2012, DNS, Hacking and Malware - Cyber Security Informer

2012

DNS

Hacking

Malware

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

The Mylobot malware includes more than 1,000 hard-coded and encrypted domain names, any one of which can be registered and used as control networks for the infected hosts. BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. The website BHProxies[.]com com on Mar.

Accountability

Accountability Advertising Marketing Malware

Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia

Security Affairs

JUNE 9, 2022

Other techniques employed by the APT group include DLL hijacking, Themida-packed files, and DNS tunneling to evade post-compromise detection. Luring users into double-clicking a fake Anti-Virus to execute malware in the victim’s host. The malware sets the auto start function with the value “EverNoteTrayUService”.

Malware

Malware DNS Encryption Education

Join 29,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Trending Sources

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

As detailed in my 2014 book, Spam Nation , Spamdot was home to crooks controlling some of the world’s nastiest botnets, global malware contagions that went by exotic names like Rustock , Cutwail , Mega-D , Festi , Waledac , and Grum. I can not provide DNS for u, only domains.

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

PurpleFox botnet variant uses WebSockets for more secure C2 communication

Security Affairs

OCTOBER 20, 2021

” The MSI package first removes registry keys associated with the old Purple Fox installations if any are present, then it replaces the components of the malware with new ones. SecurityAffairs – hacking, PurpleFox botnet). “The goal is to install the MSI package as an admin without any user interaction.”

Encryption

Encryption DNS Architecture Firewall

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

re network uses at least two free VPN services to lure its users to install a malware-like software that achieves persistence on the user’s computer,” the researchers wrote. “Using the internal router, it would be possible to poison the DNS cache of the LAN router of the infected node, enabling further attacks.”

VPN

VPN Computers and Electronics Antivirus Software

Analyzing the APT34’s Jason project

Security Affairs

JUNE 6, 2019

Security expert Marco Ramilli has analyzed the recently leaked APT34 hacking tool tracked as Jason – Exchange Mail BF. which according to Microsoft documentation dates back to 2012. I am a computer security scientist with an intensive hacking background. WebService.dll assemply version.

Computers and Electronics

Computers and Electronics Penetration Testing DNS Passwords

Necurs Botnet adopts a new strategy to evade detection

Security Affairs

MARCH 4, 2019

Necurs botnet is currently the second largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan. SecurityAffairs – Necurs botnet, hacking). ” concludes the post.

DNS

DNS Banking Advertising Ransomware

DDoS attacks in Q2 2021

SecureList

JULY 28, 2021

The malware creators promoted their brainchild on a specially set-up YouTube channel and Discord server, where they discussed DDoS attacks. This malware is of interest for its use of infected devices as honeypots. It is linked to a vulnerability in DNS resolvers that allows amplification attacks on authoritative DNS servers.

DDOS

DDOS DNS IoT Marketing

Cyber mercenaries group DeathStalker uses a new backdoor

Security Affairs

DECEMBER 5, 2020

DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. The backdoor uses multiple tricks to evade detection and leverages DNS over HTTPS (DoH) to communicate with its C2 server, using Cloudflare responders.

DNS

DNS Phishing Antivirus Encryption

Threat Trends: Firewall

Cisco Security

OCTOBER 19, 2021

There are other protection mechanisms, such as Malware Defense , that can block further threats. Much of this traffic is comprised of suspicious DNS queries, which point to known or likely Command and Control sites. DNS BIND information disclosure attempts were also commonly encountered. CVE-2012-0391. CVE-2012-2998.

Firewall

Firewall Authentication DNS Accountability

Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol

Security Affairs

OCTOBER 26, 2018

Security expert Antonio Pirozzi, director at ZLab malware lab at Cybaze firm, presented at the EU Cyber Threat Conference in Dublin conducted a research along with Pierluigi Paganini (aka @securityaffairs ), about how crooks could abuse blockchain for malicious purposes. Added Paganini. Explained Pirozzi.

DNS

DNS Malware Advertising Technology

Iranian Threat Actors: Preliminary Analysis

Security Affairs

JANUARY 15, 2020

Bonupdater, Helminth, Quadangent and PowRuner are some of the most sophisticated Malware attributed to OilRig and analyzed over the past few years. APT33 showed destruction intents by using Malware such as shamoon and stoneDrill , while Muddy mostly wants to “ backdooring ” the victims. CopyKittens.

Computers and Electronics

Computers and Electronics Penetration Testing Malware Government

NSO mobile Pegasus Spyware used in operations in 45 countries

Security Affairs

SEPTEMBER 18, 2018

Pegasus is a surveillance malware developed by the Israeli surveillance NSO Group that could infect both iPhones and Android devices, it is sold exclusively to the governments and law enforcement agencies. Earlier August, Citizen Lab shared evidence of attacks against 175 targets worldwide carried on with the NSO spyware. COUNTRY NEXUS.

Spyware

Spyware Mobile Surveillance DNS

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

1834 — French Telegraph System — A pair of thieves hack the French Telegraph System and steal financial market information, effectively conducting the world’s first cyberattack. 1870 — Switchboard Hack — A teenager hired as a switchboard operator is able to disconnect and redirect calls and use the line for personal usage. .

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

Who’s Behind the Botnet-Based Service BHProxies?

Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia

Webinars

Trending Sources

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Webinars

PurpleFox botnet variant uses WebSockets for more secure C2 communication

A Deep Dive Into the Residential Proxy Service ‘911’

Analyzing the APT34’s Jason project

Necurs Botnet adopts a new strategy to evade detection

DDoS attacks in Q2 2021

Cyber mercenaries group DeathStalker uses a new backdoor

Threat Trends: Firewall

Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol

Iranian Threat Actors: Preliminary Analysis

NSO mobile Pegasus Spyware used in operations in 45 countries

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Stay Connected