Decoding Zeus 2.9.6.1 dynamic config

I got a look on the zeus builder who was released by the MMBB guy on exploit.in, finally i'm decided to write something about it, so let's talk about the change in the config encryption.MD5: 0a05783316e7f765e731aadf5098564fThis version use AES instead of RC4 and can interact with the latest version of…

Decoding Zeus 2.9.6.1 dynamic config

I got a look on the zeus builder who was released by the MMBB guy on exploit.in, finally i'm decided to write something about it, so let's talk about the change in the config encryption.MD5: 0a05783316e7f765e731aadf5098564fThis version use AES instead of RC4 and can interact with the latest version of…

Decoding Zeus 2.9.6.1 dynamic config

I got a look on the zeus builder who was released by the MMBB guy on exploit.in, finally i'm decided to write something about it, so let's talk about the change in the config encryption.MD5: 0a05783316e7f765e731aadf5098564fThis version use AES instead of RC4 and can interact with the latest version of…

Decoding Zeus 2.9.6.1 dynamic config

I got a look on the zeus builder who was released by the MMBB guy on exploit.in, finally i'm decided to write something about it, so let's talk about the change in the config encryption.MD5: 0a05783316e7f765e731aadf5098564fThis version use AES instead of RC4 and can interact with the latest version of…

Troj/WowSpy-A

Recently a malware who target World of Warcraft got identified.This threat is known as Disker, Mal/DllHook-A or Trojan.Siggen5.64266 and can steal player accounts even if they use a Battle.net Authenticator.Yes, this is another post about password stealer mawlare...  There is no option to retain password on the WoW client.The method…

Troj/WowSpy-A

Recently a malware who target World of Warcraft got identified.This threat is known as Disker, Mal/DllHook-A or Trojan.Siggen5.64266 and can steal player accounts even if they use a Battle.net Authenticator.Yes, this is another post about password stealer mawlare...  There is no option to retain password on the WoW client.The method…

Troj/WowSpy-A

Recently a malware who target World of Warcraft got identified.This threat is known as Disker, Mal/DllHook-A or Trojan.Siggen5.64266 and can steal player accounts even if they use a Battle.net Authenticator.Yes, this is another post about password stealer mawlare...  There is no option to retain password on the WoW client.The method…

Troj/WowSpy-A

Recently a malware who target World of Warcraft got identified.This threat is known as Disker, Mal/DllHook-A or Trojan.Siggen5.64266 and can steal player accounts even if they use a Battle.net Authenticator.Yes, this is another post about password stealer mawlare...  There is no option to retain password on the WoW client.The method…

Jolly Roger Stealer

Friend Kafeine have already do a post on it, although someone recently sent me a url on my cybercrime tracker.. i give a f%$k• dns: 1 ›› ip: 178.162.193.24 - adresse: LOADER.ISTMEIN.DEBot statistic:CPU "Arhitecture"Task:Search module:HTTP:Mail:Create task:Task statistic:I haven't looked at a sample because i don't have it but sound very…

Jolly Roger Stealer

Friend Kafeine have already do a post on it, although someone recently sent me a url on my cybercrime tracker.. i give a f%$k• dns: 1 ›› ip: 178.162.193.24 - adresse: LOADER.ISTMEIN.DEBot statistic:CPU "Arhitecture"Task:Search module:HTTP:Mail:Create task:Task statistic:I haven't looked at a sample because i don't have it but sound very…

Jolly Roger Stealer

Friend Kafeine have already do a post on it, although someone recently sent me a url on my cybercrime tracker.. i give a f%$k• dns: 1 ›› ip: 178.162.193.24 - adresse: LOADER.ISTMEIN.DEBot statistic:CPU "Arhitecture"Task:Search module:HTTP:Mail:Create task:Task statistic:I haven't looked at a sample because i don't have it but sound very…