Category: Malware

Detect STRRAT Malware With Zeek And Suricata

August 31, 2024

Join me in learning how to detect the STRRAT malware family with Zeek and Suricata. Corelight Blog: https://corelight.com/blog/newsroom/news/strrat-malware Source Code: https://github.com/corelight/zeek-strrat-detector 00:00:10:18 – 00:00:37:17Dr. Keith JonesHey, welcome. We’re going to talk about…
Detect Gozi Banking Malware With Zeek!

May 1, 2024

Join the Old Grizzled FBI Agent to hear how to detect the Gozi Banking Malware Family with Zeek! Corelight Blog: https://corelight.com/blog/gozi-banking-malware Transcript: 00:00:10:47 – 00:00:41:11Old Grizzled FBI AgentHi there. This is your…
Detecting AsyncRAT Malware C2 With Zeek And Suricata

April 26, 2024

Please join the “Old Grizzled FBI Agent” to hear how you can detect the AsyncRAT malware family with Suricata and Zeek! Corelight blog: https://corelight.com/blog/newsroom/news/hunt-of-the-month-detecting-async-rat-malware Zeek: https://zeek.org/ Source code: https://github.com/corelight/zeek-asyncrat-detector Transcript: 00:00:00:10 –…
Hacking JFK Airport’s Taxi Service

March 4, 2024

Join me this week to hear about two individuals who made over a quarter million dollars from fellow cabbies with assistance from their Russian hacker friends! This is eCrimeBytes.com Season 3, Episode…
Hacking With Sebastien Raoult From ShinyHunters – Act 2: The Pokey

January 23, 2024

Join me to hear about how three Frenchmen from the ShinyHunters hacking group hacked over 60 companies to take home some “good booty”. This is eCrimeBytes Season 3 Episode 3 – Hacking…
Hacking With Sebastien Raoult From ShinyHunters – Act 1: The French Connection

January 22, 2024

Join me to hear about how three Frenchmen from the ShinyHunters hacking group hacked over 60 companies to take home some “good booty”. This is eCrimeBytes Season 3 Episode 3 – Hacking…
Analyzing QBot/QakBot Malware With Zeek

August 16, 2023

In this short article I’ll outline some analysis I performed on the QBot/QakBot malware family with Zeek. I took a look at the following PCAPs from this family of malware, hoping to…
A Gozi Banking Malware Detector – Zeek Roulette #3

July 27, 2023

I had talked about Gozi malware in our eCrimeBytes podcast here: Last Man From Gozi Banking Malware Group Sentenced To Three Years – eCrimeBytes Nibble #51 In my technical real life job…
Last Man From Gozi Banking Malware Group Sentenced To Three Years – eCrimeBytes Nibble #51

July 13, 2023

The last individual charged was sentenced for the Gozi banking malware. Mihai Ionut Paunescu, a/k/a “Virus,” a dual Romanian and Latvian national was sentenced to three years. The Justice department’s press release…
Three Russians Charged And Arrested For Conspiring To Commit Lockbit Ransomware Attacks – eCrimeBytes Nibble #50

July 11, 2023

Ransomware causes a lot of damage, but rarely are those associated with it caught. Well, in this case three Russians were charged and one was arrested! Ruslan Magomedovich Astamirov was arrested and…