Author: Dennis Schwarz

Dennis Schwarz
Dennis Schwarz is a Research Analyst on Arbor's ASERT Team. His duties include analyzing emerging threats to Internet security, reverse engineering malicious code and communications protocols, developing policies for attack mitigation, and contributing to the continual improvement and automation of Arbor's internal threat analysis software infrastructure. Prior to Arbor, Dennis was an Intrusion Analyst with Dell SecureWorks where he analyzed and escalated network intrusions and malware infections for a large set of clients of all shapes and sizes. He holds a B.S. in Computer Science from Eastern Michigan University. Follow Dennis Schwarz on Twitter ‏ @tildedennis

Five Sinkholes of newGOZ

By Dennis Schwarz and Dave Loftus It has been a few weeks since news broke of the Zeus Gameover variant known as newGOZ. As has been reported, the major change in this version is the removal of the P2P command and control (C2) component in favor […]

Read more

Trojan.Eclipse — A Bad Moon Rising?

ASERT’s malware collection and processing system has automatic heuristics that bubble up potentially new and interesting DDoS malware samples into a “for human analysis” queue. A recent member of this queue was Trojan.Eclipse and this post is my analysis of the malware and its associated […]

Read more

A Business of Ferrets

Trojan.Ferret appeared on my radar thanks to a tweet by @malpush. The tweet revealed a URL that at the time of this writing was pointing to a command and control (C&C) panel that looked like this: The logo alone convinced me to study this business […]

Read more

Trojan.Prinimalka: Bits and Pieces

Trojan.Prinimalka is a banking trojan associated with an attack campaign that received quite a bit of press in October 2012. “Project Blitzkrieg” is “a new cybecriminal [sic] project aimed at recruiting 100 botmasters to help launch a series of lucrative online heists targeting 30 U.S. […]

Read more