August 17th, 2009

Twitter Being Used As Botnet Command Channel

Ah Twitter in the news again, the bad guys sure do keep up with new trends. After being taken offline for a while by a Joejob DDoS attack Twitter is in the news again – this time it’s being used as the command channel for a Botnet.
The normal method for controlling Botnets is via an [...]

July 30th, 2009

Chinese Firm Writes First SMS Worm

Ah another first, and once again China is at the forefront! We recently reported about a Chinese company sharing their huge malware database and now a group of Chinese companies has managed to develop the first SMS worm!
It’s a pretty cool concept, abusing the Symbian Express Signing procedure. It reminds me of the heydays of [...]

July 16th, 2009

Chinese Company Shares Huge Malware Database

We need more companies like this that acknowledge hoarding data isn’t doing anything for the greater good, to really stamp out the core problems you have to share the data you’ve correlated across the World so everyone can put together what they have and do something about it.
It seems like with China pumping out the [...]

May 5th, 2009

Torpig Botnet Hijacking Reveals 70GB Of Stolen Data

We did mention Torpig in passing back in January 2008 when talking about the Mebroot rootkit which digs down deep into the Master Boot Record.
It seems like Torpig has been pretty active since then and the latest break is that some security researchers have managed to infiltrate the botnet and collect some data on what [...]

April 10th, 2009

Conficker Finally Awakes & Dumps Payload

So it seems something big was brewing with Conficker, they just didn’t want to do what everyone expected and unleash it on April 1st when all eyes were on them.
Smart move really, they kept quiet and waited a week or so after before dropping some fairly serious and complex payloads (encrypted rootkits).
It seems like they [...]

April 6th, 2009

How to Scan for Conficker Worm

A bit of an update to the conficker worm that is supposedly scheduled for new updates and instructions today wednesday 1st. April 2009 and that nobody except for the bad guys knows what those instructions would be. Fyodor has rolled out a new nmap beta release to the nmap scripting engine that enables it [...]

April 2nd, 2009

Conficker Day – April 1st – Uneventful

So the big Conficker scare of April 1st has passed without any real events, no major sites taken down, no major online terror campaigns spawned.
Just a new more sophisticated, harder to stop version of Conficker updating from a longer list of domains.
It seems like this malware might be here to stay and infecting more and [...]

March 18th, 2009

New Conficker Variant More Aggressive

Conficker has gotten quite a lot of news recently with it growing so fast and Microsoft offering a bounty for the authors.
It seems like the Conficker authors are really serious about retaining control of their botnet and expanding it further without hindrance from the companies trying to stop them.
It’s quite likely they are netting some [...]

January 15th, 2009

Next-Gen Botnets Taking The Place of Storm and Srizbi

Back in November there was a considerable drop in Spam when Spam friendly ISP McColo was cut off from the Internet by it’s upstream peer.
Srizbi worm was pretty smart though and was picking up again by the end of November. Later in the year the botnets were somewhat neutralised leading to a huge drop in [...]

November 26th, 2008

Spam Back on the Rise with Srizbi Resurrected

After McColo was partially disconnected from the Internet by it’s peers global spam dropped noticeably.
It seems however that the spam was emanating from a zombie network and the control servers were hosted by McColo, the creators of the botnet (Srizbi) were smart about it though and built a fail-safe system into the the malware.
It should [...]


Sitemap - ShaolinTiger - DigiSniper - Digital Photography
Shutter Asia Photography Forum - We Ate This