No Recent Activity
About garage4hackers

Basic Information


Total Posts
Total Posts
Posts Per Day
General Information
Join Date
View garage4hackers's Blog

Recent Entries

Reversing Tinba: World's smallest trojan-banker DGA Code

by garage4hackers on 09-21-2014 at 05:37 PM

CSIS Security Group A/S has uncovered a new trojan-banker family which we have named Tinba (Tiny Banker) alias “Zusy”.

Tinba is a small data stealing trojan-banker. It hooks into browsers and steals login data and sniffs on network traffic. As several sophisticated banker-trojan it also uses Man in The Browser (MiTB) tricks and webinjects in order to change the look and feel of certain webpages with the purpose of circumventing

Read More


Is NetTraveler APT managed by PLA Military Camp in Lanzhou [China] ???.

by garage4hackers on 08-30-2014 at 12:31 PM
Here we are providing a detail Analysis about Netravelr APT team based on the data we collected over the past 1 year.

In 2014 the actors behind global cyber espionage campaign “Operation NetTraveler” celebrate ten years of activity. NetTraveler has targeted more than 350 high-profile victims in 40 countries. So it is high time we make our research public . This is not an individual research, instead this was part of efforts of various Garage4hackers

Read More

Updated 08-30-2014 at 12:35 PM by garage4hackers


Tutorial: Reverse Engineering GameoverZeus DGA code

by garage4hackers on 08-29-2014 at 06:23 PM
DGA : Is it Game Over for GameoverZeus DGA

GameoverZeus was brought down and it reincarnated again. The Gameover Zeus is a very authentic contender in our DGA series. So let us analyse it and try to reverse its DGA just like we did in case of PushDO in last article.

We got lot of request whether we could have a tutorial on reverse engineering DGA codes. So in this series we would

Read More


Reverse Engineering : Domain generation for PushDo Malware algorithm released.

by garage4hackers on 08-26-2014 at 01:36 AM
DGA : The domain generation for PushDo unleashed

About pushdo:

Four times since 2008, authorities and technology companies have taken the prolific PushDo malware and Cutwail spam botnet offline. Yet much like the Energizer Bunny, it keeps coming back for more.

In early March, researchers at Damballa discovered a new version of the malware that had adopted a domain generation algorithm (DGA) in order to not only help

Read More

Updated 08-26-2014 at 01:41 AM by garage4hackers