Browser Locker - Email Spam

Analysis of a spam campaign involving a fraudulent Facebook password reset request. Following the link in the email results in the user arriving at a browser locking page. A user who is not familiar with this type of malicious page may fall victim to a typical tech support scam. The malicious pages in this campaign are not sophisticated. If the user has not clicked anywhere on the page, they can simply navigate away. If they have, the page will become full screen, and it will require the use of keyboard shortcuts to open a task manager and terminate the browser process.

...read more

Spyware - Quick Malware Analysis

A quick static analysis of a RAT/Spyware sample. The sample contains nasty functionality including keyboard/mouse logging, webcam capture and network traffic monitoring. The sample was not executed. Basic dynamic analysis indicated that the malware would require a genuine internet connection, and my current lab environment is designed to use an isolated network served by InetSIM. It may be necessary to execute this malware to more easily determine network based indicators. As discussed below, there are many indications that the malware will communicate with an external IP address, but it appears that this address(es) or URLs are decrypted at runtime.

...read more

Free Paypal Money - Analysis of Email Spam

The email received (multiple times the week of July 17th) purported to be from an individual (always different female names) who had sent me the amount of $3,543.00 via Paypal. The email requests that I log in and withdraw it immediately. I expected the link to be a Paypal phishing site. However the link was to a domain www[dot]thecoach2017[dot]com. The page consisted of a video ad for a "21 step millionaire mentorship" program. At the end of the advertisement, a link was presented to me to sign up for one of the "100 remaining" slots. Better act fast..

...read more

Nest Thermostat and Amazon Alex Skill

An Amazon Echo "Alexa" skill providing users with full control over their Nest Learning Thermostat. The Skill was written in Java, utilizing the Nest API, and deployed to an Amazon Lambda server. A comprehensive and robust speech model and sample utterance set were developed for natural interaction and ease of use. A stand alone web service and accompanying website were developed for user account creation, "Works with Nest" linking, Alexa Skill linking, and account management.The webservice provided an API for the Alexa skill to pass the user's identifying credentials and receive his or her Nest API access key, as well as thermostat information in return. The Skill was published to the Amazon Alexa Skill Store, as well as the official Works

...read more

Copyright Header Maven Plugin

This project is a Maven plugin that inserts or removes a pre-configured copyright header into source code at build time. The plugin automatically resolves the necessary comment tag to surround the copyright for supported files. For unsupported arbitrary formats, the plugin can be configured to use a user-specified comment tag. The copyright is configured in an xml file called copyright-config.xml where the user can specify the file extension, body and, when applicable, the comment tags. The automatically supported file types include Java, XML, XHTML, and HTML. See the examples below for a custom configuration. Any file that the plugin touches will be backed up in a file called "copyright-plugin-backup" in the projects root, should a file ne

...read more

Get honeypotted? I like spam. Contact Us Contact Us Email Email ar.hp@outlook.com email: ar.hp@outlook.com