Digging deep for PLATINUM

This blog introduces our latest report from the Windows Defender Advanced Threat Hunting team. You can read the full report at: PLATINUM: Targeted attacks in South and Southeast Asia There is no shortage of headlines about cybercriminals launching large-scale attacks against organizations. For us, the activity groups that pose the most danger are the ones…


Phishing: not just for banks

When people think of phishing (a deception to trick a user into sharing their credentials with a third party), they might usually think of banking. But with the popularity of online games, they can still be a target even if they protect their banking information. A typical reason for phishing in games is to steal…


Stratfor customers targeted by cybercriminals

Cybercriminals are continuing to use a social engineering trick to lure users for their malware campaigns. This time, they targeted customers of Stratfor – a subscription-based provider of geopolitical analysis. Attacks against Stratfor clients began after a reported breach of their customer database. The spammed email contains an attached PDF file named “stratfor.pdf”. Upon opening…


Fake Seattle traffic ticket notification leads to malware

Our partners at the City of Seattle sent us a warning today about a phishing campaign which targets users very close to home — specifically, Seattle Washington. They’re seeing spam mail circulating that claims to be from Seattle Department of Motor Vehicles, stating that the victim is charged with a traffic offense, and requesting that…


Fake Canadian pharma site causing headaches

I awoke the other day to a friend calling me and exclaiming into the phone: “My Yahoo email account was hacked !!!” He had been angrily accused by others in his contact list of sending spam messages and sharing inappropriate website links. Most of the questions he fielded had the same query: “Why did you…


When spear phishers target security researchers

Every now and then a would-be criminal online picks the wrong potential victim. I was recently selling a 1995 Ford Escort on the site Craigslist.com and had a number of interested buyers. One such candidate offered a $500 IOU plus a six-month supply of tile grout. Luckily, he never showed up. Another potential buyer, by…


Phishing encounter while on vacation

It was my first night in Beijing for a long-overdue vacation. I purchased a SIM card from the airport and sent SMS greetings to friends and family and other families in town. SMS is hugely popular and a main communication channel in China. Guess what? The first SMS I received was from a strange number:…