New malware strain we discovered could be the reason why your antivirus doesn’t work anymore. Especially if you have installed some popular software from not so legal distribution recently
Three measures of exploits, one of vulnerable drivers, half a measure of Delphi. Shake it very well until it's ice-cold, then add a large thin slice of VMProtect. Got it?
Reusing binary code from malware is one of my favorite topics. Binary re-engineering and being able to bend compiled code to your will is really just an amazing skill. Allow me to show you the way
Writing a debugger for VB6 P-code has been something I have always wanted to do. Come and let me show you, how far the rabbit hole goes.
Reversing the VB6 in general, and P-Code in particular, has always been a problem area. Let's reveal the inner depths of VB6 P-Code disassembly and the VB6 runtime
Code obfuscation is one of the cornerstones of malware. The harder code is to analyze the longer attackers can fly below the radar and hide the full capabilities of their creations. Code obfuscation techniques are very old and take many many...
This is part one in a series of posts that focus on understanding Visual Basic 6.0 (VB6) code, and the tactics and techniques both malware authors and researchers use around it.
Attacks on computer systems are constantly evolving. To be more flexible human operators sometimes get involved in the attacks. This is especially common for high value targets. As the human operator can use normal tools already installed on the...
One specific malware family emphasizes how easy it can be to lose your cryptocurrency coins. It is called HackBoss - a simple yet very effective malware that has possibly stolen over $560,000 USD from the victims so far. And it’s mainly being spread...
One of the goals of malware authors is to keep their creation undetected by antivirus software. One possible solution for this are crypters. A crypter encrypts a program, so it looks like meaningless data and it creates an envelope for this...