SPL exploit kit – now with CVE-2013-0422


Once in few days  I see some new stuff (for me, of course) and Google cannot answer me with enough details 🙂

So URLquery named it SPL Exploit kit, and almost no additional info about it present. Weird? Yep.

So me and @nsmfoo had  a look at it, to see what we can learn.

Well, first of all, as I understand, name to this EK was given based on some tech specs, that return in each installation detected. Since then tech details slightly changed, but major idea is the same.

Ok, lets begin…

Read more…

Tags :     

FakeAV: “System Progressive Protection” inside out.


Yesterday my client was attached by some malware. And [censored] antivirus was unable to protect him.

[twitter link in WP not working, will check tomorrow]

So I had a free time to have a look on it.

Meet “System Progressive Protection”:

Read more…

“Security Shield” Fake Antivirus


Since all the IT world busy with new release of BHEK, here some not BHEK stuff Ж)

Start point was sent by the friend with remark – “…maybe BHEK2”?

Let’s see 🙂

Read more…

Meet “Live Security Platinum”


This story begin  at one of my previous posts about Anti-forensics tricks that Malware Distributors use:

“Malware delivery system – few recent tricks”

But, suddenly, I wasn’t ready that time to handle something that smart. As a result – server died before I was able to infect my computer successfully.

Lesson learned 🙂 Now I made few tools that speed-up the process, and as I said – it’s easier to walk, when You know the path.

So, after a week, I found same malware system and tracked it down 🙂

Read more…

Tags :