Where Intelligence Analysts and Intelligence Community Clients Meet Their Needs on a Daily Basis!
With scareware/rogueware/fake security software continuing to be the cash-cow choice for the Koobface gang, keeping them on a short leash in order to become the biggest opportunity cost for the gang’s business model is crucial. The following are currently active blackhat SEO redirectors/Koobface-infected hosts redirectors and actual scareware domains courtesy of the gang. Blackhat SEORead More
Oops, they did it again – the Koobface gang, which is now officially self-describing itself as Ali Baba and the 40 Thieves LLC, has not only included a Koobface-themed — notice the worm in the name — background on Koobface-infected hosts, but it has also included a “Wish Koobface Happy Holidays” script — last timeRead More
Ali Baba and the 40 thieves LLC are once again multi-tasking, this time compromising hundreds of thousands of web sites, and redirecting Google visitors — through the standard http referrer check — to scareware serving domains. What’s so special about the domains mentioned in Cyveillance’s post, as well as the ones currently active on thisRead More
UPDATED – Wednesday, November 18, 2009: A new update is pushed to the hundreds of thousands infected hosts, which is now performing the redirection using dynamically generated .swf files, with every page using the same title “Wonderful Video”. The redirection is also a relatively static process. For instance, if the original koobface redirector is koobface.infected.host/301,Read More
UPDATE: 4 hours after notification, Twitter has suspended the remaining bogus accounts. Until the next time, when the reCAPTCHA recognition gets cost-effectively outsourced for automatic scareware-serving purposes. Over the last couple of days, my Ukrainian “fan club” — fan club in a sarcastic sense due to the love, more love, even more love and gratitudeRead More
UPDATE1: TrendMicro just confirmed the ongoing double-layer monetization of Koobface. Meanwhile, the gang is rotating the scareware domains with new ones pushed by popup.php, followd by two recently updated Koobface components. The new scareware domains kjremover .info; lrxsoft .info – 212.117.160.21 – Email: niclas@i.ua actually download it from the well known q2bf0fzvjb5ca .cn portfolio, whichRead More
“In gaz we trust“? I’d rather change GazTranzitStroyInfo’s vision to HangUp Team‘s infamous – “in fraud we trust“. It is somehow weird to what lengths would certain cybercriminals go to create a feeling of legitimacy of their enterprise. AS29371 – gaztranzitstroyinfo LLC – 91.212.41.0/24 based in Russia, Sankt Peterburg, Kropotkina 1, office 299, is oneRead More
![InAttack.ru Forum Official Offline Copy – [RAR] – Direct Download](https://malvertising.net/wp-content/uploads/2025/04/InAttack_Cybercrime_Forum_01-300x300.jpg)
InAttack.ru Forum Official Offline Copy – [RAR] – Direct Download
Original price was: $250.00.$200.00Current price is: $200.00.
![Hackersoft.ru Forum Official Offline Copy – [RAR] – Direct Download](https://malvertising.net/wp-content/uploads/2025/04/Forum_Hackersoft_Cybercrime_Forum_01-300x300.jpg)
Hackersoft.ru Forum Official Offline Copy – [RAR] – Direct Download
Original price was: $250.00.$200.00Current price is: $200.00.
![Milw0rm.com Forum Official Offline Copy – [RAR] – Direct Download](https://malvertising.net/wp-content/uploads/2025/04/Milw0rm_Cybercrime_Forum_01-300x300.jpg)
Milw0rm.com Forum Official Offline Copy – [RAR] – Direct Download
Original price was: $250.00.$200.00Current price is: $200.00.
![Damagelab.org Forum Official Offline Copy – [RAR] – Direct Download](https://malvertising.net/wp-content/uploads/2025/04/Damagelab_org_Cybercrime_Forum_01-300x300.jpg)
Damagelab.org Forum Official Offline Copy – [RAR] – Direct Download
Original price was: $250.00.$200.00Current price is: $200.00.
![Mazafaka.ru Forum Official Offline Copy – [RAR] – Direct Download](https://malvertising.net/wp-content/uploads/2025/04/Mazafaka_Ru_Cybercrime_Forum_01-300x300.jpg)
Mazafaka.ru Forum Official Offline Copy – [RAR] – Direct Download
Original price was: $250.00.$200.00Current price is: $200.00.
