Thank you for viewing our blog archive. These are all links for posted articles (with the Japanese dates..please bear with it). Notes:
The feed is dynamically generated using JavaScript, please turn it on, the process may take time a bit. Since feed has limit, you probably can not seeing all of the posts. Only the published records are being included in the list.
Archive:
【2024年 6月】
19日|
MMD-0069-2024 - An old ELF Ransomware pivoted crypto (OpenSSL to PolarSSL) Linux/Encoder.1-219日|
MMD-0068-2024 - "FHAPPI Campaign" (APT10) FreeHosting APT PowerSploit Poison Ivy【2021年 3月】
03日|
MMD-067-2021 - Recent talks on shellcode analysis series at R2CON-2020, ROOTCON-14 2020 from HACK.LU-2019【2020年 2月】
24日|
MMD-0066-2020 - Linux/Mirai-Fbot - A re-emerged IoT threat【2020年 1月】
15日|
MMD-0065-2020 - Linux/Mirai-Fbot's new encryption explained【2019年 10月】
28日|
More about my 2019.HACK.LU Keynote talk【2019年 9月】
28日|
MMD-0064-2019 - Linux/AirDropBot21日|
MMD-0063-2019 - Summary of 3 years MMD research (Sept 2016-Sept 2019)【2017年 3月】
08日|
MMD-0062-2017 - Credential harvesting by SSH Direct TCP Forward attack via IoT botnet 【2016年 12月】
03日|
MMD-0061-2016 - EnergyMech 2.8 overkill mod【2016年 10月】
30日|
MMD-0060-2016 - Linux/UDPfker and ChinaZ threat today29日|
MMD-0059-2016 - Linux/IRCTelnet (new Aidra) - A DDoS botnet aims IoT w/ IPv6 ready14日|
MMD-0058-2016 - Linux/NyaDrop - a linux MIPS IoT bad news【2016年 9月】
06日|
MMD-0057-2016 - Linux/LuaBot - IoT botnet as service01日|
MMD-0056-2016 - Linux/Mirai, how an old ELF malcode is recycled.. 【2016年 8月】
24日|
MMD-0055-2016 - Linux/PnScan ; ELF worm that still circles around【2016年 6月】
07日|
MMD-0054-2016 - ATMOS botnet facts you should know【2016年 5月】
09日|
[Slide|Video] Kelihos & Peter Severa; the "All Out" version【2016年 4月】
16日|
MMD-0053-2016 - A bit about ELF/STD IRC Bot: x00's CBack aka xxx.pokemon(.)inc【2016年 2月】
07日|
MMD-0052-2016 - Overview of "SkidDDoS" ELF++ IRC Botnet03日|
MMD-0051-2016 - Debunking a tiny ELF remote backdoor (shellcode shellshock part 2)【2016年 1月】
12日|
MMD-0050-2016 - Incident report: ELF Linux/Torte infection (in Wordpress)09日|
MMD-0049-2016 - A case of java trojan (downloader/RCE) for remote minerd hack05日|
MMD-0048-2016 - DDOS.TF = (new) ELF & Win32 DDoS service with ASP + PHP/MySQL MOF webshells【2015年 12月】
24日|
MMD-0047-2015 - SSHV: SSH bruter ELF botnet malware w/hidden process kernel module21日|
MMD-0046-2015 - Kelihos 10 nodes CNC on NJIIX, New Jersey USA, with a known russian crook who rented them04日|
MMD-0045-2015 - KDefend: a new ELF threat with a disclaimer【2015年 11月】
23日|
MMD-0044-2015 - Source code disclosure of bunch of SkiDDoS ELF malware【2015年 9月】
18日|
MMD-0043-2015 - Polymorphic in ELF malware: Linux/Xor.DDOS06日|
MMD-0042-2015 - Hunting Mr. Black IDs via Zegost cracking03日|
MMD-0041-2015 - Reversing PE Mail-Grabber Spambot & its C99 WebShell Gate【2015年 8月】
29日|
MMD-0040-2015 - Dissecting & learning about VBE Obfuscation & AutoIt Banco Trojan22日|
