Category: threat analysis

DD4BC DDoS Extortion Threat Activity

For the last year or so, an individual or organization calling itself DD4BC (‘DDoS for Bitcoin’) has been rapidly increasing both the frequency and scope of its DDoS extortion attempts, shifting target demographics from Bitcoin exchanges to online casinos and betting shops and, most recently, to prominent financial […]

Read more

Five Sinkholes of newGOZ

By Dennis Schwarz and Dave Loftus It has been a few weeks since news broke of the Zeus Gameover variant known as newGOZ. As has been reported, the major change in this version is the removal of the P2P command and control (C2) component in favor […]

Read more

Illuminating The Etumbot APT Backdoor

The Arbor Security Engineering Response Team (ASERT) has released a research paper concerning the Etumbot malware. Etumbot is a backdoor used in targeted attacks since at least March 2011. Indicators suggest that Etumbot is associated with the Numbered Panda group, also known as IXEHSE, DynCalc, […]

Read more

The Best Of Both Worlds – Soraya

By Matt Bing & Dave Loftus Arbor Networks’ ASERT has recently discovered a new malware family that combines several techniques to steal payment card information. Dubbed Soraya, meaning “rich,” this malware uses memory scraping techniques similar to those found in Dexter to target point-of-sale terminals. […]

Read more

5 Minutes with Threat Analysis

Packetloop’s Threat Analysis feature allows you to step through attacks play by play to accurately confirm indicators of compromise with real evidence. This screencast follows on from my last post “From Indicators of Compromise to Smoking Guns“. As you can see security analysts have the […]

Read more