Tag Archives: Malware

Windshift: Malware Recycled

By | October 5, 2018

A recently published deck (PDF) by Abu Dhabi-based DarkMatter’s Taha Karim draws an interesting conclusion: that an Indian cybersecurity group called Appin, active a few years ago, was either targeted by an advanced APT group (and its tools stolen), or its tools stolen by a rogue employee, or that its tools were sold to a third party. The… Read More »

Phishy Facebook Emails

By | October 28, 2011

Facebook phishes are getting better. Compare this one: and this: Notice how the key bit, supposedly defining that it’s a legit email, is successfully and convincingly faked: The only difference that stands out is the domain: facebookembody.com. Although Google classified it as spam they didn’t warn that it would go to a website that contains malware. So be… Read More »

Southeast Asia’s Viral Infection

By | August 30, 2011

Southeast Asia is fast developing a reputation as the most dangerous place on the Internet. It’s not a reputation the region can afford to have. By one count Thailand has risen to be the country with the most number of malware infections, by one account, and by another to be the second, all in the past few months.… Read More »

The New Attack: Penetrate and Tailor

By | August 11, 2011

In its latest security report Cisco identifies a trend I hadn’t heard of before with malware writers: Closer inspection of those computers they’ve successfully penetrated to see whether there’s something interesting there, and then if there is targeting that company (or organisation) with a more tailored follow-up attack: Attackers can—and do— segregate infected computers into interest areas and… Read More »

Taking Shady RAT to the Next Level

By | August 4, 2011

I know I’ve drawn attention to this before, but the timeline of McAfee’s Operation Shady RAT by Dmitri Alperovitch raises questions again about WikiLeaks’ original data. Alperovitch points out that their data goes back to mid-2006: We have collected logs that reveal the full extent of the victim population since mid-2006 when the log collection began. Note that the actual… Read More »