Clik here to view.
Yet another Andromeda / Gamarue analysis
Some days ago I read the post about Joe Security's error when they analyzed an Andromeda sample and I also found new samples of this Trojan. Then I decided that I should write something about it. At...
View ArticleClik here to view.
Spammed CVE-2013-2729 PDF exploit dropping ZeuS-P2P/Gameover
I am used to receive SPAM emails containing zips and exes, even "PDF files" with double extension (.pdf.exe), but some days ago I received an email with a PDF file attached, without any .exe extension...
View ArticleTravelling to the far side of Andromeda at Botconf 2015
It has been a while since I wrote the last time here and since I presented at Botconf, but I wanted to share my slides here too. A couple of weks after the sad terrorist attacks in Paris, Botconf was...
View ArticleClik here to view.
Dridex spam campaign using PDF as infection vector
p { margin-bottom: 0.21cm; }a:link { }During this month a Dridex spam campaign using PDF documents as infection vector was spotted. I also received a couple of e-mails in my personal inbox attaching...
View ArticleClik here to view.
Yet another Andromeda / Gamarue analysis
Some days ago I read the post about Joe Security's error when they analyzed an Andromeda sample and I also found new samples of this Trojan. Then I decided that I should write something about it. At...
View ArticleClik here to view.
Spammed CVE-2013-2729 PDF exploit dropping ZeuS-P2P/Gameover
I am used to receive SPAM emails containing zips and exes, even "PDF files" with double extension (.pdf.exe), but some days ago I received an email with a PDF file attached, without any .exe extension...
View ArticleTravelling to the far side of Andromeda at Botconf 2015
It has been a while since I wrote the last time here and since I presented at Botconf, but I wanted to share my slides here too. A couple of weks after the sad terrorist attacks in Paris, Botconf was...
View ArticleClik here to view.
Dridex spam campaign using PDF as infection vector
p { margin-bottom: 0.21cm; }a:link { }During this month a Dridex spam campaign using PDF documents as infection vector was spotted. I also received a couple of e-mails in my personal inbox attaching...
View Article
