Thursday, December 27, 2012

Dancho Danchev's Blog Most Popular Posts for 2012

The time has come to reflect on this year's most popular posts, and emphasize on the key points about what made them special.

  1. Who's Behind the Koobface Botnet? - An OSINT Analysis - Indisputably, the exposing of Koobface botnet master KrotReal is this year's most popular blog post. The release of the post, and the New York Times article discussing the case, immediately resulted in the shut down of the Koobface botnet.
  2. Exposing the Market for Stolen Credit Cards Data - Although the post was originally published in 2011, it's the second most popular for 2012, proving that factually presenting the existence of a growing trend, inevitably reaches a wider audience.
  3. Dissecting 'Operation Ababil' - an OSINT Analysis - The OSINT analysis of 'Operation Ababil' is this year's third most popular post. The analysis correctly identified a key participant in certain parts of the campaign, although it explicitly emphasized on the fact just how easy is it to launch a cyber false flag operation online.
  4. Profiling a Vendor of Visa/Mastercard Plastics and Holograms - The main purpose of this post, was to shed more light into the increasing availability of "blank plastic" services, whose QA (Quality Assurance) processes sometimes outpace the OPSEC (Operational Security) efforts put in place by the targeted companies.
  5. Pricing Scheme for a DDoS Extortion Attack - This post highlighted a bold, but obtained from "in the wild" DDoS extortion letter, indicating the degree of flexibility and professionalism applied by the cybercriminals behind it.
  6. A Peek Inside the Vertex Net Loader - This post summarized the key features of the Vertex Net Loader, and emphasized on the systematic release of related DIY malware loaders/bots within the cybercrime ecosystem.
  7. Dissecting the Ongoing Mass SQL Injection Attack - Regular readers of my personal blog are used to getting the latest threat intelligence regarding a particular widespread campaign, virtually in real-time. That was the main objective of this analysis, fortunately, successfully achieved.
  8. Dissecting the Massive SQL Injection Attack Serving Scareware - An ever-green analysis demonstrating monetization of hijacked Web traffic through a scareware affiliate program.
  9. Koobface Botnet Master KrotReal Back in Business, Distributes Ransomware And Promotes BHSEO Service/Product - The second post in the series profiling ex-Koobface botnet master KrotReal's cybercrime-friendly operations, also gained a lot of attention, and proved that the lack of prosecution in this case, can, and will, ultimately lead to more cybercrime-friendly activities.
  10. Dissecting 'Operation Ababil' - an OSINT Analysis - Part Two - With 'Operation Ababil' still an open question to many of the major media outlets, the second part of the analysis discussed another tool used in the campaign, with the idea to raise more awareness on the tools and techniques used by the attackers behind the campaign.
Thank you all for being regular blog readers! The best is yet to come! See you all in 2013!

This post has been reproduced from Dancho Danchev's blog. Follow him on Twitter.

Thursday, December 13, 2012

Upcoming Portfolio of Commercially Available CYBERINT Reports

Valued blog readers,

Over the years, you've been exposed to insightful, in-depth, "God Eye's View" of some of the most prolific, targeted, and trending cyber attacks/cybercriminal schemes, that shaped the way we fight and anticipate cybercrime campaigns throughout the years.

Although the production of such publicly available and socially oriented content at this blog will continue, it's time to raise the stakes even higher - in 2013, I'll be systematically making available commercially available CYBERINT assessments on multiple aspects of the cybercrime ecosystem. It's the stuff that will help your decision-making process, it's the data to help you prosecute those behind these fraudulent operations, it's the tactics and trends you don't get to read about anywhere online.

Please, take 1 second of your precious time, and participate in the voting poll on the right side of the blog.

Enjoy the holidays, and see you all in 2013!

This post has been reproduced from Dancho Danchev's blog. Follow him on Twitter.