Category Archives: 2015

BoxBotNet

This talk is about «Hosted Box Botnets». A hosted box botnet, is a botnet of compromised web servers, usually using vulnerabilities in CMS on low cost hosted servers. I have followed an indonesian group which operates this kind of botnets and resells access to these powned servers. The amazing thing

Sality

Sality is one of the longest-alive threats and probably the most underrated botnet ever. It made its first appearance in 2003 and is still active in 2015. There are more than 2 million active infections (as per 24 hours) and it has advanced features like a peer-to-peer botnet, a rootkit

Powered by JavaScript

Current capabilities of JavaScript turns the browser into the perfect host for a botnet agent. It can be compromised through different vectors, offers a wide range of functionalities, provides persistence and storage, communicates freely with many C&C channels, and behaves like a perfect pivoting point for further propagation into the

Butterfly Attackers

A corporate espionage group has compromised a string of major corporations over the past three years in order to steal confidential information and intellectual property. The gang, which Symantec calls Butterfly, is not-state sponsored, rather financially motivated. It has attacked multi-billion dollar companies operating in the internet, IT software, pharmaceutical,

« Older Entries Recent Entries »