Author Archives: Dancho Danchev

As I’ve recently came across several mainstream news articles on the use of Google AdSense to serve malware I’ve decided to share several screenshots circa 2008 which basically demonstrate the process.Sample screenshots include:Stay tuned! Continue reading A Peek Inside a Google AdSense Rogue and Bogus Advertisement Campaign Impersonating Legitimate Software – An Analysis→

An image is worth a thousand words.Sample screenshots include:Stay tuned! Continue reading A Peek Inside a Gallery of Fake Security Software Circa 2008 Screenshots – An Analysis→

Takes you back doesn’t it? What used to be a daily reality back in 2008 namely the use of iFrame injected scripts on major Web properties basically forwarding the redirecting legitimate traffic to client-side exploits serving web malware exploitation k… Continue reading A Peek Inside the Internet Explorer Zero Day Exploits Serving Campaign Affecting Thousands of Legitimate Sites Circa 2008 – An Analysis→

As I’ve recently came across several mainstream news articles on the use of Google AdSense to serve malware I’ve decided… Continue reading A Peek Inside a Google AdSense Rogue and Bogus Advertisement Campaign Impersonating Legitimate Software – An Analysis→

Who would have thought? A mass SQL injection scanning and remotely exploitable including fuzzing capabilities built-in IRC-based botnet? I’ve decided to share with everyone some sample screenshots on the process with the idea to raise everyone’s awaren… Continue reading A Peek Inside a Mass SQL Injection Scanning and Exploiting IRC Botnet – An Analysis→

Dear blog readers,I’ve decided to share with everyone several sample screenshots of the infamous Spack web malware exploitation kit with the idea to raise everyone’s awareness on the ease of use and easy to implement mass client-side exploitation tools… Continue reading A Peek Inside the Spack Web Malware Exploitation Kit – An Analysis→

Who would have thought? An IRC based botnet that’s directly syndicating remotely exploitable flaws and actually scanning for them using an IRC based bothet? Takes you back doesn’t it? This has been a daily practice since practically 2008 and I’ve decid… Continue reading A Peek Inside a Milw0rm Syndicating Remote Execution Flaws Exploitable IRC Scanning Botnet – An Analysis→

With basic iFrame injecting scripts making their rounds back in 2008 including their use and participation in actual crowd-sourced DDoS attack campaigns internationally I’ve decided to share with everyone a sample screenshot of a sample iFrame DDoS scr… Continue reading A Peek Inside a DIY iFrame Embedded DDoS Attack Script Targeting Iran-Based Web Sites – An Analysis→

Dear blog readers,I’ve decided to share with everyone yet another post part of the “an image is worth a thousand words” blog posts series. Takes you back doesn’t it? In this post I’ve decided to share with everyone a never released and published before… Continue reading A Peek Inside A Web Malware Exploitation Kit – An Analysis→

Dear blog readers,In need of a decent example of a sophisticated spam tool that’s truly capable to bypass any web site’s anti-spam defense including basically any known CAPTCHA including to also automate the process to the point where the actual bad gu… Continue reading A Peek Inside the Xedant Human Emulator Spam Tool – An Analysis→