Month: March 2012

Time to validate

The Mecca for security types is the Black Hat conferences. As security consultants, we always dream of attending, and can only aspire to one day be invited to present a paper at such a renowned event. As the concepts and techniques of Packetloop were evolving, […]

Read more

Not just a one-trick PonyDOS

Reversing the crypto used by the PonyDOS attack bot This blog post is the third installment in our ongoing series of articles exploring the crypto systems commonly found in various DDoS malware families.  In previous articles we covered the reversing of the Armageddon and Khan […]

Read more

Reversing the Wrath of Khan

Analysis of the crypto used by the Trojan.Khan DDoS bot  A recent blog post described our analysis of the crypto algorithm used by the Armageddon DDoS malware.  This article continues our ongoing series on reversing the crypto mechanisms used by contemporary DDoS botnets; our guest […]

Read more

It’s 2012 and Armageddon has arrived

Breaking Armageddon’s latest and greatest crypto reveals some interesting new functionality Armageddon is one of several notable Russian malware families that are designed exclusively for DDoS attacks; it has been on our radar screens for some time now. Its primary competitors within the market of […]

Read more