New IRC Launch

For anyone still into IRC, MalwareTech has partnered with sigterm.no to launch a new IRC network. It’s still fairly new so don’t expect an instant response, but everyone is welcome (socializing or just asking for help).

Easy Method
Simply use our web IRC client: https://irc.malwaretech.com/
Proper Method

The server requires SSL so you’ll need a client like mIRC (Windows), HexChat (Linux/Windows), or LimeChat (Mac). For windows (if you haven’t already), you may need to download and install OpenSSL.

Server: irc.malwaretech.com
Port: +6697 (Include the + for SSL)
Channel:     #MalwareTech
Mirc:     /server irc.malwaretech.com:+6697
HexChat:     /server -ssl irc.malwaretech.com 6697

(Tor, I2P, and Proxies are all allowed).

Welcome to IRC
Uncategorized
9
Why Open Source Ransomware is Such a Problem

A while back 2sec4u posted a poll asking if people considered open source ransomware helpful to detection and prevention, with 46% voting yes. Although the poll wasn’t limited to people working in the antimalware industry, 46% is scarily high. Trying to prove a point, help me out Twitter. Is open source ransomware helping …

Uncategorized
1
Mapping Mirai: A Botnet Case Study

Mirai is a piece of malware designed to hijack busybox systems (commonly used on IoT devices) in order to perform DDoS attacks, it’s also the bot used in the 620 Gbps DDoS attack on Brian Kreb’s blog and the 1.1 Tbps attack on OVH a few days later. Although Mirai isn’t even close to …

Uncategorized
1
Dridex Returns to the UK With Updated TTPs

With the exception of a few unconfirmed reports of Dridex targeting Baltic countries (which doesn’t make much sense economically), infection campaigns have ceased since mid August when Dridex briefly resumed spreading to propagate multiple new botnets aimed at Switzerland. This morning a friend of mine, Liam, reported receiving a malicious email which unusually didn’t …