• News
  • Mobile
  • Security
  • Malware
  • Coding
  • Unix
  • DevOps
  • Log In
  • Sign Up
  • No bullshit
  • Cookie Policy
  • Privacy Policy
Log In / Sign Up

Category: Malware

Malware Reverse Engineering for Beginners: Unpacking Packers and Defeating Protectors
Malware

Malware Reverse Engineering for Beginners: Unpacking Packers and Defeating Protectors

2 weeks ago16/09/2025Ivan Piskunov4270
One of malware authors’ favorite tricks is to use executable packers and protectors. Originally, these tools were fairly mundane: they were meant to shrink compiled binaries or produce demo builds without adding protection to the main code.…
CONTINUE READING 🡒
Hunting Raccoon Stealer: How a Malware Developer’s OPSEC Failure Exposed Him and His Clients
Malware

Hunting Raccoon Stealer: How a Malware Developer’s OPSEC Failure Exposed…

2 weeks ago14/09/2025Pavel Shalin4150
In most cases, actors get unmasked because the malware author makes a basic OPSEC mistake. That’s what happened this time: the Trojan’s developer not only exposed himself but also gave away all his customers—much to the delight…
CONTINUE READING 🡒
Crooked path. New obfuscation techniques for WinAPI calls
Malware

Crooked path. New obfuscation techniques for WinAPI calls

1 month agoMichelleVermishelle2760
All malicious tools try to hide their WinAPI calls: if the program code contains suspicious functions, its execution can be blocked. There are very few documented ways to obfuscate WinAPI calls, but I would like to share with you some promising ideas…
CONTINUE READING 🡒
Windows Malware 101: Creating a Simple Proof-of-Concept in Assembly
Malware

Windows Malware 101: Creating a Simple Proof-of-Concept in Assembly

1 month ago13/09/2025Chris Kaspersky2600
Building viruses is a great reason to learn assembly. And while you can technically write a virus in C, that feels un-hacker-like and just plain wrong. The text that follows is a piece by Chris Kaspersky that…
CONTINUE READING 🡒
Life Without Antivirus: How to Remove Malware Manually and Harden Your System for the Future
Malware

Life Without Antivirus: How to Remove Malware Manually and Harden…

2 months ago23/08/2025Ivan Piskunov1290
When asked “What antivirus do you use on your Windows machine?” many security professionals (including people on our editorial team) answer: none. When massive outbreaks infect hundreds of thousands of computers despite all the latest defense tech,…
CONTINUE READING 🡒
Building a Simple Trojan with Python: A Step-by-Step Guide
Malware

Building a Simple Trojan with Python: A Step-by-Step Guide

3 months ago30/07/2025Valery Linkov1910
In this article, I will explain how to create a basic remote access Trojan using Python, and for added stealth, we'll embed it within a game. Even if you're not familiar with Python, this will help you…
CONTINUE READING 🡒
Defending Windows: DIY Security Without Antivirus Software
Malware

Defending Windows: DIY Security Without Antivirus Software

19.07.202512/07/2025Nik Zerof1270
If you want to protect yourself from viruses, you need an antivirus, right? Not necessarily. Antivirus programs have many shortcomings, so if you use your head and are willing to rely on your own judgment, you can…
CONTINUE READING 🡒
Dumping at nanolevel. How I reinvented SafetyKatz to dump LSASS with NanoDump
Malware

Dumping at nanolevel. How I reinvented SafetyKatz to dump LSASS…

13.06.202523/07/2025snovvcrash3340
This article discusses the covert use of the NanoDump utility from memory (i.e. the simulated attacker doesn’t have a C&C ‘beacon’ on the attacked network node) and compares such an application of NanoDump with the use of SafetyKatz.
CONTINUE READING 🡒
Agent Tesla: Reversing combat malware in Ghidra
Malware

Agent Tesla: Reversing combat malware in Ghidra

15.05.202516/05/2025Nik Zerof1020
Recently I encountered an interesting piece of malware called Agent Tesla. It’s still widespread and actively used by cybercriminals (the analyzed sample was dated 2023). Let’s dissect this remote access trojan and find out what’s hidden inside it.
CONTINUE READING 🡒
Disassembling REvil. The notorious ransomware hides WinAPI calls
Malware

