Collaborate Disseminate
It goes without saying that evasive maneuvering is at the top of a hacker’s priority list. Most often, they try to evade detection by obfuscating their malicious code to make it unreadable to the naked eye.
In our recent post we demonstrated how… Continue reading Obfuscated WordPress Malware Dropper
Our security analyst Moe Obaid recently found yet another variation of a web skimmer script injected into a Magento database.
The malicious script loads the credit card stealing code from qr201346[.]pw and sends the stolen details to hxxps://gooogleta… Continue reading Web Skimmer with a Domain Name Generator
I decoded some of the original traffic from hex and got the below output. I’m not sure how to decode it further. Any help? Thanks.
T=2020-04-10+13:27:30.758+PST&L=i&M=[g2tray]&N=22&X=6/A3eZDCME9jCLvH9D6cciMZAFUWx2xUayI+JAb… Continue reading Can someone decode this for me?
The .OFX Open Financial Exchange File is a file format created for financial data exchanges between financial institutions.
I was wondering if in the IT security realm, such a file format exists.
My goal would be to use and customize it … Continue reading Industry secure file format like .OFX Open Financial Exchange File [closed]
I’ve been looking into ethical hacking recently and I’ve been really struggling to create a truly fully undetectable payload that evades AV (Windows Defender I’m fine at avoiding.) I’ve tried various options (listed below) and none so far … Continue reading Creating a fully undetectable Payload [closed]
This is my first malware analyis, so apologies for my probably noob-like question.
I’m having a look at a website running an outdated version of Wordpress which was hacked. The Website runs on a shared hosting.
I managed to identify the … Continue reading How to deobfuscate malicious PHP code [duplicate]
Suppose a totalitarian government (in the name of anti-terrorism / protection of intellectual property):
has outlawed encryption itself – encryption is only approved for cases where the state has reviewed the design and made sure it can … Continue reading Is there any existing obfuscation scheme that makes cipher text indistinguishable from plain text? [migrated]
I have a car loan and wanted to make a payment through their website. To enroll for online payments, it asks for the last 4 numbers of my social security number, birth date and account number, but when I type those fields, it’s in plain te… Continue reading Banking App With Sensitive Info In Plain Text
I published the following diary on isc.sans.edu: “Simple but Efficient VBScript Obfuscation“: Today, it’s easy to guess if a piece of code is malicious or not. Many security solutions automatically detonate it into a sandbox by security solutions. This remains quick and (most of the time still) efficient to have a first
[The post [SANS ISC] Simple but Efficient VBScript Obfuscation has been first published on /dev/random]
Continue reading [SANS ISC] Simple but Efficient VBScript Obfuscation
We recently discovered malware that spread through injecting malicious code into Windows executable files; in other words, a virus. It is the first “living” virus in recent years that we have spotted in the wild. We named it KBOT. Continue reading KBOT: sometimes they come back