Tuesday, September 11, 2007

Storm Worm's DDoS Attitude

Stage one - infect as many end users with high speed Internet access as possible through the use of client side vulnerabilities . Stage two ...
Monday, September 10, 2007

Google Hacking for MPacks, Zunkers and WebAttackers

If wannabe botnet masters really wanted to hide their activities online, they would have blocked Google's crawlers from indexing their d...

Popular Web Malware Exploitation Techniques

Who needs zero day vulnerabilities to achieve a widescale malware infection these days? Obviously the lack of this popular in the past prere...
Thursday, September 06, 2007

Infecting Terrorist Suspects with Malware

As we've already seen in the past, cyber jihadists, thus wannabe terrorists, use commercial anti virus , anti spyware and anonymity sof...
Wednesday, September 05, 2007

Examples of Search Engine Spam

Perhaps I should say an example of a 50/50 black hat SEO, as Google's not listing the first, but has already crawled the second - cashho...

Storm Worm's Fast Flux Networks

Following my previous posts on " Storm Worm Malware Back in the Game " and " Storm Worm's use of Dropped Domains ", ...
Tuesday, September 04, 2007

Login Details for Foreign Embassies in the Wild

Login details for international embassies have been in the wild since August 30th in a full disclosure style : " Here is a list with...

DIY Exploits Embedding Tools - a Retrospective

Great analysis by the Spywareguide folks -- Chris Boyd and Peter Jayaraj in this assessment -- especially my deja vu moment with the King...
Monday, September 03, 2007

Spammers and Phishers Breaking CAPTCHAs

The emergence of CAPTCHA based authentication was a logical move in the fight against automated brute forcing of login details, registration...
Friday, August 31, 2007

Bank of India Serving Malware

Ryan at ZDNet's Security blog is reporting on the breached site of Bank of India , which in the time of blogging is still serving malw...

Malware as a Web Service

Popular malware tools such as binders and downloaders usually come in a typical software application form. Moreover, when I talk about malwa...
Thursday, August 30, 2007

Massive Online Games Malware Attack

Despite Storm Worm's worldwide media coverage, there're many other malware campaigns currently active in the wild, again exploiting...
Wednesday, August 29, 2007

Storm Worm's use of Dropped Domains

The daily updated Bleedingthreats.org's Rules to block Storm worm DNS and C&C keeps growing at a significant speed, and with the gr...

DIY Phishing Kits

In times when socially oriented bureaucrats are prompting such popular projects as the KisMAC and the Default Password List to seek hosti...
Tuesday, August 28, 2007

The Economics of Phishing

Years ago, phishing used to be like fishing at least in respect to the preparation and the patience required for the fisherman to catch some...
Sunday, August 26, 2007

Your Point of View - Requested!

Question : What is the most realistic scenario on what exactly happened in the recent DDoS attacks aimed at Estonia, from your point of vie...
Saturday, August 25, 2007

DIY Pharming Tools

In a previous post I discussed pharming from the perspective of abusing a DNS server and starting a wide-scale pharming attack. However, i...
Friday, August 24, 2007

Distributed WiFi Scanning Through Malware

Distributed computing through malware , OSINT thought botnets, distributed password cracking and distributed malicious economies of scale - ...

GIMF - "We Will Remain"

After having both of its blogs shut down , the Global Islamic Media Front issued a modest statement " Global Islamic Media Front: We w...
Wednesday, August 22, 2007

The Nuclear Malware Kit

Web based C&C malware kits are already a commodity, and with the source codes of MPack and IcePack freely available in the wild, modif...