Upload File

digital dumpster diving · pastebin a convenient way for cybercriminals to remotely host malware...

  • Home
  • Documents
  • Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
21

Upload: others

Post on 15-Mar-2020

4 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
Page 2: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and

Page 3: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
Page 4: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
Page 5: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
Page 6: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and

What about now?

Page 7: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
Page 8: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and

Sa

mp

le #

1

Page 9: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
Page 10: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
Page 11: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
Page 12: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
Page 13: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and

Sa

mp

le #

2

Page 14: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
Page 15: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
Page 16: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and

But let's try something different…

Page 17: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and

So what else is there?

Malware – DOS Executable:Regex: ^TV(oA|pB|pQ|qA|qQ|ro)\w+

TVoA | TVpB | TVpQ |

TVqA | TVqQ | TVro

Dark web Domains:

find({'contents': /\.onion/})

Credentials dump: Threat Intel / IOC:

• API Keys • Certificates • Malicious Scripts • Database

Page 18: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and

So How do you get started?❑ Scrapers and Bots:

❑ https://github.com/Critical-Start/pastebin_scraper

❑ https://github.com/kevthehermit/PasteHunter

❑ https://twitter.com/ScumBots

❑ https://twitter.com/dumpmon - Inactive

❑ Static Analysis tools:

❑ CyberChef - https://gchq.github.io/CyberChef/

❑ PE Studio - https://www.winitor.com/

❑ CFF Explorer - https://ntcore.com/?page_id=388

❑ dotPeek - https://www.jetbrains.com/decompiler/

❑ YARA - https://virustotal.github.io/yara/

Page 19: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and

https://twitter.com/n3onli8

Chandra Majumdar

CTO – ElevatedPrompt Solutions Inc

chandra-at-elevatedprompt.com

Thank You

Page 20: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and
Page 21: Digital Dumpster Diving · Pastebin a Convenient Way for Cybercriminals to Remotely Host Malware BLEEPINGCOMPUTER Home News Secwity RevengeRAT Distributed via Bitty, BlogSpot, and

TRACKING HOW CYBERCRIMINALS COMPROMISE WEBSITES TO SELL · 2016-02-01 · Tracking How Cybercriminals Compromise Websites to Sell Counterfeit Goods Advisor: Professor Tyler Moore

The Paradigm of Cybercriminals in Cameroon

Becoming Cybercriminals · Becoming Cybercriminals Incentives in Networks with Interdependent Security Aron Laszka and Galina Schwartz University of California, Berkeley Abstract

Bitty Books Short Vowel Word Families

Cybercriminals target credit card processing: Best

Disrupting and dismantling wildlife cybercriminals and ... · EU Wildlife Cybercrime Project Disrupting and dismantling wildlife cybercriminals and their networks in the European

Swashbuckling Adventure With The Itty-Bitty Buccaneer=093018 · A SWASHBUCKLING ADVENTURE WITH 2 THE ITTY-BITTY BUCCANEER A SWASHBUCKLING ADVENTURE WITH THE ITTY-BITTY BUCCANEER A

Monday - Absolute Dance...Monday Monday 4:15- Bitty Tap Alice in Wonderland: “The Unbirthday Song” Miss Emily Monday 5:15- Bitty/Blooming Jazz Peter Pan: “I Won’t Grow Up”

The itty bitty machine co., inc. Winter 1977 Catalogthebattles.net/oddments/ibmc/The_itty_bitty_machine... · 2009. 4. 17. · The our If you bitty machine W. Rd. US. POSTAGE . PAID

IBCM: The Itty Bitty Computing Machine

(nots o) Little Itty Bitty Book ooooffffthe the C.I.F.besteiroms.weebly.com/uploads/8/5/8/6/85864872/not_so_itty_bitty_book_of_the_cif.pdfLittle Itty Bitty Book ooooffffthe the C.I.F

A Behind the Scenes Look at Cybercriminals - Their Methods ...vox.veritas.com/legacyfs/online/veritasdata/11am... · A Behind the Scenes Look at Cybercriminals - Their Methods and

ITTY BITTY REACTIONS MathScience Innovation Center 2009

Bitty Booties

Itty Bitty Micro Company | | | Rochester, NY 14650 | | ITTY | | | | | BITTY ... · 2020. 10. 8. · Kodak, 3M, Xerox, Rochester Institute of Technology, and the other high-tech outfits

BOLSITA DECORADA. (YTTY BITTY BAG)

Phenomenal Cosmic Powers Itty Bitty Living Space! Cosmic... · 2020. 10. 21. · child. God almighty (phenomenal cosmic powers) IS that baby nursing at a virgin’s breast (itty bitty

APPLICATION LIST - security Distributor Deutschland ...de.security.westcon.com/documents/56164/Blue Coat_Packetshaper... · NW5-NCP OpenDrive Pastebin Perforce rsync Scribd ... UTI

QM Bitty Blocks: July’s Bitty Boats

Protect Yourself Against Today's Cybercriminals and Hackers

Developers vs Cybercriminals: Protecting your MMO from online crime

Itty Bitty Checklist

Trust among Cybercriminals? Carding Forums, Uncertainty ... · 2 Trust among Cybercriminals? Carding Forums, Uncertainty and Implications for Policing At the beginning of the 21st

How to Prevent Cybercriminals from Raining on Your Summer Fun

How’d That End Up On Pastebin - sector.ca Linn... · How’d That End Up On Pastebin Ryan Linn ... –Penetration Testing –Forensics ... • Web Application Firewalls • Web

Piercing the HawkEye: Nigerian Cybercriminals Use a Simple

my itty-bitty bio Davy Crockett Crockett - Emma E... · Davy Crockett Read all these itty-bitty bio titles: my itty-bitty bio introduces the youngest readers to important cultural

The Itty Bitty Telescope and Sidewalk Radio Astronomy

QM Bitty Blocks - Quilting Daily

itty bitty company 2012

Cybercriminals target online banking

Bitty Baby’s Wrap Blanket - All Things with Purpose€¦ · Bitty Baby’s Wrap Blanket Swaddle Me For 16” Dolls. Construct Pattern Tape Pages portrait , , and together horizontally

Bitty bambu 'wildflowers' collection public version

bitty barbie bites1

Fortinet 2013 Cybercrime Report Cybercriminals Today ... · FORTINET 2013 CYBERCRIME REPORT : Cybercriminals Today Mirror Legitimate Business Processes. Cybercriminal Pay Rates. Consulting