In a recent blog post, we wrote about Vawtrak expanding targets and gaining momentum. Fast forward a few months and the threat is anything but diminishing. Sophos just released a technical report on Vawtrak which discusses the significance of the threat and its Crimeware-as-a-Service model. In December 2014, Vawtrak version 0x38 was released including significant code and configuration changes...

We’ve all seen them — the outrageous emails offering millions from a mysterious foreign prince in exchange for a “small” fee. These classic advanced fee scams have been around since the early days of the internet, often dressed up with official-sounding language and long email threads to lure victims.But Fortra Brand Protection recently uncovered a new twist: a sophisticated scam built around a...

On Friday, the full source code of the Dendroid Remote Access Trojan (RAT) was leaked. Dendroid is a popular crimeware package that targets Android devices and is sold on underground forums for $300. Usually, the source code for botnet control panels is encrypted, so it was surprising to find the full source code for the Dendroid control panel included in the leaked files. Analyzing the leaked...

Phishing is a prevalent problem for businesses, particularly financial institutions. Over the years, many services have emerged to help organizations address phishing attacks that are targeting their customers' accounts. When seeking solutions, businesses find they have several options to choose from. These fall into three categories:Phishing takedown servicesAnti-phishing servicesPhishing...

A new wave of “Man-in-the-Middle” (MitM) attacks is targeting online banking and social media users, affecting customers of over 70 financial institutions.In these attacks, hackers use spam to deliver malware that modifies DNS settings and installs a rogue Certificate Authority (CA). The DNS changes redirect users to the attacker’s DNS servers, which in turn route traffic through malicious proxy...