Malware spread over Facebook - TrojanDownloader:Java/Carastavona.E

Earlier today, I stumbled upon a blogpost by Bitdefender which describes a malware sample that spreads across Facebook users:

http://www.hotforsecurity.com/blog/its-not-funny-facebook-users-tricked-into-bitcoin-mining-9263.html

I thought to give it a shot, since I have realized in my last article that reversing Java malware is quite funny, probably because it is easier and not that exhausting as looking over hundreds/thousands of lines of disassembled code. Unfortunately, the article doesn't give any hashes, just the file name of the malware sample which is named IMAG00953.zip.

Share:

Read more

Blitzanalysis: Embassy of Greece Beijing - Compromise

It's friday afternoon, I had a bit of free time and stumbled across this tweet by PhysicalDrive0 (thx!) two hours ago and thought to give it a try to finally add a new article to this Blog (first of 2014):

https://twitter.com/PhysicalDrive0/status/479921770838102017

So, I went to Google to search for the domain of the Embassy of Greece Beijing and added the (allegedly) malicious java file package that was found by PhysicalDrive0:

Share:

Read more