Disassembling REvil. The notorious ransomware hides WinAPI calls

04.08.202008/04/2025Nik Zerof5560
Some unknown hackers have recently attacked Travelex foreign exchange company using REvil ransomware. This trojan employs simple but efficient obfuscation techniques that conceal its WinAPI calls from the victim. Let's see how the encoder works.
CONTINUE READING 🡒
Encoder for Android: сomplete software anatomy
Malware Mobile

Encoder for Android: сomplete software anatomy

12.02.201607/03/2020Andrei Pakhomov4140
Until recently, based on the results of surveys and personal experience, I had the impression that users believe that the value of data stored on a device greatly exceeds the cost of the device itself. Why until…
CONTINUE READING 🡒
Avian influenza. Review of *nix vulnerabilities in 2015
Malware Unix

Avian influenza. Review of *nix vulnerabilities in 2015

22.01.201617/04/2025Martin Prankevich3400
According to cvedetails.com, more than 1,305 vulnerabilities have been found in the Linux core since 1999. Sixty-eight of these were in 2015. Most of them don't cause many problems (they are marked as Local and Low), and…
CONTINUE READING 🡒
How to Handle Malware: Complete Guide. Give it to your younger brother, let him do it himself!
Malware

How to Handle Malware: Complete Guide. Give it to your…

29.12.201517/04/2025Drobotun4090
Numerous times you used to help your friends and people when their PCs fell to onslaught of malware. So did we. But we got pretty sick and tired of all that and pulled out a trump card…
CONTINUE READING 🡒
The Children of CryptoLocker, Part 2. TeslaCrypt, TorLocker, TorrentLocker
Malware

The Children of CryptoLocker, Part 2. TeslaCrypt, TorLocker, TorrentLocker

15.12.201514/12/2015Drobotun3800
The first examples of malware that encrypts files and then demands money for decryption appeared a long time ago. Just remember Trojan.Xorist with its primitive encryption algorithm based on XOR, or Trojan.ArchiveLock written in PureBasic, which used…
CONTINUE READING 🡒
The Children of CryptoLocker, Part 1. Critroni, CryptoWall, DirCrypt
Malware

The Children of CryptoLocker, Part 1. Critroni, CryptoWall, DirCrypt

10.12.201514/12/2015Drobotun5800
The first examples of malware that encrypts files and then demands money for decryption appeared a long time ago. Just remember Trojan.Xorist with its primitive encryption algorithm based on XOR, or Trojan.ArchiveLock written in PureBasic, which used…
CONTINUE READING 🡒
Crypto-Ransomware: Russian Style. Large-scale Research on Russian Ransomware
Malware Security

Crypto-Ransomware: Russian Style. Large-scale Research on Russian Ransomware

19.11.201502/12/2015Fyodor Sinitsyn2960
Nowadays the Russian segment of the Web is not dominated by CryptoWall or CTB-Locker, Russia has seen the formation of an "ecosystem" consisting of other types of ransom trojans, which generally don't enter the global arena. Today,…
CONTINUE READING 🡒
What data Windows 10 sends to Microsoft and how to stop it
Malware Security

What data Windows 10 sends to Microsoft and how to…

14.10.201515/12/2015Hack Mag4158
Since its rise Windows was a natural habitat for all kinds of malware. Now the OS itself seems to have become one big trojan. Right after being installed it starts acting weird. The data flows in rivers…
CONTINUE READING 🡒
Сode injections for Windows applications
Malware

Сode injections for Windows applications

14.10.201528/10/2015Hack Mag5942
Code Injection is a process of injection code (often malicious) into third party application’s memory. A lot of software is using this technique: from malware to game bots. To show this approach, let’s try to execute third…
CONTINUE READING 🡒
How to use WSUS to get control over Windows
Malware Security

How to use WSUS to get control over Windows

14.10.201514/10/2015Alexey Turin3311
This was one of the most interesting attacks showed on Black Hat Las Vegas 2015. Let’s imagine the situation: there’s a large park of Windows computers in a large organization, and they all need to be updated.…
CONTINUE READING 🡒
Malware for OS X: Full Chronicle
Malware

Malware for OS X: Full Chronicle

14.09.201514/10/2015Vladimir Tregubenko3270
The number of malware targeting OS X has been growing along with popularity of this operating system. Few expected it (good protection and the need of root privileges created a sense of security), but now you can…
CONTINUE READING 🡒
1 2 Next »
  • No bullshit
  • Cookie Policy
  • Privacy Policy
HackMag — Top-notch cybersecurity magazine © 2025
Support:support@hackmag.com