MMD-0039-2015 - ChinaZ made new malware: ELF Linux/BillGates.Lite11日|
MMD-0038-2015 - ChinaZ and ddos123.xyz【2015年 7月】
16日|
MMD-0037-2015 - A bad Shellshock & Linux/XOR.DDoS CNC "under the hood"05日|
MMD-0036-2015 - KINS (or ZeusVM) v2.0.0.0 tookit (builder & panel source code) leaked.01日|
MMD-0035-2015 - .IptabLex or .IptabLes on shellshock.. sponsored by ChinaZ actor【2015年 6月】
26日|
MMD-0034-2015 - New ELF Linux/DES.Downloader on Elasticsearch CVE-2015-1427 exploit24日|
MMD-0033-2015 - Linux/XorDDoS infection incident report (CNC: HOSTASA.ORG)20日|
MMD-0032-2015 - The ELF ChinaZ "reloaded"【2015年 4月】
07日|
MMD-0031-2015 - What is NetWire (multi platform) RAT?【2015年 1月】
14日|
MMD-0030-2015 - New ELF malware on Shellshock: the ChinaZ【2014年 11月】
08日|
China ELF botnet malware infection & distribution scheme unleashed【2014年 10月】
07日|
MMD-0029-2014 - Warning of Mayhem shellshock attack【2014年 9月】
29日|
MMD-0028-2014 - Linux/XOR.DDoS : Fuzzy reversing a new China ELF 26日|
MMD-0027-2014 - Linux/Bashdoor(GafGyt) & Small ELF Backdoor at shellshock15日|
Tango down report of OP China ELF DDoS'er13日|
MMD-0026-2014 - Linux/AES.DDoS: Router Malware Warning | Reversing an ARM arch ELF【2014年 8月】
24日|
Another country-sponsored #malware: Vietnam APT Campaign11日|
A protest! What's bad stays bad. Legalized any badness then you'll ruin the faith..【2014年 6月】
16日|
MMD-0025-2014 - ITW Infection of ELF .IptabLex & .IptabLes China #DDoS bots malware11日|
MMD-0024-2014 - Recent Incident Report of Linux/Mayhem (LD_PRELOAD) libworker.so "Mayhem" Linux malware botnet attack in Joomla! VPS09日|
DDoS'er as Service - a camouflage of legit stresser/booter/etc02日|
A journey to abused FTP sites (story of: Shells, Malware, Bots, DDoS & Spam) - Part 2【2014年 5月】
31日|
A journey to abused FTP sites (story of: Shells, Malware, Bots, DDoS & Spam) - Part 128日|
Sample sharing for #MalwareMustDie ELF analysis23日|
MMD-0023-2014 - Linux/pscan & Linux/sshscan: SSH bruter malware: A payback with attacker's email disclosure.22日|
Video tutorial to extract, kill, debug & traffic capture ELF .so shared library malware that's using LD_PRELOAD18日|
MMD-0022-2014 - Zendran, Multi-Arc ELF DDoS (lightaidra ircd base) - Part 1: background, installation, reversing & CnC access13日|
MMD-0021-2014 - Linux/Elknot: China's ELF DDoS+backdoor08日|
MMD-0020-2014 - Analysis of Linux/Mayhem infection: A shared DYN libs malicious ELF: libworker.so【2014年 4月】
09日|
MMD-0019-2014 - When a hacker got hacked - xakep.biz evil tools03日|
MMD-0018-2014 - Analysis note: "Upatre" is back to SSL? 【2014年 3月】
23日|
MMD-0017-2014 - A post to sting Zeus P2P/Gameover crooks :))【2014年 2月】
25日|
Tango Down: The takedown of 209,306 .IN.NET Nuclear Pack DGA domains24日|
Case Study: How legitimate internet services like Amazon AWS, DropBox, Google Project/Code & ShortURL got abused to infect malware【2012年 10月】
29日|
The crusaders' note : Suspected JS/RunForrestRun aka PseudoRandom's NEW bad actor scheme is on going..29日|
