Kins origin malware with unique ATSEngine.

Uncovering a C&C server used by hackers to control the infected victims. The malware analyses done on victim’s machines reveals that malware from KINS family is targeting specific Italian bank users with ATSEngine, with capability to dynamic inject a code in the victims browser and managing the “drops” in full automatic way. The attack campaign is ongoing right now and we recovered hacked accounts. Beside that we reveal the “drops” used to collect the stolen money from the customers.

Continue reading “Kins origin malware with unique ATSEngine.” →

One Shot Eight Banks

Another compromised hostname “https://xxx.com” is acting like drop-zone for stolen data from eight different Italian banks. The analysis of this drop-zone reveal a custom web application focused for info stealing. They steal a credit card details from the infected users using a phishing attack.

Continue reading “One Shot Eight Banks” →

Target List of Hesper-BOT Malware

The attack is alive and the amount of the targeted banks is very large, the C&C networked servers have more entry points making them redundant against the takedowns. The analaysed sample has more than 1450 bank hostname’s.

Continue reading “Target List of Hesper-BOT Malware” →

Innovation Awards 2014 Winner is Cloud Puzzle Lock

I am pleased to inform that my idea about Cloud Puzzle Lock win the Reply Innovation Awards 2014.
I like to thanks to all voters and supporters.
Special thanks to my team members Davide, Nicola and Alessandra.

Continue reading “Innovation Awards 2014 Winner is Cloud Puzzle Lock” →