfound money-making path in life. Considering the natural appeal of making an honest buck, while being loving care providers at home, it’s certainly easy to understand how unsuspecting mothers could fall for such “recession busting” opportunities.
zveloLABS™ has detected a new widespread compromise, with tens of thousands of domains infected. Cybercriminals have used stolen credentials, placing specially crafted pages into legitimate websites that lead visitors to malicious payloads.
In the security community, little attention is paid to compromised websites that don’t serve up malware. The malicious URL lists maintained by the anti-virus companies, by Google, and by nearly every other source of malicious URLs rely on anti-virus to trigger on exploits and malware to determine if a site is malicious. In a few select cases, behavioral analysis may be used to determine if a visit to a website will lead to an infected computer.
Researchers at Kaspersky labs have discovered a new banking malware campaign that uses an old trick to obfuscate malicious URLs. Rather than using a domain name or IP address for their malicious link the URL is converted to numerical bases such as octal or hexadecimal formats. These formats are supported by major browsers and serve the purpose of tricking users into following the link and infecting their machine.
An outage of the Windows Live ID service affected a large number of MSN users today including users of the popular Hotmail email service. Hotmail is one of the largest web based email outlets and not surprisingly news of the outage spread quickly as users were not able to access their email.