twitter facebook rss

Microsoft condemns the innocent to catch the guilty

Posted by Kevin on July 11, 2014

With great power comes great responsibility. Last week Microsoft exercised the former without practicing the latter: it demonized an innocent company and millions of innocent users to catch two criminals. The ends were good; but the means were not justified. Back in June it obtained an ex parte court ruling that allowed it to take […]

NCA leads international disruption of Shylock banking malware

Posted by Kevin on July 10, 2014

The internationally coordinated global law enforcement action against malware and botnets continues: this time it’s Shylock. “On 8 and 9 July 2014, an alliance of law enforcement and industry undertook measures against the Internet domains and servers that form the core of an advanced cybercriminal infrastructure attacking online banking systems around the globe using the […]

Lecpetex is/is not taken down by Facebook and is/is not like Zeus – possibly

Posted by Kevin on July 10, 2014

A new whitepaper published yesterday by F-Secure Labs provides technical details on the malware known as Lecpetex. It follows Facebook’s publication yesterday of a report titled, Taking Down the Lecpetex Botnet. Lecpetex is a botnet primarily designed to mine bitcoins and primarily spread via the Facebook social network through malicious attachments to messages sent out […]

CosmicDuke – does it highlight the difference between US, Russian and Chinese cyberspies?

Posted by Kevin on July 3, 2014

F-Secure has discovered a new piece of malware that it is calling CosmicDuke – it appears to derive from both the Cosmu and MiniDuke families of malware. Indeed, it seems to suggest that Cosmu and MiniDuke are related, but evidence within the new malware reverses the accepted timeline. That is, it is now believed that […]

Time’s up; Zeus is back

Posted by Kevin on June 18, 2014

Bang on time, Zbot’s back. Admittedly, it’s Zbot rather than specifically GOZeus, but it’s pretty much the same malware. Two weeks ago, the NCA warned: Action taken by the NCA to combat the threat will give the UK public a unique, two-week opportunity to rid and safeguard themselves from two distinct but associated forms of […]

JavaScript: New Privacy/Security Threat

Posted by Alexander Hanff on June 13, 2014

  Recently, a developer I know reasonably well contacted me to show me a new JavaScript library he had written which exposes information on all network adapters and connections on a PC. This code was able to detect -all- network adapters along with the IP addresses assigned to them including virtual adapters. This means that […]

Comment spam – a growing problem

Posted by Kevin on June 9, 2014

Comment spam is a serious and worsening problem. It is the practice of commenting on a website or web service for ulterior purposes: typically for SEO promotion; to lure victims to a poisoned website holding an exploit kit; or for political purposes. To put this in perspective, my old blog ( has blocked more than […]

Europol, FBI, NCA and others disrupt the Gameover Zeus botnet — claim a 2 week window for users to get clean

Posted by Kevin on June 2, 2014

There’s nothing from the FBI yet (at the time of writing); but that will surely follow. In the meantime Europol has announced, On Friday, 30 May 2014, law enforcement agencies from across the world, supported by the European Cybercrime Centre (EC3) at Europol, joined forces in a coordinated action led by the FBI which ensured […]

Worldwide crackdown on BlackShades RAT users

Posted by Kevin on May 20, 2014

First official indications emerged at the Reuters Cybersecurity Summit (although there have been rumblings in hacker circles for a couple of weeks now). This was last Wednesday. The FBI executive assistant director Robert Anderson, appointed in March to oversee ‘all FBI criminal and cyber investigations worldwide, international operations, critical incident response, and victim assistance’, announced: […]