Exposing BBC's Chimera DDoS Botnet - An Analysis

Dear blog readers,

Back in 2009 the BBC bought a DDoS botnet to demonstrate how it works.

In this post I've decided to offer sample screenshots of the actual botnet in question with the idea to raise more awareness on how the BBC actually bought a DDoS botnet to demonstrate how it works.

Sample screenshots include:

Stay tuned!

Continue reading →

Exposing a SQL Injection Capable IRC Malware Bot - An Analysis

Dear blog readers,

I've decided to share with everyone a screenshot which I took back in 2010 which basically demonstrates an IRC malware bot which is capable of executing SQL injection campaign using stolen or compromised access to malware-infected hosts where the actual C&C server activity takes place in IRC where the botnet master can basically send instructions to any of the botnet's infected hosts for the purpose of having them execute and participate in a SQL injection attack that also includes scanning and reconnaissance capabilities.

Stay tuned!

Continue reading →

Exposing a Chinese Web Site Defacement Attack Campaign Against Iran-based Web Sites - An Analysis

NOTE:

I took these screenshots in 2010.

An image is worth a thousand words.

Sample screenshots include:

Stay tuned!

Continue reading →

Exposing a Publicly Accessible CAPTCHA-Solving Service - An Analysis

Dear blog readers,

I've decided to share with everyone a series of photos courtesy of a publicly accessible CAPTCHA-solving service that also includes the breaking and direct bypassing of Google's reCAPTCHA with the idea to raise awareness on the fact that in today's modern cybercrime ecosystem the bad guys continue to outsource the CAPTCHA solving process to humans who would then systematically and semi-automatically attempt to solve as many CAPTCHAs as possible potentially earning a decent portion of revenue in the process and most importantly empowering today's modern spam and blackhat SEO tools in terms of automated CAPTCHA solving and account registration services on some of today's major Web properties.

Sample screenshots include:

Stay tuned!

Continue reading →

Exposing Recently Leaked Cybercrime-Friendly Forum Community Screenshots - An Analysis

Dear blog readers,

I've decided to share some publicly obtainable and available screenshots of what appears to be a compromise of what used to be a high-profile cybercrime-friendly forum community with the idea to raise awareness on the fact that even the bad guys can suffer security breaches that also includes attacks from fellow researchers Law Enforcement and vendors including fellow cybercriminals.

Sample screenshots include:

 

Stay tuned!

Continue reading →

A Peek Inside the Mod Bot Malicious Software Botnet Release - An Analysis

Dear blog readers,

Continuing the "going through my old threat intelligence research archives" blog post series I've decided to share yet another compilation of Mod Bot which is a well known malicious software botnet release with some pretty interesting and sophisticated features. 

An image is worth a thousand words.

Sample screenshots include:

Stay tuned!

Continue reading →

A Peek Inside the Hybrid Remote Administration Control System Malicious Software - An Analysis

Dear blog readers,

I've recently decided to take a peek inside my old threat intelligence research archives and I've decided to share some sample screenshots of a popular back in 2010 malicious software botnet release known as the "Hybrid Remote Administration Control System".

An image is worth a thousand words.

Sample screenshots include:

Stay tuned!

Continue reading →