From website-locker to DDoS: Rex !

In May 2016, Softpedia wrote an article about a Drupal web ransomware. This malware exploits an SQL Injection on CMS Drupal, changes admin credentials and asks for bitcoins to unlock content. After locking the website, a malware is executed on the server: After this ends, the last uploaded file is a binary file written in... Continue Reading →

When ELF.BillGates met Windows

If you are used to play with honeypots, you have inevitably met the ELF.BillGates malware. It is a known[1] botnet spread over Internet for 4 years. In a nutshell, ELF.BillGates is a (Chinese) DDOS botnet with backdooring features. It is a binary file with many behaviors depending on the installation path[2]: Gate 0: Infection Monitor... Continue Reading →

Blog at WordPress.com.

Up ↑