fudPE is not your ordinary malware packer. Unlike the malware we normally analyze on this blog, fudPE did not originate from the private criminal youtube-exploit-kit-distributing malwarehole dubbed “HackForums”. fudPE only appeared on HF after having established a presence on other underground forums such as exploit.in. Today we will analyze a payload crypted by fudPE, which […]

Read more

Today we will take a look at Anon Hacks, a new threat that only arrived in Early 2017. The threat can be found at hxxps://www.youtube.com/channel/UCTgfS2E9Pll8HZjIEmvEyPw. We will look at one of the APTs distributed by this threat actor today, Anon Booter.exe Sample information: MD5: 6e202a803b6f139206d1afbc70962f5e SHA1: 2a7fb32ad232e37c4eb267971193d5616c304bd8 File Type: x86 .NET Assembly Virustotal: https://www.virustotal.com/en/file/f7ad57f7b4339be5d153be997a77d98c8217c47aa9112ad0892104764f462b77/analysis/1499839535/ After a scan with […]

Read more

Despite the previous takedown of BotSquad’s leaders’ communication network (which is based on the P2P encrypted network known as “Discord” and “YouTube”), BotSquad has once more made a comeback. This time, they are still using the same communication protocols, however they have added new cybersoldiers to their arsenals, namely “CORRUPT”, a malware developer based in […]

Read more

CrypterPig is a new rising crypting service on the deepweb cyberweapon forums dubbed “HackForums”. Costing a tremendous amount of $4/crypt, this crypter poses a huge threat by allowing APTs such as Darkcomet and Babylon to bypass AV solutions. But is there more behind the service? Today, the KrabsOnSecurity Investigation Team (K.I.T) will explore the story […]

Read more

‘Tis I, Mr. Krabs, who has returned once more in all his glory. The site was sadly inactive during the last month due to in real life constraints and other reasons, but has now returned, fresh and beautiful. Old contents shall be available here, and fresh contents will be published constantly regarding rising threat actors from […]

Read more