Web threats

Research

The TJX Hacker Black SEO Campaign

While I was reading the Wired article on how Alberto Gonzalez, the TJX hacker who caused $171.5 million in losses, was sentenced to 20 years in prison, I came across an interesting black SEO campaign that distributes fake AVs through Google.

Incidents

Search poisoning, again

Another day, another disaster, and once again, the bad guys are exploiting this subject to poison search results so that those looking for some news get lead to a page offering a rogue AV solution.

Incidents

Patching our children

Today the UK Council on Child Internet Safety [UKCCIS] is launching its Child Internet Safety Strategy. The strategy is designed to encourage children not to disclose personal information, to block unwanted messages on social networks and to report inappropriate behaviour.

Publications

Facebook isn’t always fun

National Anti-Bullying Week is kicking off in the UK today. This year the focus is on combating cyberbullying, with lots of resources for schools, a roadshow, and videos discussing the problem of bullying.

Research

Browsing malicious websites

In recent years, the Web has become the main distribution point for malware. Malicious programs are hosted on websites; users are then either tricked into running these programs manually, or exploits are used to execute the malware automatically on victim machines.

Research

The Gumblar system

We’ve been looking at the infrastructure of the Gumblar malware and found some curious facts on how Gumblar operates which we would like to share to make hosting owners aware of the Gumblar threat.

Reports

Crypto wasted: BlueNoroff’s ghost mirage of funding and jobs

Kaspersky GReAT experts dive deep into the BlueNoroff APT’s GhostCall and GhostHire campaigns. Extensive research detailing multiple malware chains targeting macOS, including a stealer suite, fake Zoom and Microsoft Teams clients and ChatGPT-enhanced images.

Mem3nt0 mori – The Hacking Team is back!

Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.

Mysterious Elephant: a growing threat

Kaspersky GReAT experts describe the latest Mysterious Elephant APT activity. The threat actor exfiltrates data related to WhatsApp and employs tools such as BabShell and MemLoader HidenDesk.