Skip to main content

Posts

Showing posts with the label malware analysis

Botnet analysis based on IRC network

With one of my many honeypots actived around the world wide web, I discovered an interesting script written with the famous Perl programming language. This Perl script is a malware used to remotely control a machine, opening what is technically called backdoor. If this malicious program runs on multiple machines, there is a possibility that the attacker may have created a botnet. At first, a botnet is a network controlled by a bots master and composed of devices infected with specialized malware, called bots or zombies (“Computer zombie”). Devices connected to the Internet within which there are vulnerabilities in their infrastructure can sometimes become part of the botnet, even if they do not have the malware installed. Through the backdoor, the botmaster can control the system via remote access. Thus infected computers can launch attacks, named, Distributed Denial of Service against other systems or perform other illicit operations. How it works is relativ...

A Practical Analysis of the Ledger Phishing Email

Attempts at phishing and social ngineering attacks have increased exponentially as of late, especially towards users who are active in the cryptocurrency space. Recently, there has been much discussion about a cunning attempt by phishers against Ledger and its users. In this article, we’ll dissect: How Ledger devices secure your Bitcoin and other cryptocurrencies What makes it, and other hardware wallets, vulnerable to phishing attacks Exactly how this phishing attack was executed, from spoofing the email to obtaining the assets The mechanisms attackers used to entice victims to install a fake client update How the client worked, from high-level concept to the internals of the Electron App What made it all possible: Where the attackers obtained the data, and the lackluster disclosure A note of caution: Never share the seed or private keys of your wallet! Starting from the beginning Before proceeding into a deeper analysis of the situation, it is appropriate t...