Archive | Malware


24 September 2015 | 1,085 views

XcodeGhost iOS Trojan Infected Over 4000 Apps

So the recent XcodeGhost iOS Trojan Infection has escalated quickly, an initial estimate of 39 infected apps has rapidly increased to over 4000! You can see the FireEye announcement here: Protecting Our Customers from XcodeGhost XCodeGhost is the first instance of the iOS App Store distributing a large number of trojanized apps, the malicious/infected apps […]

Continue Reading

07 March 2015 | 4,400 views

Santoku Linux – Mobile Forensics, Malware Analysis, and App Security Testing LiveCD

The word santoku loosely translates as ‘three virtues’ or ‘three uses’. Santoku Linux has been crafted with a plethora of open source tools to support you in three endeavours, mobile forensics, malware analysis and security testing. Boot into Santoku and get to work, with the latest security tools and utilities focused on mobile platforms such […]

Continue Reading

03 March 2015 | 2,376 views

Appie – Portable Android Security Testing Suite

Appie is a collection of software packages in a portable Windows format to help with Android security testing, specifically penetration testing Android applications. Appie since its latest release can also help with security assessments, forensics and malware analysis. It is completely portable and can be carried on USB stick or your smartphone. Appie was designed […]

Continue Reading

22 January 2015 | 2,048 views

Flash Zero Day Being Exploited In The Wild

This is not the first Flash Zero Day and it certainly won’t be the last, thanks to the Sandbox implemented in Chrome since 2011 – users of the browser are fairly safe. Those using IE are in danger (as usual) and certain versions of Firefox. It has been rolled into the popular Angler Exploit Kit, […]

Continue Reading

11 December 2014 | 1,413 views

Sony Digital Certs Being Used To Sign Malware

So at the end of November, Sony got owned, owned REAL bad – we wrote about it here: Sony Pictures Hacked – Employee Details & Movies Leaked. It seems in as a part of the massive haul of documents, the digital certificates used to sign software were also stolen. Which is bad, as you can […]

Continue Reading

27 August 2014 | 1,298 views

Twitter Patents Technique To Detect Mobile Malware

So it was discovered that Twitter has been granted a patent which covers detection of mobile malware on websites to protect its user base. The patent was filed back in 2012, but well – as we know these things take time. The method is something like the technology Google uses in Chrome to warn you […]

Continue Reading

13 August 2014 | 5,889 views

ParanoiDF – PDF Analysis & Password Cracking Tool

ParanoiDF is a PDF Analysis Suite based on PeePDF by Jose Miguel Esparza. The tools/features that have been added are – Password cracking, redaction recovery, DRM removal, malicious JavaScript extraction, and more. We have posted about a few PDF related tools before, including the one this tool is based on: – peepdf – Analyze & […]

Continue Reading

04 August 2014 | 3,905 views

Windows Registry Infecting Malware Has NO Files

This is a pretty interesting use of the Windows Registry and reminds me a little of the transient drive-by malware used last year against Internet Explorer that left no files either – Another IE 0-Day Hole Found & Used By In-Memory Drive By Attacks. The main difference being, that wasn’t persistent and as it lived […]

Continue Reading

16 July 2014 | 5,179 views

FakeNet – Windows Network Simulation Tool For Malware Analysis

FakeNet is a Windows Network Simulation Tool that aids in the dynamic analysis of malicious software. The tool simulates a network so that malware interacting with a remote host continues to run allowing the analyst to observe the malware’s network activity from within a safe environment. The goal of the project is to: Be easy […]

Continue Reading

02 July 2014 | 2,056 views

Microsoft’s Anti-Malware Action Cripples Dynamic DNS Service No-IP

So it looks like Microsoft has been a little heavy handed in this case, the case of dynamic DNS provider No-IP serving up malware. I would imagine most of us have utilised a dynamic DNS service at some point to map a dynamic IP address to a memorable domain. It seems that malware folks have […]

Continue Reading