Ice IX Goes Global: Automatic Matching of HTML Injections with Victim’s Language

Fraudsters continue to extend their global reach through geo-targeted services and crimeware strains: Country-specific malware-infection services are readily sold to bot-herders via dedicated websites, with rates ranging from $30 to $250 per 1,000 infected computers. Ready-made botnets can be purchased in the underground along with HTML injections that target the region’s largest financial institutions, enabling…

Blackhat Tool Shop is Open for Business

In one of its recent findings, RSA FraudAction Research Labs has uncovered yet another new underground shop which was opened a few weeks ago, selling fraud commodities e-commerce style. The new shop offers access to compromised resources, compromised webmaster credentials, and custom PHP coding for their cybercrime clientele.

For Fraudsters by Fraudsters: iFrame Traffic Shop Opens for Business

A new iFrame traffic service opened for business to service cybercriminals came from an underground operator who apparently wished to provide his fraudster-buyers with an easy online platform through which they could buy or sell web traffic. Evidently, when used in the context of fraud, one can expect to see junk traffic leading to exploit kit infections, Trojan drive-by download sites, and live phishing pages.

Underground Credit Card Store Operators Aggregate Their Stolen Data

The constant hustle and bustle of underground fraudster markets is a bountiful source for any and all types of fraud commodities and partnerships formed between seemingly anonymous criminals in the virtual world. And yet, one very prominent vertical, if we may, stands far out from the rest—credit card shops and just about everything that has…

Charting the Evolution of Phishing

The RSA FraudAction team just marked a major milestone – reaching the official shut down of 500,000 phishing attacks, done across 185 countries. Sometimes viewed as one of the oldest Internet scams in the book, phishing is still a very popular method among cybercriminals. RSA recently estimated that worldwide losses from phishing attacks during the 12-month period from July 2010 through June 2011 reached nearly $1 billion. How did such a seemingly simple email ruse get to be such big business in the world of cyber crime?

What’s to Laptops, Smartphones…and Money Mules

Did you think it possible that organized cybercrime generated fraud revenues in the magnitude of those generated by illicit drug trafficking? Surprised? Fraudsters specializing in turning stolen information into cash and goods in the real world are a burden on the global economy, expressed through billions of dollars of fraud losses suffered by businesses and consumers every year.

Man-in-the-middle Standing Between You and Your Cash

Hello Man in The Middle, so we meet again. It appears that lately, this older and slower adversary is back in the wire fraud business, this time more organized and featured in better-orchestrated Trojan attacks than ever before. MiTM attacks were rather prominent through 2009 and used by most fraudsters to commit online banking fraud. MiTM…

Ice IX – Zeus v2.0 Derivative Does Not Cut Any Ice

Since the Zeus source code was leaked, one of the predictions security researchers were convinced of was that independent code writers, wishing to enter cybercrime coder’s world, would be glad to do it by using a ready-made baseline. One such code to have surfaced in underground and hacking forums soon after the code leak was Trojan Ice IX. But is it all what it is cracked up to be?