#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Russian Underground | Breaking Cybersecurity News | The Hacker News

Category — Russian Underground
New Banking malware 'i2Ninja' being sold via underground Russian Cybercrime Market

New Banking malware 'i2Ninja' being sold via underground Russian Cybercrime Market

Nov 21, 2013
Researchers at Trusteer   spotted a new banking malware program on the underground Russian cybercrime market , that communicates with attackers over the I2P anonymity network is for sale on underground Russian cybercrime forums. Dubbed ' i2Ninja ', malware has most of the features found in other financial malware including the ability to perform HTML injections and form grabbing in Internet Explorer, Firefox and Chrome. i2Ninja can also steal FTP and e-mail credentials. It also has a PokerGrabber module feature that targets poker sites. The traffic between the malware and the command server cannot be easily blocked by intrusion prevention systems or firewalls because it's encrypted and transmitting over the Invisible Internet Project (I2P). Everything from delivering configuration updates to receiving stolen data and sending commands is done via the encrypted I2P channels. I2P communication can make it much harder for security researchers to fin...
Why you should try to join some of the underground hacker forums that are out there

Why you should try to join some of the underground hacker forums that are out there

Dec 05, 2012
Even if you are considered to be a white hat hacker, you are always still walking a fine line between being a bad guy and a good guy in many people eyes. There are a lot of people out there who believe that there should be no hacking at all being done and everyone who does it should be considered a criminal. Of course that is a very small myopic view of how being a white hat hacker really works but there is always going to be an element of that kind of thought out there. There are just a lot of people out there who believe that if you ban hacking outright that it will never be done. And that is simply just not true and is a pure fantasy. But if you really want to be a good and effective white hat hacker, then there are some elements about the other side that you should really get to know. If you want to be able to beat your enemies then you should be able to figure out how they operate. It is not enough for you to be able to take a look at their attacks and try to study their patterns...
Want to Grow Vulnerability Management into Exposure Management? Start Here!

Want to Grow Vulnerability Management into Exposure Management? Start Here!

Dec 05, 2024Attack Surface / Exposure Management
Vulnerability Management (VM) has long been a cornerstone of organizational cybersecurity. Nearly as old as the discipline of cybersecurity itself, it aims to help organizations identify and address potential security issues before they become serious problems. Yet, in recent years, the limitations of this approach have become increasingly evident.  At its core, Vulnerability Management processes remain essential for identifying and addressing weaknesses. But as time marches on and attack avenues evolve, this approach is beginning to show its age. In a recent report, How to Grow Vulnerability Management into Exposure Management (Gartner, How to Grow Vulnerability Management Into Exposure Management, 8 November 2024, Mitchell Schneider Et Al.), we believe Gartner® addresses this point precisely and demonstrates how organizations can – and must – shift from a vulnerability-centric strategy to a broader Exposure Management (EM) framework. We feel it's more than a worthwhile read an...
Java zero-day exploit sold in underground Market

Java zero-day exploit sold in underground Market

Nov 28, 2012
Once again a zero day vulnerability exploit is sold by cyber criminals in the underground, once again a the flaw is related to Oracle's Java software that could allow to gain remote control over victim's machine. The news has been reported by KrebsOnSecurity blog that announced that the exploit being sold on an Underweb forum. The vulnerability is related to the most recent version of Java JRE 7 Update 9, it isn't present in previous versions of the framework, in particular the bug resides within the Java class "MidiDevice according the info provided by the seller that describes it with following statements: " Code execution is very reliable, worked on all 7 version I tested with Firefox and MSIE on Windows 7 ," " I will only sell this ONE TIME and I leave no guarantee that it will not be patched so use it quickly. " The exploited class is a component of Java that handles audio input and output. It's easy to understand that similar vulnerability has a great value du...
cyber security

Innovate Securely: Top Strategies to Harmonize AppSec and R&D Teams

websiteBackslashApplication Security
Tackle common challenges to make security and innovation work seamlessly.
John McAfee accused of murder, wanted by Belize police

John McAfee accused of murder, wanted by Belize police

Nov 12, 2012
John McAfee, who started the antivirus software giant named after him, has been accused of murder in Belize and wanted.  Gizmodo reports that McAfee has been living in Belize for a while now, spending most of his time there experimenting with drugs. McAfee's marketing slogan: " Safe is not a privilege. It is a right. " This news comes just a few days after Gizmodo ran a long story about McAfee's increasingly erratic and borderline criminal behavior. In it, he sounds paranoid as he talks about people wanting to take his money and kill him and he admits to having associated with gangsters in Belize. McAfee had taken to " posting on a drug-focused Russian message board...about his attempts to purify the psychoactive compounds colloquially known as 'bath salts, '" Gizmodo wrote. The scariest aspect of this story may be the fact that an entire lab was constructed for John McAfee's research purposes. Because of his efforts to extract chemicals...
Russian Underground Cybercrime market offering sophisticated services

Russian Underground Cybercrime market offering sophisticated services

Nov 05, 2012
Security firm Trend Micro recent analyses the Russian crimeware markets and has found that malware tools and services range from one-time packages which cost just pennies to sophisticated packages and services which cost purchasers thousands of dollars per month. If you want to buy a botnet it will cost you somewhere in the region of $700. If you just want to hire someone else's botnet for an hour, though, it can cost as little as $2. There are at least 20 different types of services offered in Russian-speaking forums for just about anyone who wants to make a buck off of cybercrime, everything from crime-friendly VPN and security software-checking services to plain old off-the-shelf exploits. " As the Russian underground community continuously modifies targets and improves technologies, security companies and users must constantly face the challenge of effectively protecting their money and the information they store in their computers and other devices ," the ...
Expert Insights / Articles Videos
Cybersecurity Resources