15 December 2014 Łukasz Siewierski
Of all of the Polish malware families that we have seen last year, Banatrix seems to be the most technologically advanced one. This malware was used to replace the bank account number in the browser memory, however its implementation allowed an attacker to execute any arbitrary code on the victim’s machine. This was used to extract passwords saved in the Mozilla Firefox browser. On this article we discuss the Banatrix C&C infrastructure and its use of TOR network both to hide the attacker’s identity and to make the botnet takedown a challenge.
3 December 2014 alex
In the last two weeks, the CERT team received multiple reports describing suspicious e-mail messages supposedly coming from the Warszawa Wola (a Warsaw district) Bailiff office. The message contents do not describe the alleged due in detail, thus encouraging the recipient of the message to click on the link described as “Payment Order Photocopy”. Read more
28 October 2014 Łukasz Siewierski
In participation with the ECSM initiative we have announced a HackMe challenge. This challenge proved not to be too difficult for our readers and the five fastest Polish winners are:
- Mateusz Rek
- Michał Celiński-Mysław
- Piotr Kaźmierczak
- Łukasz Odzioba
Congratulations! Below is the solution for the challenge. While they are probably many other viable solutions, this one uses only free and accessible software.