Quantcast
Channel: Nart Villeneuve » nart
Browsing all 15 articles
Browse latest View live

Dynamic Malware Binaries

I recently found the distribution point for a malware affiliate that dynamically generates a new binary (but the same malware) every time it is queried. The malware distributers periodically query the...

View Article



Crime or Espionage?

ZeuS is a well known crimeware tool kit that is readily available online. The tool allows even the most unskilled to operate a botnet. Typically, Zeus has been associated with banking fraud. Recently,...

View Article

Crime or Espionage? Part 2

In “Crime or Espionage Part 1” I examined a series of attacks that appear to be aimed at those interested in intelligence issues and those in the government and military. The malware used in these...

View Article

Image may be NSFW.
Clik here to view.

Old Threats are Current Threats

Despite the fact that the authors of the Pinch Trojan were “pinched” by law enforcement in 2007, the Pinch Trojan continues to be a current threat both because the source code is available (so anyone...

View Article

Image may be NSFW.
Clik here to view.

Krajabot

The Kraja botnet has managed to compromise 185,645 computers, the vast majority of which are located in Russia. Of the 199,513 unique IP addresses recorded from compromised computers, 87.88% are in IP...

View Article


Image may be NSFW.
Clik here to view.

Black Hat SEO, PPC & RogueAV Part 2

Part 1 of “Black Hat SEO, PPC & RogueAV” focused on the type and amount of incoming traffic generated through BlackHat SEO methods. This traffic is monetized through the use of RogueAV,...

View Article

Image may be NSFW.
Clik here to view.

Clustering Zeus Command and Control Servers

Recently, more than 150 individuals around the world have been arrested on bank fraud related charges after using the Zeus malware to acquire credentials that enabled the criminals to steal more than...

View Article

Malware Diversification

There are wide varieties of malware, many of which have similar functionality. As a result there is a tendency to portray them as being in competition with on another. In some ways this is true,...

View Article


Image may be NSFW.
Clik here to view.

Command and Control in the Cloud

In “Shadows in the Cloud: An investigation into cyber espionage 2.0” my co-authors and I analyzed the command and control infrastructure of a network that extracted secret, confidential and restricted...

View Article


Image may be NSFW.
Clik here to view.

Clustering Zeus Command and Control Servers Part 2

In Part 1 of “Clustering Zeus Command and Control Servers” I focused on clustering Zeus command and control servers based on three criteria: IP addresses, domain names, and email addresses used to...

View Article

Nobel Peace Prize, Amnesty HK and Malware

There have been two recent attacks involving human rights and malware. First, on November 7, 2010, contagiodump.blogspot.com posted an analysis of a malware attack that masqueraded as an invitation to...

View Article

Koobface: Inside a Crimeware Network

The Information Warfare Monitor (Citizen Lab, Munk School of Global Affairs, University of Toronto and the SecDev Group, Ottawa) announce the release of Koobface: Inside a Crimeware Network by Nart...

View Article

Image may be NSFW.
Clik here to view.

Pack Mules: The Re-Shipping Fraud & Malware Connection

Malware toolkits are designed to steal information, such as bank account data, and provide cyber criminals with vast quantities of stolen credentials. Every day, credit card numbers stolen by malware...

View Article


Image may be NSFW.
Clik here to view.

RX-promotion: A Pharma Shop

More than 65% of spam consists of “pharmaceutical spam” sent through a variety of well known spam botnets such as Rustock and Cutwail. These spam messages use multiple shop brands and sell a variety of...

View Article

2010 and Beyond

The year of 2010 has been an interesting for malware researchers. From the attacks on Google through to the ShadowNet there have been many interesting cases that targeted high profile targets. However,...

View Article

Browsing all 15 articles
Browse latest View live




Latest Images