Banatrix – an indepth look

15 December 2014 Łukasz Siewierski

Of all of the Polish malware families that we have seen last year, Banatrix seems to be the most technologically advanced one. This malware was used to replace the bank account number in the browser memory, however its implementation allowed an attacker to execute any arbitrary code on the victim’s machine. This was used to extract passwords saved in the Mozilla Firefox browser. On this article we discuss the Banatrix C&C infrastructure and its use of TOR network both to hide the attacker’s identity and to make the botnet takedown a challenge.

Read more

Merry Christmas from the Bailliff Office

3 December 2014 alex

In the last two weeks, the CERT team received multiple reports describing suspicious e-mail messages supposedly coming from the Warszawa Wola (a Warsaw district) Bailiff office. The message contents do not describe the alleged due in detail, thus encouraging the recipient of the message to click on the link described as “Payment Order Photocopy”. Read more

Solution for the ECSM HackMe challenge

28 October 2014 Łukasz Siewierski

In participation with the ECSM initiative we have announced a HackMe challenge. This challenge proved not to be too difficult for our readers and the five fastest Polish winners are:

  1. Mateusz Rek
  2. albercik
  3. Michał Celiński-Mysław
  4. Piotr Kaźmierczak
  5. Łukasz Odzioba

Congratulations! Below is the solution for the challenge. While they are probably many other viable solutions, this one uses only free and accessible software.

Read more

SECURE 2014 CTF – writeups and winners

17 October 2014 T.B.

SECURE 2014 – CTF

15 October 2014 T.B.

ECSM HackMe challenge

13 October 2014 Łukasz Siewierski

Sorry, but this post is not available in English

25 September 2014 Łukasz Siewierski