HackDig : Dig high-quality web security articles for hackers

Redirect auction

We’ve already looked at links under old YouTube videos or in Wikipedia articles which at some point turned bad and began pointing to partner program pages, phishing sites, or even malware. It was as if the attackers were purposely buying up domains, but such a scenario always seemed to us too complicated. Recently, while examining the behavior of one n
Publish At:2020-07-08 08:11 | Read:407 | Comments:0 | Tags:Featured Research Phishing Website Hacks

Web skimming with Google Analytics

Web skimming is a common class of attacks generally aimed at online shoppers. The principle is quite simple: malicious code is injected into the compromised site, which collects and sends user-entered data to a cybercriminal resource. If the attack is successful, the cybercriminals gain access to shoppers’ payment information. To make the data flow to
Publish At:2020-06-22 06:07 | Read:674 | Comments:0 | Tags:Featured Publications Security Websites Website Hacks

Explicit content and cyberthreats: 2019 report

‘Stay at home’ is the new motto for 2020 and it has entailed many changes to our daily lives, most importantly, in terms of our digital content consumption. With users opting to entertain themselves online, malicious activity has grown. Over the past two years we have reviewed how adult content has been used to spread malware and abuse users̵
Publish At:2020-06-15 06:58 | Read:722 | Comments:0 | Tags:Featured Publications Adware Malware Malware Statistics Mobi

Verizon’s 2020 DBIR

Verizon’s 2020 DBIR is out, you can download a copy or peruse their publication online. Kaspersky was a contributor once again, and we are happy to provide generalized incident data from our unique and objective research. We have contributed to this project and others like it for years now. This year’s ~120 page report analyses data from us and
Publish At:2020-05-24 07:11 | Read:585 | Comments:0 | Tags:Publications Cybercrime Data theft Malware Statistics Ransom

Holy water: ongoing targeted water-holing attack in Asia

On December 4, 2019, we discovered watering hole websites that were compromised to selectively trigger a drive-by download attack with fake Adobe Flash update warnings. This campaign has been active since at least May 2019, and targets an Asian religious and ethnic group. The threat actor’s unsophisticated but creative toolset has been evolving a lot s
Publish At:2020-03-31 08:22 | Read:899 | Comments:0 | Tags:APT reports Featured Adobe Flash Backdoor drive-by attack Ja

iOS exploit chain deploys LightSpy feature-rich malware

A watering hole was discovered on January 10, 2020 utilizing a full remote iOS exploit chain to deploy a feature-rich implant named LightSpy. The site appears to have been designed to target users in Hong Kong based on the content of the landing page. Since the initial activity, we released two private reports exhaustively detailing spread, exploits, infrast
Publish At:2020-03-26 14:33 | Read:1011 | Comments:0 | Tags:APT reports Featured Apple iOS APT Backdoor Google Android I

Mokes and Buerak distributed under the guise of security certificates

The technique of distributing malware under the guise of legitimate software updates is not new. As a rule, cybercriminals invite potential victims to install a new version of a browser or Adobe Flash Player. However, we recently discovered a new approach to this well-known method: visitors to infected sites were informed that some kind of security certifica
Publish At:2020-03-05 08:33 | Read:951 | Comments:0 | Tags:Featured Incidents Backdoor Digital Certificates Trojan Vuln

Black Friday Alert 2019: Net Shopping Bag of Threats

Every year, Kaspersky releases an annual Black Friday alert to highlight how fraudsters may capitalize on increased levels of online shopping at this time of year when many brands are offering their customers appealing discounts. In the rush to get a big discount or, even more panic-inducing, a limited time offer, many shoppers lose all sense of vigilance. C
Publish At:2019-11-22 18:05 | Read:1187 | Comments:0 | Tags:Publications Electronic Payments Malware Statistics Phishing

The cybercrime ecosystem: attacking blogs

Executive summary The Cybercrime Ecosystem is a series of articles explaining how cybercriminals operate, what drives them, what techniques they use and how we, regular Internet users, are part of that ecosystem. The articles will also cover technical details and up-to-date research on the threat landscape to provide a more realistic understanding of why thi
Publish At:2019-11-21 06:05 | Read:1783 | Comments:0 | Tags:Research code injection Data leaks Malware SQL injection Vul

Chrome 0-day exploit CVE-2019-13720 used in Operation WizardOpium

Executive summary Kaspersky Exploit Prevention is a component part of Kaspersky products that has successfully detected a number of zero-day attacks in the past. Recently, it caught a new unknown exploit for Google’s Chrome browser. We promptly reported this to the Google Chrome security team. After reviewing of the PoC we provided, Google confirmed th
Publish At:2019-11-12 01:05 | Read:1803 | Comments:0 | Tags:Featured Incidents Google Chrome JavaScript Proof-of-Concept

The Mistakes of Smart Medicine

As numerous studies have shown, smart houses, smart cars, and smart cities are undeniably beneficial to people in everyday life, but quite often can become a threat to their safety. It is not only a matter of personal data leakage. Just imagine that, for example, a smart refrigerator, affected by a third party at one point or another, would begin identifying
Publish At:2017-03-30 14:35 | Read:5013 | Comments:0 | Tags:Analysis Featured Publications infrastructure Internet of Th

Lurk: a danger where you least expect it

While we were researching the malicious program Lurk in early February 2016, we discovered an interesting oddity in how this banking Trojan spreads. From the data we had, it emerged that the users attacked by Lurk also installed the remote administration software Ammyy Admin on their computers. At first, we didn’t really give this much thought, but fur
Publish At:2016-07-18 13:20 | Read:4394 | Comments:0 | Tags:Blog Research Banking Trojan Website Hacks

The Tip of the Iceberg: An Unexpected Turn in the xDedic Story

Introduction Last week we reported on the xDedic underground marketplace that facilitated the selling and buying of access to compromised RDP servers. We counted over 70,000 hacked server accounts from 173 countries for sale on the marketplace. After the public announcement the xDedic website very quickly went offline, thanks to the cooperation of several ma
Publish At:2016-06-20 09:05 | Read:4911 | Comments:0 | Tags:Blog Research Cybercrime Hackers marketplace Website Hacks

Freezer Paper around Free Meat

BeEF Wrapped Up and Delivered in 2016 In late February 2016, a University website in Iran stood out for thoroughly vetting its current and potential students and staff. The University’s web site┬áserved repackaged content from the Browser Exploitation Framework (BeEF) with embedded JavaScript content maintaining the potential to hook visitors’ web
Publish At:2016-04-27 08:25 | Read:4130 | Comments:0 | Tags:Blog Incidents Research Software APT Cyber espionage Cybercr

Beware of Backdoored Linux Mint ISOs

Background Yesterday a blog post on “The Linux Mint Blog” caught our attention. Apparently criminals managed to compromise a vulnerable instance of WordPress which the project used to run their website. The attackers modified download links pointing to backdoored ISO files of Linux Mint 17.3 Cinnamon edition. This “should only impact people
Publish At:2016-02-22 13:55 | Read:4860 | Comments:0 | Tags:Blog Incidents Backdoor Botnets Linux Website Hacks

Tools