Where Intelligence Analysts and Intelligence Community Clients Meet Their Needs on a Daily Basis!
Dear blog readers, I’ve decided to share with everyone an in-depth historical OSINT analysis on some of the primary pay per install rogue fraudulent and malicious affiliate network based rogue and fraudulent revenue sharing scheme operating malicious software gangs that are known to have been active back in 2008 with the idea to assistRead More
Dear blog readers, I’ve decided to share with everyone a photos compilation which I obtained and actually collected back in 2008 using Technical Collection for the purtpose of demonstrating the basics of the pay per install fraudulent anda rogue underground market business model with the idea to improve’s situational awareness in the field of researchingRead More
The ongoing mass SQL injection attack, has already affected over a million web sites. Cybercriminals performing active search engines reconnaissance have managed to inject a malicious script into ASP ASP.NET websites. From client-side exploits to bogus Adobe Flash players, the campaign is active and ongoing. In this intelligence brief, we’ll dissect the campaign and establishRead More
A currently ongoing massive SQL injection attack has affected hundreds of thousands of web pages across the Web, to ultimately monetize the campaign through a scareware affiliate program. Such massive SQL injection attempts are usually conducted using mass vulnerability scanning tools, with the help of search engines which have already crawled the vulnerable sites. What’sRead More
UPDATED Moday, May 24, 2010: The scareware domains/redirectors pushed by the Koobface botnet, have been included at the bottom of this post, including detection rates and phone back URLs. On May 13th, 2010, the Koobface gang responded to my “10 things you didn’t know about the Koobface gang” post published in February, 2010, by includingRead More
Yet another mass sites compromise is currently taking place, this time targeting DreamHost customers, courtesy of the same gang behind the U.S Treasury/GoDaddy/NetworkSolutions mass compromise campaigns. What’s particularly interesting about the campaign, is not just the Hilary Kneber connection, but also, the fact that a key command and control domain part of the Koobface botnet,Read More
Following last month’s “Dissecting Koobface Gang’s Latest Facebook Spreading Campaign” Koobface gang coverage, it’s time to summarize some of their botnet spreading activities, from the last couple of days. Immediately after the suspension of their automatically registered Blogspot accounts, the gang once again proved that it has contingency plans in place, and started pushing linksRead More
UPDATED: Saturday, May 08, 2010: 5 new domains have been introduced by the same gang, once again parked at 217.23.14.14, AS49981, WorldStream. jumpsearches.com – 217.23.14.14 – Email: alex1978a@bigmir.net ingeniosearch.net – 217.23.14.14 – Email: alex1978a@bigmir.net searchnations.com – 217.23.14.14 – Email: alex1978a@bigmir.net mainssearch.com – 217.23.14.14 – Email: alex1978a@bigmir.net bigsearchinc.com – 217.23.14.14 – Email: alex1978a@bigmir.net Sample exploitation structure:Read More
UPDATED: Thursday, May 13, 2010: Go Daddy posted the following update “What’s Up with Go Daddy, WordPress, PHP Exploits and Malware?“. UPDATED: Thursday, May 06, 2010: The following is a brief update of the campaign’s structure, the changed IPs, and the newly introduced scareware samples+phone back locations over the past few days. Sample structure fromRead More
UPDATED: Thursday, April 29, 2010: Google is aware of these Blogspot accounts, and is currently suspending them. During the weekend, our “dear friends” from the Koobface gang — folks, you’re so not forgotten, with the scale of diversification for your activities to be publicly summarized within the next few days — launched another spreading attemptRead More
![InAttack.ru Forum Official Offline Copy – [RAR] – Direct Download](https://malvertising.net/wp-content/uploads/2025/04/InAttack_Cybercrime_Forum_01-300x300.jpg)
InAttack.ru Forum Official Offline Copy – [RAR] – Direct Download
Original price was: $250.00.$200.00Current price is: $200.00.
![Hackersoft.ru Forum Official Offline Copy – [RAR] – Direct Download](https://malvertising.net/wp-content/uploads/2025/04/Forum_Hackersoft_Cybercrime_Forum_01-300x300.jpg)
Hackersoft.ru Forum Official Offline Copy – [RAR] – Direct Download
Original price was: $250.00.$200.00Current price is: $200.00.
![Milw0rm.com Forum Official Offline Copy – [RAR] – Direct Download](https://malvertising.net/wp-content/uploads/2025/04/Milw0rm_Cybercrime_Forum_01-300x300.jpg)
Milw0rm.com Forum Official Offline Copy – [RAR] – Direct Download
Original price was: $250.00.$200.00Current price is: $200.00.
![Damagelab.org Forum Official Offline Copy – [RAR] – Direct Download](https://malvertising.net/wp-content/uploads/2025/04/Damagelab_org_Cybercrime_Forum_01-300x300.jpg)
Damagelab.org Forum Official Offline Copy – [RAR] – Direct Download
Original price was: $250.00.$200.00Current price is: $200.00.
![Mazafaka.ru Forum Official Offline Copy – [RAR] – Direct Download](https://malvertising.net/wp-content/uploads/2025/04/Mazafaka_Ru_Cybercrime_Forum_01-300x300.jpg)
Mazafaka.ru Forum Official Offline Copy – [RAR] – Direct Download
Original price was: $250.00.$200.00Current price is: $200.00.
