Monthly Archives: July 2016

Down A Rabbit Hole, Part 2

      1 Comment on Down A Rabbit Hole, Part 2

In the previous post, a run-of-the-mill tech support scam pop-up from the website apple-techsupport[.]online started us on our trip down a rabbit hole. Now I realize that our trip thus far hasn’t been all that unusual. These types of domain relationships are encountered routinely by  malware hunters. However, this is where it gets more unconventional… Here’s our Google search from… Read more »

DionaeaFR – A Window Into Your Honeypot

In my previous post, I discussed installing a Dionaea honeypot to catch malware. If you used MHN (also discussed last time) to deploy your Dionaea instance, you are quite limited by the default interface as to the information that you can display about your honeypot traffic. There are a number “top 5” lists, for instance. You can also get a… Read more »

Let The Malware Come to You – Dionaea Honeypot

In previous posts, I’ve talked about searching for malware. With a honeypot, you can let malware come to you. I recently implemented a Dionaea honeypot. I chose Dionaea because it’s often found at or near the top of lists of malware-gathering honeypots. What I didn’t realize at the time was that it seems like it’s really not officially maintained anymore…. Read more »

Finding Malware On Your Own

In my previous post, I listed a number of websites that offer either malware collections or links to infected sites but what if you want to find your own infected sites (and malware)? Make no mistake, finding malware on your own is generally slow and tedious. One of the best ways that I’ve found to “stumble” upon an infected website… Read more »