article thumbnail

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort began in 2009 as “ super-socks[.]com SocksEscort[.]com Page translation from Russian via Google Translate.

Malware 203
article thumbnail

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

Those records indicate the user Kerens registered on Verified in March 2009 from an Internet address in Novosibirsk, a city in the southern Siberian region of Russia. Intel 471 reports that gumboldt@gmail.com was used in 2009 to register a user by the nickname “ Kolumb ” on the Russian hacking forum Antichat.

Malware 219
article thumbnail

Thread Hijacking: Phishes That Prey on Your Curiosity

Krebs on Security

He was paroled in 2009, and in 2014 moved his family to a home in Lancaster County, Pa. Thread hijacking attacks are hardly new, but that is mainly true because many Internet users still don’t know how to identify them. The FBI hasn’t responded to LancasterOnline’s tip.

Phishing 253