RootSmart Android Malware Analysis

Android’s increasing popularity, combined with the possibility to create alternative markets, makes this platform a fertile ground for malware authors. While most of these applications just exploit the inexperience of the average user that is looking for free software, others are pretty smart and use more sophisticated techniques to take, and keep, control of the […]

Debugging Deadlocks on Android

Deadlocks are well known to be difficult to debug, especially when you’re dealing with a large amount of concurrent code. Fortunately on Android we have some tools that are more than useful to detect where a deadlock is happening. Debugging Deadlocks Probably in your developer life you’ll end up dealing with deadlocks at least a […]

Shylock via volatility

Shylock is a new Financial Malware, publicly reported for the first time on 7 September 2011. Additional informations on can be checked out from Mila’s blogpost http://contagiodump.blogspot.com/2011/09/sept-21-greedy-shylock-financial.html Tools Volatility MHL Malware Plugins Timeliner,RegistryApi, evtlogs Plugins Essay Memory Acquisition First step is the Memory Acquisition that can be accomplished essentially in two ways, depending essentially by […]

Morto Malware Analysis

Today we’re going to analyze Morto.A a malware which, in this weeks, is spreading in many Internet places. It’s a worm that allows unauthorized access to an infected computer and tries to compromise administrator passwords for Remote Desktop connections, through RDP protocol, on a network. Indeed this threat infecting computers by targeting accounts that have […]

Carberp Reverse Engineering

We are going to talk about Trojan Banker Carberp from a Reverse Engineering point of view. Carberp is a Botnet delivered in the usual ways of Blackmarket selling, designed to be a Trojan Spy and specifically a Banker similar to SpyEye and ZeuS, able to perform Man in the Browser attacks, steal victim credentials, kill […]