Insidious Twitter Botnet is Streaming in Stealth Mode

Recently, I became aware of a prodigious stealth-mode Twitter botnet that contain upwards of 3 million user accounts, alongside two other botnets that total 100,000 bots. Kudos goes to SadBotTrue security researchers who first disclosed botnet findings at their blog earlier this week.

Twitter botnet streaming in stealth mode

Stealth Twitter botnet

According to SadBotTrue, this particular botnet is the most active and most undetectable botnet in existence on Twitter today.

SadBotTrue states at their blog:

All the accounts are protected...

Read More

IoT cam spy needs a bottom-up revolution

I cam spy on you—from weaknesses in camera firmware to creepy messages delivered through baby surveillance systems—the Internet of Things (IoT) continues to present countless challenges as it hovers above the crossroad of security and privacy.

cam spy home
Recently I discovered Reddit poster Jenn & Tonic (J&T). Having initially purchased and returned a Netgear Arlo surveillance cam, J&T can now spy on the new owner—via the use of a previously associated Arlo account.

For the purpose of this article:...

Read More

Down the Darknet Rabbit Hole Again

Darknet rabbit hole

Author note: This originally appeared at the defunct Norse Darkmatters blog during the summer of 2015: Exploring the Dark Recesses of the Deepweb (with minor edits).

. . .

Darknet Rabbit Hole

I’ve been back down the rabbit hole, into the Darknet again and it’s been a hell of a hostile and discordant excursion this time. For those of us who are merely researching the cybercriminal ecosystem, it can become an extremely precarious place to visit sometimes.

I’ve had noxious miscreants jabbering...

Read More

Exploring the Dark Recesses of the Deepweb


Author note: This originally appeared at the defunct Norse Darkmatters blog during the summer of 2015: Exploring the Dark Recesses of the Deepweb (with minor edits).

. . .

Deepweb, Darknet, Darkweb – It’s Deep…

This is my ongoing saga (down the Deepweb rabbit hole) as I journey into the depths of the shadowy underbelly of the underground cybercrime ecosystem. While the black markets are expanding, forums are also evolving.

In Part 1 I questioned deviant mindsets, poked the Onion-pastebin,...

Read More

Darknet Underground Meanderings

Darknet underground

Author note: This originally appeared at the defunct Norse Darkmatters blog during the summer of 2015: Meandering Through the Darknet Underground (with minor edits).

. . .

Darknet Underground

I’ve been meandering through the Darknet underground again, mainly peeking into hidden forums, marketplaces, the onion-pastebin, and the Evil search engine. Along the way, I’ve managed to stumble across a vast array of  premium vendors promoting “fresh” data for sale, amongst other illicit wares.

Read More

6 motivations of cybercriminals–Is it all about the money?

cybercriminal motivations

Performing a Google search (for the past year) using the terms: “cybercrime” AND “hackers” produced over 5 million results. While scanning through search results, headline eye candy produced:

  • Hackers are draining bank accounts via . . .
  • Hackers Trick Email Systems Into Wiring Them Large Sums …
  • Hackers siphon $47 million out of tech company’s accounts …
  • Hackers use virus to steal £20 MILLION from UK bank …
  • We found out how much money hackers actually make …

So, a cyberiminal’s ultimat...

Read More

How to derail a Business Gmail Spam bomb

spam bomb

Last Friday morning an East Coast client (ECC) woke up to find her Gmail business account pummeled with more than 40,000 spam emails—with approximately 150-250 emails bypassing Google’s spam filters to cut up her inbox—this ongoing spam deluge was no laughing matter. With business email delayed and spam consistently pouring in—ECC’s ability to conduct business on Friday was 100 percent crippled.

It flooded my inbox with spam (woke up with 50 spam messages that made it to my inbox and pr...

Read More

You’ve been hacked —what should you do next?


I’ve been hacked a few times, and it is a terrifying position to be in. The last time I recall a major hack was back in 2011 gratis a Malaysian hacktivist. It is unclear how the attacker procured the password to an old Gmail account — that I rarely used — but it was most likely tied to my use of the same weak password across multiple websites. Though these ancient accounts had been long forgotten by me, they morphed into the mode of unrestricted access for the attacker.

Armed with the ini...

Read More

Ransomware: How being prepared and proactive foils the plot


Since the advent of CryptoLocker in 2013, file-encrypting ransomware has become a scourge on the cyberthreat landscape. Whether it is delivered via an email/phishing/spam campaign, a drive-by download, malvertising or a browser exploit kit. Those who are unprepared for this type of attack often pay the ransom or lose all their files. While those who are both prepared and proactive are able to escape the ransom and restore their files via backup.

Ransomware not only poses a threat risk to indivi...

Read More