An overview of Cythosia DDoS Bot

Cythosia v2 is a DDoS Botnet System has been published in BlackMarket Forums a while ago, we decided to publish an article shared on my private blog. Here at UIC R.E. Academy we strongly believe in … read more.

Artro Botnet Anatomy Overview

Following the idea of knowledge sharing, here another article taken from my private blog and shared for our readers. Some time ago, while talking with Roman from, we found it necessary to … read more.

Deobfuscating generic BlackHole 2 with JsADO

I wrote this article to describe how to use JsADO (JS-Auto-DeObfuscator), a little project that I'm developing so as automatically deobfuscate javascript code: JsADo hooks a js function as eval to get … read more.

DarkComet Analysis – Understanding the Trojan used in Syrian Uprising

On February 17th the CNN published an interesting article, where some Syrian’s regime opponents claimed that the government was using a Trojan to monitor and disrupt the protestor’s network. … read more.

Reverse Dxtory

It's been a while since reversing of .NET applications began. I still remember the first tutorials on the subject and the first targets for which changing a few bytes with an hex editor was enough to … read more.

RootSmart Android Malware Analysis

Android’s increasing popularity, combined with the possibility to create alternative markets, makes this platform a fertile ground for malware authors. While most of these applications just exploit … read more.

Debugging Deadlocks on Android

Deadlocks are well known to be difficult to debug, especially when you're dealing with a large amount of concurrent code. Fortunately on Android we have some tools that are more than useful to detect … read more.

Shylock via volatility

Shylock is a new Financial Malware, publicly reported for the first time on 7 September 2011. Additional informations on can be checked out from Mila's blogpost … read more.

Morto Malware Analysis

Today we're going to analyze Morto.A a malware which, in this weeks, is spreading in many Internet places. It's a worm that allows unauthorized access to an infected computer and tries to compromise … read more.

Carberp Reverse Engineering

We are going to talk about Trojan Banker Carberp from a Reverse Engineering point of view. Carberp is a Botnet delivered in the usual ways of Blackmarket selling, designed to be a Trojan Spy and … read more.