Get In Touch
Introduction Since the release of the Mirai source code in October of 2016, there have been hundreds of variants. While publishing my own research, I noticed that Palo Alto Networks was also examining similar samples, and published their findings. Earlier this month, not too long after Palo Alto Networks published their report, I discovered a newer version of Echobot that uses 26 different exploits for its infection vectors. In some
Phishing is a multifaceted type of attack, aimed at collecting usernames and passwords, personal information, or sometimes both. Yet, these attacks only work so long as the phishing kit itself remains hidden. Phishing is a numbers game and time is a factor. The longer a phishing kit can remain active and undetected, the longer the scam can run. The longer the scam runs, the number of victims only increases.
Every day Akamai sees thousands of new phishing pages. Over the last few months one kit, and the pattern it represents, has stood out to our researchers. In today's post, we're going to explore this kit, how it came to be, and what its existence means to the public. Since December, Akamai has tracked the development and deployment of different phishing kits. Some of them are using an almost factory-like
Akamai's annual customer conference, Edge World, kicked off on June 10 in Las Vegas, so what better time for us to release our latest State of the Internet report? State of the Internet / Security Volume 5, Issue 3 is focused on web attacks and takes a deeper dive into credential abuse in the gaming industry.
While recently examining hundreds of phishing kits for ongoing research, Akamai discovered something interesting - several of the kits included basic vulnerabilities due to flimsy construction or reliance on outdated open source code. Considering the impact phishing kits have on the Internet and web hosting as a whole, the phrase "kicking someone when they're down" certainly come to mind.
While speaking to a colleague of mine regarding recent work on Akamai's Enterprise Threat Protector (ETP) Research Team, related to phishing detection and mitigation, we discussed a recent phishing campaign targeting Microsoft users that leveraged free HTML hosting services and how easy it has become to build and deliver phishing website.
Additional research by Or Katz When it comes to targeting Apple users and their personal and financial data, 16Shop has emerged as a go to kit for those who can afford it. While 16Shop is sold to criminals looking to collect sensitive information from a targeted subset of the Internet community, at least one pirated version circulating online houses a backdoor that siphons off the data harvested and delivers it
Researchers at Akamai observed attackers using a novel approach for evading detection. This new technique - which we call Cipher Stunting - has become a growing threat, with its roots tracing back to early-2018. By using advanced methods, attackers are randomizing SSL/TLS signatures in an attempt to evade detection attempts.
Real-world data on how adding DNS data to a deep learning model increases its effectiveness By Yael Daihes & Craig Sprosts These days, big data and machine learning are topics of frequent discussion within the security community. While the idea that machine learning algorithms prosper with access to more data is hardly a revelation, we wanted to dig deeper and conduct an experiment using global DNS traffic. More specifically, how