The Latest Malware

Virus/Trojans/Worms/Rootkits Discussion

Find the Best Malware from 2018 here:


Hajime Botnet Reaches 300,000 Hosts With No Malicious Functions

Hajime Botnet Reaches 300,000 Hosts With No Malicious Functions

This is not the first IoT heavy botnet, Mirai takes that title, the interesting part is the Hajime botnet appears to be benign. So far no malicious functions have been detected in the codebase, other than the ability to replicate itself and block other malware, Hajime seems to have no DDoS or offensive mechanisms. Hajime […]

Topic: Hardware Hacking, Malware
BEURK - Linux Userland Preload Rootkit

BEURK – Linux Userland Preload Rootkit

BEURK is an userland preload rootkit for GNU/Linux, heavily focused around anti-debugging and anti-detection. Being a userland rootkit it gives limited privileges (whatever the user has basically) vs a superuser or root level rootkit. Features Hide attacker files and directories Realtime log cleanup (on utmp/wtmp) Anti process and login detection Bypass unhide, lsof, ps, ldd, […]

Topic: Linux Hacking, Malware
yarAnalyzer - Yara Rule Analyzer and Statistics Generator

yarAnalyzer – Yara Rule Analyzer and Statistics Generator

yarAnalyzer is a Python-based YARA rule analyzer that can also generate statistics from yara rulesets. It also has an inventory creation feature that can output a CSV file detailing the rules. It creates statistics on a YARA rule set and files in a sample directory. Place some signatures with .yar extension in the “signatures” folder […]

Topic: Malware, Security Software
Malware Writers Using Exclusion Lists To Linger

Malware Writers Using Exclusion Lists To Linger

It seems malware writers using exclusion lists is not something new, but it’s still concerning people. To me it’d be a pretty obvious avenue, especially if you were crafting something a little more nefarious than average – like APT malware (Advanced Persistent Threat) tools. Definitely a chicken and egg problem, especially with Windows if you […]

Topic: Malware
Androguard - Reverse Engineering & Malware Analysis For Android

Androguard – Reverse Engineering & Malware Analysis For Android

Androguard is a toolkit built in Python which provides reverse engineering and malware analysis for Android. It’s buyilt to examine * Dex/Odex (Dalvik virtual machine) (.dex) (disassemble, decompilation), * APK (Android application) (.apk), * Android’s binary xml (.xml) and * Android Resources (.arsc). Androguard is available for Linux/OSX/Windows (Python powered). Features Map and manipulate DEX/ODEX/APK/AXML/ARSC […]

Topic: Forensics, Malware