The crusaders' note: Found the CNC of TrojDownloader/Backdoor/Spy in GoDaddy29日|
The crusaders' note : New BHEK2 actor spreads Zbot P2P sets22日|
(Updated) A tale of mass infection of BHEK2 "border.htm" during ddos storm - Changes in JAR detected - Payload : Cridex - Malware Crusaders Logs19日|
Decoding Multilayer JavaScript Packed Deobfuscation Code - Daily Log of Malware Crusaders..15日|
Evil App: Russian FruitNinja - #Android Backdoor Analysis07日|
[Updated] Fuzzy in Manual Cracking New PseudoRandom (JS/runforestrun?xxx=) Infector01日|
How EVIL the PHP/C99Shell can be? From SQL Dumper, Hacktools, to Trojan Distributor Future?【2012年 9月】
30日|
Chinese Malvertisement of OnlineGame Trojan/InfoStealer by Expoiting CVE-2012-1889 (MS-XML bugs MS12-043)22日|
Following a lead of "Suspected" Blackhole2 - New changes in plugin detect PDF's infection method, PDF/JavaScript codes 20日|
"Geek" Way in Reversing #CVE-2010-1885 Infection via PluginDetect Script/Blackhole EK (85.17.165.22)18日|
Monitoring a BlackHole Exploit Kit Services & Infectors (Target: 203.91.113.6) 16日|
A peek into "qaqipwel.ru" a Malicious Domain Redirector with Pseudo/Dynamic IP - Infector to RedKit Exploit Kit16日|
Slight changes detected in shellcode & dropper works of Blackhole Exploit Kit (landing page: 203.91.113.6 / mothership: 146.185.220.34)13日|
Once upon a time with 62.152.104.149's undetected CVE-2012-4681 HTML infector (+full set of JAR payload infection)09日|
A discovery of an undetectable ZeuS/Spyware Trojan by following a lead of Blackhole Infection via Spam06日|
When #malware infector goes to Cloud: Trojan Banker in Free Cloud Storage - MediaFire06日|
Racing with time to get the latest payload of Blackhole Exploit Kit04日|
Cracking of Strong Encrypted PHP / IRC Bot (PBOT) with TCP / UDP (DoS) Flooder + Backdoor (bt.php)02日|
Important - Blackhole Exploit Kit starts dropping undetectable payloads via OS detect plugin script-dropper01日|
Malware Hunting Log - JS/PseudoRandom infected cufon.js in Wordress01日|
Hunting Log - PHP/RemoteAdmin01日|
Malware Hunting - Write Reports as Hunting PoC01日|
Suspicious Movement in ASN40034 (infector to tr2.4voip.biz & fwdservice.com)01日|
Understanding Recent Blackhole Exploit Kit's "js.js" Infector Trend for Smart Hunting01日|
Pseudo Randoms Infector URL - An idea to grep it (a logical bug to be used)01日|
What can Exploit Kit do & drop? Full story of spam to malwares【2012年 8月】
31日|
Payloads URI die hard - Blackhole Exploit Kit31日|
(Updated) Beware of the BABYLON, Adware that spreads like Exploit Kit30日|
Undetected Orange Exploit Kit Infector30日|
What Orange Exploit Kit Dropped30日|
Fake Flash Updater presented by #blackhole30日|
New Blackhole HTML Infector found30日|
Interesting Idea: (Pastebin) How to stop Blackhole Exploit Kit by using its vulnerability29日|
#MalwareMustDie - Day1 Opening Day Report28日|
The raise of "MalwareMustDie!" (TL;DR)