Glavmed Sister Program ‘GlavTorg’ to Close

A prominent affiliate program that pays people to promote knockoff luxury goods is closing its doors at the end of January. The program — GlavTorg.com — is run by the same individuals who launched the infamous Glavmed and SpamIt rogue pharmacy operations. Launched on July 4, 2010 and first announced on the Glavmed pharmacy affiliate … Читать далее

Warnings About Windows Exploit, pcAnywhere

Security experts have spotted drive-by malware attacks exploiting a critical security hole in Windows that Microsoft recently addressed with a software patch. Separately, Symantec is warning users of its pcAnywhere remote administration tool to either update or remove the program, citing a recent data breach at the security firm that the company said could help … Читать далее

Mr. Waledac: The Peter North of Spamming

Microsoft on Monday named a Russian man as allegedly responsible for running the Kelihos botnet, a spam engine that infected an estimated 40,000 PCs. But closely held data seized from a huge spam affiliate program suggests that the driving force behind Kelihos is a different individual who commanded a much larger spam empire, and who … Читать далее

Microsoft: Worm Operator Worked at Antivirus Firm

In a surprise filing made late Monday, Microsoft said a former technical expert at a Russian antivirus firm was the person responsible for operating the Kelihos botnet, a global spam machine that Microsoft dismantled in a coordinated takedown last year. Andrey Sabelnikov In a post to the Official Microsoft Blog, the company identified 31-year-old Andrey … Читать далее

‘Citadel’ Trojan Touts Trouble-Ticket System

Underground hacker forums are full of complaints from users angry that a developer of some popular banking Trojan or bot program has stopped supporting his product, stranding buyers with buggy botnets. Now, the proprietors of a new ZeuS Trojan variant are marketing their malware as a social network that lets customers file bug reports, suggest … Читать далее

‘MegaSearch’ Aims to Index Fraud Site Wares

A new service aims to be the Google search of underground Web sites, connecting buyers to a vast sea of shops that offer an array of dodgy goods and services, from stolen credit card numbers to identity information and anonymity tools. MegaSearch results for BIN #423953 A glut of data breaches and stolen card numbers … Читать далее

Phishing Your Employees 101

A new open source toolkit makes it ridiculously simple to set up phishing Web sites and lures. The software was designed to help companies test the phishing awareness of their employees, but as with most security tools, this one could be abused by miscreants to launch malicious attacks. Simple Phishing Toolkit admin page The Simple … Читать далее

Flying the Fraudster Skies

Given the heightened security surrounding air travel these days, it may be hard to believe that fraudsters would try to board a plane using stolen tickets. But incredibly, there are a number of criminal travel agencies doing business in the underground, and judging from the positive feedback left by patrons, business appears to be booming. … Читать далее

Adobe, Microsoft Issue Critical Security Fixes

Adobe and Microsoft today each issued software fixes to tackle dangerous security flaws in their  products. If you use Acrobat, Adobe Reader or Windows, it’s time to patch. Microsoft released seven security bulletins addressing at least eight vulnerabilities in Windows. The lone “critical” Microsoft patch addresses a pair of bugs in Windows Media Player. Microsoft … Читать далее

Virtual Sweatshops Defeat Bot-or-Not Tests

Jobs in the hi-tech sector can be hard to find, but employers in one corner of the industry are creating hundreds of full-time positions, offering workers on-the-job training and the freedom to work from home. The catch? Employees will likely toil for cybercrooks, and their weekly paychecks may barely cover the cost of a McDonald’s … Читать далее