OphcrackCD 3.4.0!

May 20, 2012
  Ophcrack is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms. Features: Runs on Windows, Linux/Unix, Mac OS X, … Cracks LM and NTLM hashes. Free [...]

No Comments » | Livecd, open source, Tools | Permalink
Posted by Kumar

Training Session Part 7 – Practical Reversing (II) – Unpacking UPX

May 19, 2012
Here is the quick update from our this month’s Local Security meet (sx/null/g4h/owasp) where Nagareshwar did splendid session on ‘Practical Reversing (II) – Unpacking. This is part of our ongoing FREE ‘Reversing & Malware Analysis [...]

No Comments » | Computer Security, Debugging, Malware Analysis, Reverse Engineering, Security Training, Site News | Permalink
Posted by Amit

Bogus Pinterest Pins Lead to Survey Scams

May 18, 2012

The continuing increase in visitors to the Pinterest site may be a primary cause why it’s becoming a hit for cybercriminals’ scams and schemes. In March, we spotted scammers using popular brands to lure users into “pinning” fake posts that led to surveys scams. This new wave of survey scams I found came from my search using “pinterest” as keyword.

Users who re-pin the posts from the sample above will most likely spread the post.

In addition, I also spotted posts using URL shorteners such as bit.ly and goo.gl. When clicked, the shortened URLs/the fake posts lead to any of the following URLs:

  • http://pinterest.co{BLOCKED}t.info/?419
  • http://pinterest.com-{BLOCKED}key.info/Thank-You/fb/
  • http://pinterest.co{BLOCKED}s.info
  • http://pinterest.{BLOCKED}one.info
  • http://pinterestgift.{BLOCKED}hing.info
  • http://pinterests.{BLOCKED}onus.info

Upon clicking the link, users are redirected to a Pinterest-like webpage offering prizes, vouchers, gift cards and others:

Made to resemble like a typical Pinterest webpage, the fake site features a search field, add+, an about. However, these are mere images and are not clickable. The clickable links are those that redirect to survey scams such as Body Age Quiz.

After a user fills out the fields required in the scam page, users are also required to enter their mobile numbers. Users who do provide their numbers will receive a code on their mobile phones and will continue to receive unwanted messages, charges and other scams via text message.

And Via Email, Too

Another thing I’ve noticed is that the fake site requires an email address:

Users entering their email addresses are brought to complete several steps to get the supposed offer. Users receive an email claiming to be from Pinterest. The email urges the user to click on the link found in the message body to confirm the subscription. Clicking on the link redirects the user to a Pinterest-like scam page. Again, all the clickable links lead to the same scam pages.

Upon closer investigation of these attacks, I noticed that before users are redirected to the fake Pinterest sites, the connection passes through ad-tracking sites. This way, the number of visitors are tracked, determining the supposed earnings of the scammers. Based on our data, the fake Pinterest URLs are being visited since May 2. Fake Pinterest posts hosting scams are likely to spread within Pinterest via users who re-pin the posts. The “offers” in these fake Pinterest posts look enticing after all. Plus, some users would want to ask the rest of the Pinterest community to verify such offers, like this user.

Pinterest has since removed some of the fake Pinterest posts. Trend Micro users are also protected from these scams by the web reputation technology in our Smart Protection Network™.

Post from: TrendLabs | Malware Blog - by Trend Micro

Bogus Pinterest Pins Lead to Survey Scams

No Comments » | Social Media | Permalink
Posted by Paul Pajares (Fraud Analyst)

Facebook Password Decryptor Crosses One Million Downloads

May 17, 2012
Today its proud moment for all of us at SecurityXploded as our Top Tool, ‘Facebook Password Decryptor’ touches One Million Downloads. Facebook Password Decryptor is the FREE tool to automatically recover Facebook Login password from [...]

No Comments » | Computer Forensics, Hacking, Password Recovery, Pen Testing, Security Tools, Site News, Site Statistics | Permalink
Posted by Nagareshwar Talekar

IS and OPS – Building the Bridge

May 9, 2012
I’ve tried writing this post several times and I was never happy with the result.  Finally I sat back and realized that I was casting my net too wide.  So I decided to break this post up into several parts.  But first a quick overview of the concept I want to cover.  I’ve been in [...]

No Comments » | Analysis, Security, synergy | Permalink
Posted by reswob10

SecurityXploded Mentorship Programme Application Form

May 1, 2012
Recently we have announced our new initiative “Mentorship Programme” in which we will mentor/guide the students on Security Research projects. For more information please visit our Mentorship Programme page. To apply to this Mentorship Programme, [...]

No Comments » | Computer Security | Permalink
Posted by Amit

Out of the Box Rogue Investigation

April 29, 2012
One of my tasks is to find rogue devices on the network. There are many methods to do this; ours is OK. Not the best, but it works pretty well. I hope to talk more about the how in a later post.  Anyway, one of the more difficult tasks when doing this is identifying the [...]

No Comments » | Analysis, Rogues | Permalink
Posted by reswob10

Porn-Tool.Win32.StripDance.d

April 27, 2012
This malware displays adult-content video clips. It is a Windows dynamic library (PE DLL file). It is 1 959 592 bytes in size. It is written in C++.

No Comments » | Uncategorized | Permalink
Posted by Securelist / Descriptions

Hoax.HTML.OdKlas.a

April 27, 2012
When the user opens the fraudulent resource in the browser, this HTML document opens in a frame on the main page. The domain names of such fraudulent resources nearly match the "Odnoklassniki.ru" site...

No Comments » | Uncategorized | Permalink
Posted by Securelist / Descriptions

Hoax.HTML.Agent.i

April 27, 2012
This hoax program imitates the download of Opera browser updates. It is an HTML page containing Java Script. It is 15 184 bytes in size.

No Comments » | Uncategorized | Permalink
Posted by Securelist / Descriptions

« Previous Entries
FireStats icon Powered by FireStats