Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Email: dancho.danchev@hush.com Bitcoin Donate: bc1qncspyks7uwdkyyxzxzp6zjgqlrwm3er3q88dju TOX ID: 53B409440A6DC34F1BA458869A0462D92C15B467AF6319D481CA353690C88667833A0EE82969

Thursday, May 26, 2011

A Peek Inside the Vertex Net Loader

›

It appears that the author of the of the DarkComet RAT has been keeping himself rather busy. In early-stage development (currently in BETA),...

A Peek Inside the Vertex Net Loader

›

It appears that the author of the of the DarkComet RAT has been keeping himself rather busy. In early-stage development (currently in...

Wednesday, May 25, 2011

Keeping Money Mule Recruiters on a Short Leash - Part Eight - Historical OSINT

›

With money mule recruitment scams continuing to represent an inseparable part of the cybercrime ecosystem, in this post I'll summarize t...

Keeping Money Mule Recruiters on a Short Leash - Part Eight - Historical OSINT

›

With money mule recruitment scams continuing to represent an inseparable part of the cybercrime ecosystem, in this post I'll summariz...

Tuesday, May 10, 2011

Keeping Money Mule Recruiters on a Short Leash - Part Seven

›

Continuing the what has turned into a tradition, the " Keeping Money Mule Recruiters on a Short Leash " series, in this post we...

Monday, May 09, 2011

Thursday, April 28, 2011

Spamvertised "Successfull Order 977132" Leads to Scareware

›

A currently ongoing malware campaign is impersonating Bobijou Inc for malware-serving purposes. Sample subject: " Successfull Order 97...

Tuesday, April 12, 2011

Spamvertised "Reqest Rejected" Campaign Serving Scareware

›

A currently spamvertised scareware-serving campaign is enticing end users into downloading and executing a malicious binary, which drops a s...

Monday, April 11, 2011

Don't Play Poker on an Infected Table - Part Four

›

A currently spamvertised campaign is enticing users into downloading and executing a fraudulent online gambling application known as VegasVI...

Monday, April 04, 2011

Summarizing Zero Day's Posts for March

›

The following is a brief summary of all of my posts at ZDNet's Zero Day for March. You can subscribe to my personal RSS feed , Zero...

Spamvertised DHL Notifications Scareware Campaign

›

Yet another currently spamvertised campaign is impersonating DHL for scareware serving purposes. Sample subjects: DHL notification #random ...

‹

›

Home

View web version

About Me

Dancho Danchev: Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com

View my complete profile

A Peek Inside the Vertex Net Loader

A Peek Inside the Vertex Net Loader

Keeping Money Mule Recruiters on a Short Leash - Part Eight - Historical OSINT

Keeping Money Mule Recruiters on a Short Leash - Part Eight - Historical OSINT

Keeping Money Mule Recruiters on a Short Leash - Part Seven

A Peek Inside a New DDoS Bot - "Snap"

Don't Play Poker on an Infected Table - Part Five

Summarizing ZDNet's Zero Day Posts for April

Spamvertised "Successfull Order 977132" Leads to Scareware

Spamvertised "Reqest Rejected" Campaign Serving Scareware

Don't Play Poker on an Infected Table - Part Four

Summarizing Zero Day's Posts for March

Spamvertised DHL Notifications Scareware Campaign