Security Labs

Update: A 50€ gift card for free?! “Hey, I’m no fool!“

Another famous German consumer electronic retailer has to warn its customers against the free gift card spam attack. The G Data SecurityLabs discovered new websites, which allegedly promote the second

The new websites we found also seemingly offer 50€ gift cards to the first 5,000 customers who follow the instructions given. This means the users have to share this particular site on Facebook, among other things. Sharing the website entails that many more people reach out to the website and t... Read More »

A 50€ gift card for free?! “Hey, I’m no fool!“

One of Europe’s most famous electronic goods retailers launched its first online shop just recently, on 16 January 2012. Cyber criminals take this opportunity to spread messages with fake gift card

The messages spreading try to convince you to visit a website such as mm-gutscheine.info or similar.

This particular domain was... Read More »

The current case „DNSChanger“ – what computer users can do now

What happened so far? The successful undertaking of the so called ”Operation Ghost Click“, carried out by the FBI and other international law enforcement entities, was celebrated in the media –

There are two different characteristics of “DNSChanger“ malware which should become clear with the following explanation:

Character 1:
The malware modifies the DNS settings on an infected Windows PC. These settings include the “hosts” file and the DHCP settings.
I... Read More »

What will 2012 bring in terms of cyber-crime? - The G Data SecurityLabs estimate what will become a topic to take look at

 The last days of 2011 are closing in and we think it is time to take a brief look at what we can expect in the near future. It is very likely that we will end up with an all-time high of more th

If you would like to read the entire report “Trends 2012”, please refer to the bottom of this blog post to find the documents. 

A brief overview about the main topics to come:
One of the emerging issues, which will definitely stay in the focus, is concerning&nb... Read More »

Hacked Wordpress pages reveal potential time bomb - Injected code is “hidden” and can strike at attacker’s will

The G Data SecurityLabs discovered code injections into Wordpress pages, which are potentially dangerous. Attackers managed to inject code and convert the websites into “zombie” websites, which ca

The injected code in the present cases is <SCRIPT id="googleblogcontainer"> and it is inserted towards the end of the webpage’s source code. We’ve seen it inserted multiple times into one webpage, having 100 or more code lines in between each injection.
This inserted Java... Read More »

FakeAV online scanner scam still in the wild - Let's have a look at the possible evolution of some famous FakeAV scanner scams

The FakeAV business faced a decrease in the last few months. Due to federal law enforcement activities against the FakeAV industry and some major search engine optimizations to prevent blackhat seo poisoning, less infections of FakeAV programs were reported in the last five months. Despite those ... Read More »

Various money-related spams serve as versatile attack vector to spread ZeuS - The emails and the linked website attack the victim in various ways to spread the dangerous banking Trojan

We discovered a series of really nasty spam mails that have a lot to offer. There are various types of it, with different subject, seemingly connected to the geographical areas they are spread in. Let’s have a look at an email we discovered in Poland:
Read More »