Friday, July 08, 2022

Upcoming Personal Memoir - Official Announcement!

Dear blog readers, Big news. I've recently decided to convert my personal blog into a pre-order landing page for my 756 pages long upcom...

Call for Interest - Establishing the Foundations for a Part-Time Project-Based Cybercrime Project Task Force

Dear blog readers, I wanted to let everyone know that I'm currently busy a temporary part-time project-based task force and I might ne...

Dancho Danchev's Blog - Soliciting Contributing Writers and Guest Bloggers

Dear blog readers, As many of you noticed I've recently expanded my blog to include and feature a diverse set of personal research por...

Historical OSINT - The Koobface Gang Mixing Social Engineering Vectors

It's the Facebook message that came from one of your infected friends pointing you to an on purposely created bogus Bloglines blog s...

Real-Time OSINT vs Historical OSINT in Russia/Georgia Cyberattacks

The original real-time OSINT analysis of the Russian cyberattacks against Georgia conducted on the 11th of August, not only closed the ...

The DDoS Attack Against Bobbear.co.uk

When you get the "privilege" of getting DDoS-ed by a high profile DDoS for hire service used primarily by cybercriminals atta...

Who's Behind the GPcode Ransomware?

So, the ultimate question - who's behind the GPcode ransomware? It's Russian teens with pimples, using E-gold and Liberty Reserve a...

Who's Behind the Georgia Cyber Attacks?

Of course the Klingons did it, or you were naive enough to even think for a second that Russians were behind it at the first place? Of the t...

Dissecting the Koobface Worm's December Campaign

The Koobface Facebook worm -- go through an assessment of a previous campaign -- is once again making its rounds across social networ...
Wednesday, July 06, 2022

Time to Say Goodbye!

Ho, Ho, Ho. Merry Christmas or Christmas just came in earlier. This is an official letter to all of my 5.6M readers since December, 2005 inc...
Friday, July 01, 2022

Historical OSINT - Profiling a Compilation of Known Apophis Exploit Kit C&C Public Domains - An OSINT Analysis

I've been recently digging into several archives in terms of looking for actionable threat intelligence based on my research circa 2010 ...

Search Engine for Hackers/Analysts/Bloggers/OSINT Analysts and Threat Intelligence Experts! Here We Go!

Dear blog readers, This is Dancho. I wanted to take the time and effort and introduce you to my latest project which is a publicly accessibl...
Wednesday, June 29, 2022

Seeking Cyber Security and Threat Intelligence Experts To Work On Collaborative Sharepoint and Microsoft Access Cyber Threat Actor Database! Approach Me Today!

Dear blog readers, Here's the big news and I sincerely hope that you'll approach me at dancho.danchev@hush.com to discuss this proje...
Tuesday, June 28, 2022

Rogue iFrame Injected Web Sites Lead to the AndroidOS/FakeInst/Trojan-SMS.J2ME.JiFake Mobile Malware

A currently ongoing malicious campaign relying on injected iFrames at legitimate Web sites, successfully segments mobile traffic , and expos...

Bogus "Shocking Video" Content at Scribd Exposes Malware Monetization Scheme Through Parked Domains

Bogus content populating Scribd, centralized malicious/typosquatted/parked domains/fraudulent infrastructure, combined with dozens of malwar...