Hot Topics

Bart
Blaze's Security Blog

Notes on Linux/BillGates

| | bill.lock, bill.lod, BillGates, BillGates botnet, ddos, ELF, elf malware, gates.lock, gates.lod, linux malware, Linux/BillGates
In a previous blog post, I wrote some (extensive) notes on Linux/Xor.DDoS, also known as just Xor.DDoS, an interesting type of Linux malware.You can find that particular blog below, in which I give some history, details, remediation and prevention in regards to the specific threat Xor.DDoS poses:Notes on Linux/Xor.DDoSThis post ... Read More
Blaze's Security Blog
CrunchyRoll hack delivers malware

CrunchyRoll hack delivers malware

| | CrunchyRoll, CrunchyRoll DNS hijack, CrunchyRoll hack, crunchyroll hacked, CrunchyRoll malware, crunchyroll trojan, CrunchyViewer, meterpreter, Taiga
IntroductionThere's a Reddit post today with a PSA (Public Service Announcement) about Crunchyroll, a website that offers anime streaming, being hacked:PSA : Don't enter crunchyroll.com at the moment, it seems they've been hacked.As mentioned before, Crunchyroll offers anime streaming, and in their own words:Enjoy your favorite anime & manga at ... Read More
Blaze's Security Blog
Comparing EternalPetya and BadRabbit

Comparing EternalPetya and BadRabbit

| | Bad Rabbit, BadRabbit, badrabbit ransomware, EternalPetya, ExPetr, NotPetya, nyetya, Petna, Ransomware, ransomware outbreak
I've created a table comparing the EternalPetya (ExPetr, NotPetya, etc.) outbreak from June, and the BadRabbit ransomware outbreak from yesterday (2017-10-24).I have decided to not include WannaCry (WanaCrypt0r), as they are not related, while EternalPetya and BadRabbit do seem very closely related, or even developed by (a part of) the ... Read More
Blaze's Security Blog
Notes on Sage 2.2 ransomware version

Notes on Sage 2.2 ransomware version

| | Ransomware, sage, sage 2.2, sage ransom, sagecrypt
Sage, also known as SageCrypt, is an interesting ransomware variant - emerged somewhere in December last year, and is believed to be a variant of the CryLocker ransomware.There's a good blog post on BleepingComputer on the first version of Sage, id est "Sage 2".Yesterday, a personal friend of mine reached ... Read More
Blaze's Security Blog
Rick and Morty episode? Nope, another CoinMiner

Rick and Morty episode? Nope, another CoinMiner

| | coin miner, coinminer, crypto miner, Cryptocurrency Mining Malware, cryptominer, rick and morty, torrents are bad
Last week I got an email from someone requesting help in regards to a possible malware infection: that person downloaded a torrent, and believed it was a legitimate episode of Rick and Morty, an animated series.A file called Rick.and.Morty.S03E10.HDTV.x264-BATV.MKV.exe (116 MB in filesize) is of our interest and, what you'll notice first ... Read More
Blaze's Security Blog
Malicious ad/click networks: common or forgotten threat?

Malicious ad/click networks: common or forgotten threat?

| | ad fraud, ad networks, click networks, click-fraud, click-jacking, clickfraud, clickjacking, Farajallah, KovCoreG, Kovter, Maltego
IntroductionMalicious ad/click networks and ad fraud are not entirely a new phenomenon, but it is important to realize the kind of threat it may pose. Is it a common, or forgotten threat? Maybe both.In this blog post, we'll take a look at how a seemingly innocuous click network and advertiser, ... Read More
Blaze's Security Blog

Secure Guardrails