Cybercriminals are determined and informed on the latest trends and how to exploit them. Which is why we need to take the time to educate ourselves - and our friends and family – about shopping carefully so we can have a happy, and safe Holiday season.
The FortiGuard Labs team recently discovered a new platform offering DDoS-for-hire service called “0x-booter.” First appearing on October 17, 2018, 0x-booter is available to anyone who signs up on the website. As shown in the following figures, this service comes with an explicitly defined user interface which enables practically anyone to learn and use the service.
A couple of days ago, a friend of mine, James, was the victim of a scam and gave away his credit card number and CVC. The interesting part is that he is not the "standard" victim, but a very security aware person: he's a researcher on the security of embedded systems, a CTF player, and he cares for his privacy. Nevertheless, he fell into the trap of a phishing scam, and the story tends to prove that we will all likely fall for one of these one day. The only difference between James and the ordinary online shopper is that, the next day, he was uneasy with the situation and decided to investigate more.
The vast majority of cybercrime we deal with is opportunistic and automated. It is the domain of criminals trolling for the unaware and vulnerable. They target unpatched systems and vulnerable applications, exploit gullible end users, break through inadequate security systems, and infect people wandering around the web in places they probably shouldn’t go.