Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

In the overwhelming sea of information, access to timely, insightful and independent open-source intelligence (OSINT) analyses is crucial for maintaining the necessary situational awareness to stay on the top of emerging security threats. This blog covers trends and fads, tactics and strategies, intersecting with third-party research, speculations and real-time CYBERINT assessments, all packed with sarcastic attitude

Saturday, October 20, 2018

Historical OSINT - Hundreds of Bogus Bebo Accounts Serving Malware

It's 2010 and I've recently intercepted a wide-spread Bebo malicious malware-serving campaign successfully enticing users into interacting with the fraudulent and malicious content potentially compromising the confidentiality availability and integrity of the targeted host to a multi-tude of malicious software.

Sample malicious domains known to have participated in the campaign:
hxxp://boss.gozbest.net/xd.html - 216.32.83.110
hxxp://tafficbots.com/in.cgi?6
hxxp://bolapaqir.com/in.cgi?2
hxxp://mybig-porn.com/promo4/?aid=1339

We'll continue monitoring the campaign and post updates as soon as new developments take place.

Dancho Danchev

Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com