Author Archives: Dancho Danchev

Who would have thought? An IRC based botnet that’s directly syndicating remotely exploitable flaws and actually scanning for them using an IRC based bothet? Takes you back doesn’t it? This has been a daily practice since practically 2008 and I’ve decid… Continue reading A Peek Inside a Milw0rm Syndicating Remote Execution Flaws Exploitable IRC Scanning Botnet – An Analysis→

Who would have thought? A mass SQL injection scanning and remotely exploitable including fuzzing capabilities built-in IRC-based botnet? I’ve decided to share with everyone some sample screenshots on the process with the idea to raise everyone’s awaren… Continue reading A Peek Inside a Mass SQL Injection Scanning and Exploiting IRC Botnet – An Analysis→

With basic iFrame injecting scripts making their rounds back in 2008 including their use and participation in actual crowd-sourced DDoS attack campaigns internationally I’ve decided to share with everyone a sample screenshot of a sample iFrame DDoS scr… Continue reading A Peek Inside a DIY iFrame Embedded DDoS Attack Script Targeting Iran-Based Web Sites – An Analysis→

Dear blog readers,I’ve decided to share with everyone several sample screenshots of the infamous Spack web malware exploitation kit with the idea to raise everyone’s awareness on the ease of use and easy to implement mass client-side exploitation tools… Continue reading A Peek Inside the Spack Web Malware Exploitation Kit – An Analysis→

Dear blog readers,I’ve decided to share with everyone yet another post part of the “an image is worth a thousand words” blog posts series. Takes you back doesn’t it? In this post I’ve decided to share with everyone a never released and published before… Continue reading A Peek Inside A Web Malware Exploitation Kit – An Analysis→

Dear blog readers,In need of a decent example of a sophisticated spam tool that’s truly capable to bypass any web site’s anti-spam defense including basically any known CAPTCHA including to also automate the process to the point where the actual bad gu… Continue reading A Peek Inside the Xedant Human Emulator Spam Tool – An Analysis→

Who would have thought? It’s an unknown period of time within the cybercrime ecosystem and I’ve decided to share exclusive screenshots of the infamous Xrumer spam tool which basically used to and continues to dominate the spam marketplace by possessing… Continue reading A Peek Inside the Xrumer Spam Tool – An Analysis→

Who would have thought? Takes you back doesn’t it? As I’ve been going deep inside my old threat intelligence archive circa 2008 I’ve decided to share with everyone several never published or released before screenshots of the Zalupko accounting data st… Continue reading A Peek Inside the Zalupko Accounting Data Stealing Malicious Software Botnet – An Analysis→

I’ve decided to share with everyone some actionable intelligence on one of the Russian Business Network’s primary franchise networks in Turkey namely AbdAllah Internet Hizmetleri which back in the day used to be responsible for some pretty decent … Continue reading Exposing Russian Business Network’s Mykhaylo Sergiyovich Rytikov’s AbdAllah Internet Hizmetleri Bulletproof Hosting Provider on U.S Secret Service’s Most Wanted Cybercriminals List→

I’ve just came across to a currently circulating Cobalt Strike serving malicious software campaign and I’ve decided to share the details with everyone reading this blog.Original malware hosting location: hxxp://bsctech[.]ac[.]th/css/43[.]exeMD5: d… Continue reading Exposing a Currently Active and Spreading Cobalt Strike Serving Malicious Software Campaign→