Cybercrime

Cybercrime / Featured Blogs

Policy Failure Enables Mass Malware: Part II (ICANN and OnlineNIC)

Sep 29, 2010

On Wednesday September 29th at 1PM there will be a meeting in the Old Executive Building in Washington D.C. with Registries and domain Registrars to discuss illegal Internet sales of prescription drugs. ICANN was originally invited but declined because citing "inappropriateness" . One "U.S." Registrar who definitely will not be in attendance is OnlineNIC more

Policy Failure Enables Mass Malware: Part I (Rx-Partners/VIPMEDS)

Sep 23, 2010

This is the first in a series of releases that tie extensive code injection campaigns directly to policy failures within the Internet architecture. In this report we detail a PHP injection found on dozens of university and non-profit websites which redirected visitor's browsers to illicit pharmacies controlled by the VIPMEDS/Rx-Partners affiliate network. This is not a unique problem, however the pharmacy shop sites in question: HEALTHCUBE[DOT]US and GETPILLS[DOT]US should not even exist under the .US Nexus Policy. more

Precrime Regulation of Internet Innovation

Sep 20, 2010

In the sci-fi movie Minority Report, a 'precrime' police unit relies on the visions of psychics to predict future crimes, then arrests the potential perpetrators before they do anything wrong. In the world of Internet governance, the future is now, as regulators want online services to predict and prevent safety threats before they actually occur. more

Stopping the Flow of Online Illegal Pharmaceuticals

Aug 31, 2010

Reading through Brian Kreb's blog last week, he has an interesting post up on the White House's call upon the industry on how to formulate a plan to stem the flow of illegal pharmaceuticals...It is unclear to me whether or not the goal of this initiative is to stem the flow of online crime in general or to reduce the flow of illegal pharmaceuticals flowing into the United States (since presumably this cuts into the profits of large pharmaceutical companies... more

Ensuring Maximum Resilience to the DNS?

Aug 26, 2010

Yesterday CommunityDNS noticed a sudden, heavy spike in traffic through its Anycast node in Hong Kong. While comfortably processing queries at 863,000 queries per second for close to 2 hours the occurrence was undeniable. While we can't say the increase in traffic was specifically due to DDoS, its sudden increase is suspicious and reminds us that DDoS is still a popular tool used by the malicious community. more

Omnibus Cybersecurity Bill May Not Go Where Original Authors Intended

Aug 26, 2010

In an interview with GovInfoSecurity, Sen. Thomas Carper said that the U.S. Senate is considering attaching cybersecurity legislation to a defense authorizations bill. Though clearly a ploy to be able to say "we did something about those evil hackers" before the elections, CAUCE applauds the attempt. There can be no doubt that the United States (and many other countries) sorely needs better laws to deal with these threats. more

Russian Cybercrime is Organized / Russian Cybercrime is Not Organized

Aug 25, 2010

The more I read, the more I see conflicting views on the state of the criminal cybercrime world. On the one hand, the Russian criminal cybercrime underworld is a scary, organized place... On the other hand, there is the position that that position is an exaggeration of what it is actually like and that it's a bunch of ragtag folks who have some advanced computer skills but they are not formally organized. ... I see this very similarly to how I see cyber warfare... more

Three Things Registrars Must Do to Enhance Security

Aug 09, 2010

If the rise of phishing has taught us anything, it's that on the Internet, if a digital asset has value, there's somebody out there who wants to steal it. Whether it's a bank account password, a credit card number, a PayPal login, or even a magic sword in an online game, there's a fraudster somewhere trying to misappropriate it for his or her own nefarious purposes. Domain names have always been a target for such criminals. more

Using Facebook for Verisimilitude? For real?

Aug 03, 2010

I recently became aware of the new pay-by-mobile phone service Venmo.com. "Pay friends with your phone, skip the ATM, Settle up on meals, rent, bills and drinks" ... Venmo are using Facebook connect as a way of verifying user identities, at least that is what they claim. more

DNS RPZ, Malicious Domains… Bring Your Own Policy. Dress Casual.

Aug 02, 2010

Paul observed that most new domain names are malicious. Are they? Since the "dawn of tasting", some 30 million domain names have been created for the purposes of interposition on existing name to resource mappings. That is a third of the .COM historical growth, and mostly in the last five years. ... It is difficult not to conclude that interposition on persistent, public referents is without malice, and that the malicious parties are advertisers seeking to transform public referents into private property, as promotional devices... more

Industry Updates

Tracking Down Fake Cryptocurrency Sellers Using DNS Intelligence

Profiling a Popular DDoS Booter Service’s Ecosystem

Examining a U.S. Tax Scammer’s Web Infrastructure through the DNS Lens

DNS Investigation: Is xDedic Truly Done for After Its Takedown?

DNS Deep Diving into Pig Butchering Scams

Investigating the UNC2975 Malvertising Campaign Infrastructure

A Log4Shell Malware Campaign in the DNS Spotlight

A Fake ID Marketplace under the DNS Lens

Behind the Genesis Market Infrastructure: An In-Depth DNS Analysis

Rogue Bulletproof Hosts May Still Be Alive and Kicking as DNS Intel Shows

Phisher Abusing .com TLD?

The Makings of ADHUBLLKA According to the DNS

Thawing IcedID Out Through a DNS Analysis

New CSC Research Indicates Launch of Threads by Instagram is Already a Growing Target for Fraud and Brand Abuse

  • By CSC
  • Aug 23, 2023

WhiteSnake Stealer Serpentines through the DNS

View More