Just noticed several pump&dump scams that dropped in my inbox. The attachment seems to be usually named “detail invoice” or “detail report<random numbers>, and being in the Excel .xls format. (more…)
I’m seeking 1 or 2 person(s) to write entries here. I don’t need the typical BS entries that plaque the blogs (”This week, I’ve been mostly eating thawed chickens”, anyone?) What I need is someone who loves to pick packers and malwares apart and who is prepared and capable of putting the process into writing. There are no quotas to meet in writing: write what you want when you want as long as it’s got something to do with malwares / packers / reverse engineering, and as long as you don’t do anything illegal. So, if you have the morals and integrity as well as capability, contact me with a short introduction of yourself: what you do and so on. And add a few links or snippets of what you’ve written. Mails should be sent to toni(_at_)teamfurry.com
Cheers!
You might have heard of a malware called Nuclear Grabber before. It’s a nasty trojan, written by a russian malware writer called Corpse, that’s designed to be a flexible data stealing platform. Nuclear Grabber is sold on a russian site for a hefty price, and each sold version is unique and private. (more…)
For some reason I’m seeing quite a many hits from Korea within a 24 hour timeframe seeking for nspack unpacking instructions. If there’s anyone who has a theory I’d love to hear it :) You can send any info to toni(_at_)teamfurry.com
Ever thought what kind of stuff you keep on your clipboard when you browse the network?
Maybe you keep your account numbers/usernames/passwords in a separate files, and copy/paste them to webpages when you need to. But do you clear the clipboard after that?
Excerpt:
The Change Analysis Diagnostic simplifies the identification of recent
changes to computers running Windows XP. The diagnostic checks for
recent changes to the following:
• Operating system components, such as patches, that are installed as
hotfixes or downloads from Windows Update.
• Installed application entries listed in the Add or Remove Programs
control panel.
• All kernel mode device and file system drivers.
• Browser helper objects loaded by Internet Explorer.
• ActiveX controls loaded by Internet Explorer.
• Programs loaded automatically during Windows XP startup.
• Programs and Dynamic Link Libraries (DLLs) loaded when an application
starts.
For complete article see:
Microsoft downloads
http://support.microsoft.com/kb/924732
I was recently creating a lightweight program to track botnet update commands. Currently it can connect to an IRC server, join a channel there and monitor the update commands. Every time it sees a certain update command it gives me a nice popup on the URL.
Originally, the program was 4096 bytes long, and I got interested on how small I can make it.
Currently the size is 2048 bytes, and if I have more time I’ll try to shave a few bytes off of it ;)
Quite a small for an IRC bot, eh?
Update (24.2.2007, 00:10 GMT+2):
The size is now 1639 bytes :)
The original article is in swedish, sorry :) Basically, they are trying to push through a law that would allow the FRA (The local military intelligence) to listen on all internet traffic going through Swedish borders. Will be interesting to see how it falls through.