
Search found 86 matches
- Thu Nov 10, 2016 11:15 am
- Forum: Malware
- Topic: Point-of-Sale malwares / RAM scrapers
- Replies: 244
- Views: 857811
Re: Point-of-Sale malwares / RAM scrapers
No PDO in XXI century? 

- Thu Nov 10, 2016 11:09 am
- Forum: Malware
- Topic: Android Malware(All Android malware goes here)
- Replies: 104
- Views: 181818
Re: Android Malware(All Android malware goes here)
@Antelox, thanks mate 
Was SHA256, my bad...

Was SHA256, my bad...
- Thu Nov 10, 2016 9:25 am
- Forum: Malware
- Topic: Android Malware(All Android malware goes here)
- Replies: 104
- Views: 181818
Re: Android Malware(All Android malware goes here)
Anybody can get this sample?
SHA1 = e5df30b41b0c50594c2b77c1d5d6916a9ce925f792c563f692426c2d50aa2524
Source https://blog.fortinet.com/2016/11/01/an ... media-apps
SHA1 = e5df30b41b0c50594c2b77c1d5d6916a9ce925f792c563f692426c2d50aa2524
Source https://blog.fortinet.com/2016/11/01/an ... media-apps
- Wed Mar 12, 2014 8:59 pm
- Forum: Malware
- Topic: Point-of-Sale malwares / RAM scrapers
- Replies: 244
- Views: 857811
Re: Point-of-Sale malwares / RAM scrapers
I think that's the style of the panel author not Dexter's author.
- Sat Feb 01, 2014 5:57 pm
- Forum: Malware
- Topic: Point-of-Sale malwares / RAM scrapers
- Replies: 244
- Views: 857811
Re: Point-of-Sale malwares / RAM scrapers
Did a little quick work on Chewbacca. Very simple malware, tor proxy and a basic memory parser and keylogger. Gets public IP accessing http://ekiga.net/ip/ (service disabled now), scans memory then sends plain-text base64-encoded data to a PHP panel under a TOR .onion domain to two scripts: 1. sendl...
- Sat Feb 01, 2014 11:59 am
- Forum: Malware
- Topic: Point-of-Sale malwares / RAM scrapers
- Replies: 244
- Views: 857811
Re: Point-of-Sale malwares / RAM scrapers
Any good info/sample on new 'ChewBacca'? MD5: 21f8b9d9a6fa3a0cd3a3f0644636bf09 https://blogs.rsa.com/rsa-uncovers-new-pos-malware-operation-stealing-payment-card-personal-information/ https://www.securelist.com/en/blog/208214185/ChewBacca_a_new_episode_of_Tor_based_Malware http://threatpost.com/chew...
- Sat Jan 25, 2014 4:47 pm
- Forum: Malware
- Topic: Point-of-Sale malwares / RAM scrapers
- Replies: 244
- Views: 857811
Re: Point-of-Sale malwares / RAM scrapers
Agree, he doesn't even have a real LUHN procedure to check, only the name.Xylitol wrote:Decebal coder is retarded.
4744870016311111 is invalid luhn and the procedure behind check if the number is luhn valid so he don't even need to put this one on the 'blacklist' in theory.
- Fri Jan 24, 2014 1:10 pm
- Forum: Malware
- Topic: Point-of-Sale malwares / RAM scrapers
- Replies: 244
- Views: 857811
Re: Point-of-Sale malwares / RAM scrapers
Look mom, I'm famous, lol 
Inside Decebal src posted above.

Code: Select all
sListaNeagra(26) = "4744870016311111" 'exitthematrix pos trigger
- Thu Jan 02, 2014 11:49 am
- Forum: Malware
- Topic: Trojan.Skimer.18 - Trojan.Skimer.17
- Replies: 2
- Views: 4275
Re: Trojan.Skimer.18 - Trojan.Skimer.17
Is this malware targeting specific ATM software?
- Wed Dec 18, 2013 9:13 pm
- Forum: Malware
- Topic: Malicious firefox extension performing SQL attacks
- Replies: 10
- Views: 6657
Re: Malicious firefox extension performing SQL attacks
grum is a known malware seller and a ripper also (see TF and other forums)