, an awesome company, by the way, and their mentat’s over there particularly have published some on the top botnets of and .  This allows us to focus efforts on the most prevalent threats and analyze and target C&C’s and code from particular campaigns.  Then we can focus real world intelligence on the mal actors. 

Unfortanately the industry has not started to publish individual background dossiers on the real world locations, personalities, and networks behind this stuff.  When it does happen I think you will see the rules of the game change when you shine the light on these bastards.

If you want to track some great progress in Cyberwar and CyberIntelligence, is a great place to start.

For now however I predict that we will continue to be pussys, ala not outing the Storm worm authors over there in StPetersburg who are protected by “unnamed political interests”  Big freaking deal, out them.  If this was done for every positive identification of malware author and crimeware campaign network and manager we could put intense FOCUS on these people and open them to attacks, prosecution and other kinds of white hat nastiness.  Of course intel/LE will poo poo say its our job, fail to apprehend or prosecute said actors or just sit and monitor them forever with no action whatsoever.

I would like to see some real action, the the BS where a 18 year old NewZealander gets busted for running a bot net and gets 2 years probation.  Hey guys, if you really want to solve the problem give me a shout.  I have a few ideas that havent crossed your cerebral cortex’s yet.

O yea.  Pull yer pants up.  This is what the Watchers are getting from you.  Here is a digital Aids quilt of pwned users desktops and all the cool stuff they are doing.


Malware infrastructure

February 4, 2009

A few techniques that have been around for a while are furthering the criminal enterprise and proving to be the bane of companies and consumers everywhere.  Here is a .

URL Shortening.  In order to get around browser capabilities that warn the user of a malicious domain, the links are getting rewritten to something more mundane and are more aesthetically pleasing to the eye from a social engineering perspective.


Also, new on the fast flux front, ICANN just released a pro’s and con’s.    120 pages of blather but some good nuggets inside.  Being an international organization obviously it cant make up its mind really what it wants to do as with most things Internet governance related.

From the side of the house a new was recently open sourced allowing for more sophisticated capabilities to get into the hands of every little malicious mind out there.  Mostly these backend Malware as a Service packages are trivial little PHP blobs with a MySql backend and copy pasted templates of drive by exploits, phishing and spam templates, and simplistic reporting.  Imagine what a real engineering effort could do.  5 developers and 3 million dollars should do the trick.  Just ups the game for everyone. 

In the meantime we continue to lose billions.  It would be interesting to see the comparison between War on Drugs, and the War on Cybercrime and intellectual property theft.  Of course the the biggest hack of all time is how our freaking country has deep sixed us and erased close to 10 trillion in net worth from the housing collapse, banking collapse, security derivative collapse, credit collapse, economic shrinkage, stock market collapse, income stagnation, skyrocketing national debt, hedge fund fraud, escalating foreclosures, rising unemployment (predicted at 10%) and the oncoming tidal wave of inflation.  Im sure I missed a nasty items in there but you get the point.

If you want to read more about our positive financial outlook you should check out  over at

And if you want to check out where we are going to be in the next 100 years check out this Genius (IMHO)


And why are we concerned about malware again?  O yea, its interesting.

Found a pretty cool that sums up a security point nicely.



Get every new post delivered to your Inbox.