Clik here to view.
Neutrino bot
Neutrino bot is a malware who appeared and vanished quickly like Phase.not worth the look anyway. Advert:Login:Task:Statistics:Clients:Files:Logs:Settings:
View ArticleClik here to view.
Phase (Win32/PhaseBot-A)
Small write-up about 'Phase' a malware who appeared and vanished very rapidly.I had a look on it with MalwareTech who wrote several stories, it was shown that Phase is in reality a 'new' version of...
View ArticleClik here to view.
Captain Barbarossa
Captain Barbarossa, is used for Paypal phishing and sold as phishing kit, the kit include an admin panel.User is tricked with a fake Paypal login asking for details, here in German:Once infos are...
View ArticleClik here to view.
Cryptorbit locker
When Cryptorbit ransomware was targeting people i've visited themSQL database:Bad guy...
View ArticleClik here to view.
Tiberium/Consuella USPS money laundering service
Consuella was a 'USPS drop service' run by one of the Lampeduza administrator.This type of service is used to help credit card thieves to "cash out" by sending carded labels service overseas (or not)...
View ArticleClik here to view.
Alina 'sparks' source code review
I got on my hands recently the source code of Alina "sparks", the main 'improvement' that everyone is talking about and make the price of this malware rise is the rootkit feature.Josh Grunzweig did...
View ArticleClik here to view.
Betabot retrospective
Some of you know Betabot.. if you don't: http://www.ic3.gov/media/2013/130918.aspx1.0.2.5 panel:Dashboard:extended information:Search options:Tasks:Remove bot:Terminate bot till next...
View ArticleClik here to view.
Citadel 0.0.1.1 (Atmos)
Guys of JPCERT, 有難う御座います!Released an update to their Citadel decrypter to make it compatible with 0.0.1.1 sample.Citadel 0.0.1.1 don't have a lot of documentation, so time as come to talk about...
View Article