New Banking Trojan Targeting ACH and Wire Payment Sites is Discovered

in

Over the past year, the SecureWorks Counter Threat Unit (CTU)(SM) has seen criminals continue to target Automated Clearing House (ACH) and wire transfer transactions for fraud activity, resulting in high-value losses. Small to midsized businesses (SMBs) and not-for-profits have been hit especially hard. Neustar has published an excellent overview (PDF) of this type of threat.

Watch out for flower-show.org

We saw a pretty PDF file today (md5: 116d92f036f68d325068f3c7bbf1d535).

It looks like this:

flower-show.org

Nice flowers.

Unfortunately, when viewing the file, it uses an exploit against Adobe Reader and drops and runs a file called 1.exe.

worldrofwarcraft.com

warcraft

The World of Warcraft online game has over 10 million players around the world.

World of Warcraft also has hundreds of phishing websites targeting it, trying to steal end-user login credentials.

Like these:

wow


Gmail Phish

Just a quick note to readers to be aware of e-mails purportedly from Gmail administrators. One of our Fellows recently received a message from "The Google Mail Team" asking users to verify their account details to combat "anonymous registration of accounts":

gmail_phishing

Cutwail’s Poorly Written Code Leads to Heavy SSL Traffic

in

This past week, we posted some of Cutwail’s recent spamming activity. As we were digging into the elevated levels of Cutwail activity, the researchers over at Shadowserver posted on the unusual SSL traffic originating from infected hosts.

New Facebook Home Page, Important New Privacy Setting

Facebook started rolling out a new home page and navigation menus earlier today.

And whenever Facebook adds new features, in this case the Applications and Games dashboards, there's usually a new privacy setting as well.

This is what part of the new Applications dashboard looks like.

Facebook Application Privacy

Microsoft Updates and Vulnerabilities

in

Updates

February 9th will bring numerous Microsoft Updates, 13 bulletins addressing 26 vulnerabilities.

All versions of Windows are affected.

Microsoft, February 2010

Looks like a busy Tuesday is ahead.

U.S. Cybersecurity Changes with H.R. 4061

It seems that the recent and unusually public disclosure of the Google breach (and dozens of other U.S. corporations) has turned some heads.

Using Google Images to Investigate Fraud

Sami, one of our test engineers, was recently seeking a Play Station 3.

He found this offer at Huuto.net, a Finnish auction site.

PS3 Auction

160€ for a 60GB unit, with games, not bad.

Sami wanted to confirm that the seller was legit, so he requested a picture, and received this.

PS3 Auction

Internet Security 2010 — YOUR SYSTEM IS INFECTED

Rogueware Internet Security 2010 (not to be confused with PC Tools Internet Security 2010) is moving its way to the top of ThreatFire’s community stats to be one of the highest hitting FakeAv/scareware/rogueware packages for January 2010 and the beginning of Feb. Not only is its prevalence glaring, but the infection itself visually and functionally stands out:


Syndicate content