Author Archives: Dancho Danchev

A video is worth a thousand words. Continue reading A Video of How Cybercriminals Configure Firefox to Access NAB’s E-Banking System→

A video is worth a thousand words.  Continue reading A Video of Using the Che Anti-Browser Fingerprinting Browser and BeenVerified To Commit Online Fraud – Part Three→

A video is worth a thousand words. Continue reading A Video of Using the Che Anti-Browser Fingerprinting Browser and BeenVerified To Commit Online Fraud→

The 911 S5 Proxies-as-a-Service was a prolific proxy service that was utilizing botnets to offer a very good degree of anonymity for the actions of its users online which often includes web sites scraping proxy chaining to avoid detection and improve t… Continue reading The 911 S5 Proxy Botnet→

In the following post I’ll profile the Gaza Hackers Team.Sample photos:Primary group’s domains:hxxp://gaza-hacker.comhxxp://hacker.pshxxp://gaza-hacker.nethxxp://gaza-hack.orghxxp://gaza-hack.infohxxp://xhackerx.comhxxp://gaza-hack.comhxxp://gaza-hacke… Continue reading Profiling the Gaza Hackers Team→

This analysis is based on this Wired.com story.Sample Gmail accounts known to have been involved in the campaign include:jagdish.meshraam@gmail.comdrsnehapatil64@gmail.comsinhamuskaan04@gmail.comjennifergonzales789@gmail.compayalshastri79@gmail.comSamp… Continue reading Exposing an Indian Police Spyware Cyber Operation→

Dear blog readers,I’ve recently intercepted a currently circulating spamvertised campaign enticing users into interacting with a Powershell script ultimately tricking them into downloading and executing malicious software on their hosts.Upon execution … Continue reading Spamvertized Github Powershell Malicious Software Executing Campaign Spotted in the Wild→

In this analysis we’ll take a look at the Internet connected infrastructure of U.S Secret Service’s most wanted cybercriminal with a $10M reward Danil Potekhin using a variety of tools in terms of connecting the dots using current real time and histori… Continue reading An OSINT Profile of U.S Secret Service’s Most Wanted Cybercriminal Danil Potekhin→

Dear blog readers,The following is a compilation of dynamic DNS providers in specific ones used by APTs and various other targeted campaign obtained using public sources. Sample dynamic DNS service provider domains known to have been involved in variou… Continue reading Dynamic DNS Service Providers for APT Command and Control (C&C) – An Analysis→

Dear blog readers,I’ve decided to continue my post on Bulgaria’s Circles commercial spyware vendor which I profiled here in depth which appears to be heavily affiliated with the Intellexa Commercial Spyware Consortium, the Predator Spyware and NSO Grou… Continue reading The Intellexa Commercial Spyware Consortium, The Predator Spyware, NSO Group and Bulgaria’s Circles Commercial Spyware Vendor→