Author Archives: Dancho Danchev

Dear blog readers,I’ve decided to share with everyone a currently active portfolio of E-Shops selling access to stolen credit cards including the necessary technical information to assist everyone in their cyber attack and cyber campaign attribution ef… Continue reading Exposing a Compilation of Stolen Credit Cards Selling Domains – An Analysis→

NOTE:I took these screenshots in 2009.It used to be a moment in time when scareware and pay per install affiliate-based revenue sharing fraudulent and malicious networks used to dominate the threat landscape as the primary monetization vector courtesy … Continue reading Exposing a Portfolio of YaBucks Pay Per Install Affiliate Network Scareware Serving Domains – An Analysis→

NOTE:I wrote this article in 2006.You’ve definitely witnessed the ongoing speculations on whether or not mobile malware represents the type of threat some vendors got accused of hyping. Malware authors have this unique position to follow the trend, und… Continue reading Mobile Malware – Hype or Threat? – An Analysis→

Dear blog readers,It’s a public secret that the majority of today’s modern Web sites rely on the use of CAPTCHA for proper user vs bot or automated software detection which in reality is a flawed and an outdated approach to protect a Web site and its v… Continue reading CAPTCHA is Dead! – Here’s the Proof→

Dear blog readers,I’ve decided to share a compilation of botnets-in-the-wild screenshots coming straight from the source namely various cybercrime-friendly forums internationally with the idea to raise everyone’s situational awareness on the current st… Continue reading Exposing a Compilation of Botnets-in-the-Wild Screenshots – An Analysis→

NOTE:I took these screenshots circa 2009.UPDATE:Here are some of the related botnet C&C server domains known to have been involved in the campaign:hxxp://cxim.inattack.ru/www3/www/hxxp://i.clusteron.ru/bstatus.phphxxp://203.117.111.52/www7/www/getc… Continue reading Who DDoS-ed Georgia/Bobbear.co.uk and a Multitude of Russian Homosexual Sites in 2009? – An OSINT Analysis→

I’ve recently came across this IC3 notification on Emennet Pasargad also known as Emennet Pasargad or Net Peygard Samavat and I’ve decided to further enrich the actual technical information provided with the idea to assist everyone in th… Continue reading Exposing "Emennet Pasargad/Eeleyanet Gostar/Net Peygard Samavat" Iran-Based Company on FBI’s Most Wanted Cybercriminals List – An OSINT Analysis→

Dear blog readers,I’ve decided to let everyone know that my new RSS feed is also available in XML and JSON.Enjoy! Continue reading My New RSS Feed – Part Two→

NOTE:I wrote this blog post in 2007.What’s so bad in being a mogul?Moguls are boringMoguls are predictableMoguls are biasedMoguls often use their company’s over-valued financial performance — excluding the initial investment — as a speaking platformI… Continue reading Spotting Moguls – An Analysis→

NOTE:I wrote this blog post in 2007. Articles starting that malware increased 450% during the last quarter – of course it’s supposed to increase given the automated polymorphism they’ve achieved thereby having anti virus vendors spend more money o… Continue reading Ten Signs It’s a Slow News Week – An Analysis→