Today I’d like to share a full path analysis including a KickBack attack which took me to gain full access to an entire Ursniff/Gozi botnet. In other words:Â from a simple “Malware Sample” to “Pwn the Attacker Infrastructure”. NB: Federal Police have already been alerted on such a topic as well as National and International […]
A youngster (20) from Washington was indicted last week on federal computer hacking charges after rival hackers fingered him as the creator of a Mirai variant dubbed Satori. MalwareMustDie Team: âItâs time for every teenager or young man to know that playing with malware is the fastest way to finish in the jailâ Mirai, Mirai […]
Security researchers at Proofpoint security have discovered a previously undocumented downloader tracked as AdvisorsBot that was involved in malicious email campaigns. AdvisorsBot was uncovered in malicious email campaigns, attributed to the TA555 threat actor, targeting hotels, restaurants, and telecommunications entities. The name âAdvisorsBotâ comes from the early command and control (C&C) domains that all contained the word […]
A new cross-platform Mirai variant appeared in the threat landscape, this one has been created using an open-source project. Security experts from Symantec have spotted a new cross-platform Mirai variant that has been created with an open-source project. Mirai malware first appeared in the wild in 2016 when the expert MalwareMustDie discovered it in massive […]
Malware researchers from ESET have published a detailed report on the latest variant of the Turla backdoor that leverages email PDF attachments as C&C. Malware researchers from ESET have conducted a new analysis of a backdoor used by the Russia-linked APT Turla in targeted espionage operations. The new analysis revealed a list of high-profile victims that was […]
Security researchers from Bitdefender have spotted a new Android spyware framework dubbed Triout that could be used to create malware with extensive surveillance capabilities. Bitdefender researchers have identified a new spyware framework can be used to spy into Android applications, it is tracked as Triout and first appeared in the wild on May 15. The researcher revealed that the command […]
Kaspersky Labs detected a sophisticated piece of banking malware dubbed Dark Tequila that was used to target customers of several Mexican banks. Security experts from Kaspersky Labs have spotted a sophisticated strain of banking malware dubbed Dark Tequila that was used to target customers of several Mexican financial institutions. According to the researchers, the complex Dark Tequila malware […]
The popular malware researchers Marco Ramilli has analyzed a malware that remained under the radar for more than two years. Today I’d like to share the following reverse engineering path since it ended up to be more complex respect what I thought. The full path took me about hours work and the sample covers many […]
Security researchers at IBM Research developed a “highly targeted and evasive” AI-powered malware dubbed DeepLocker and will present today. What about Artificial Intelligence (AI) applied in malware development? Threat actors can use AI-powered malware to create powerful malicious codes that can evade sophisticated defenses. Security researchers at IBM Research developed a “highly targeted and evasive” attack tool powered […]
Security researchers at Checkpoint security have spotted a massive proxy botnet, tracked as ‘Black’ botnet, created by Ramnit operators. Security researchers at Checkpoint security have spotted a massive proxy botnet, tracked as ‘Black’ botnet, that could be the sign of a wider ongoing operation involving the Ramnit operators. Ramnit is one of the most popular […]